FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux Development

 
 
LinkBack Thread Tools
 
Old 07-13-2011, 02:27 AM
Dave Reisner
 
Default dropping tcp_wrapper support

I'd like to pick up something Dan proposed about a year ago, which is
dropping support for tcp_wrappers. Its last official upstream release
was 1997, and we currently add 10 patches to it from 3 different distros
in order to make it compile, fix bugs, and add features (ipv6). We also
add in an odd default of ALL: ALL in the config file, meaning that the
first thing most people do on a new arch system is add a line to
/etc/hosts.allow along the lines of 'sshd: ALL' (or just delete the
blanket deny. To my knowledge, there isn't anything tcp_wrappers does
that iptables can't do more eloquently, and without the need to be
linked against an external library.

Therefore, I'd like to propose that we just dump this. The rebuild list
would be small, at 20 packages:

archboot
dante
esound
exim
gdm
inetutils
libmysqlclient
mailutils
net-snmp
nfs-utils
openldap
openssh
quota-tools
rrdtool
socat
stunnel
syslog-ng
tftp-hpa
vsftpd
xinetd

Is there any pressing reason to hang onto this aging library?

Regards,
Dave
 
Old 07-13-2011, 02:31 AM
Jan Steffens
 
Default dropping tcp_wrapper support

On Tue, Jul 12, 2011 at 11:27 PM, Dave Reisner <d@falconindy.com> wrote:
> I'd like to pick up something Dan proposed about a year ago, which is
> dropping support for tcp_wrappers. Its last official upstream release
> was 1997, and we currently add 10 patches to it from 3 different distros
> in order to make it compile, fix bugs, and add features (ipv6). We also
> add in an odd default of ALL: ALL in the config file, meaning that the
> first thing most people do on a new arch system is add a line to
> /etc/hosts.allow along the lines of 'sshd: ALL' (or just delete the
> blanket deny. To my knowledge, there isn't anything tcp_wrappers does
> that iptables can't do more eloquently, and without the need to be
> linked against an external library.
>
> Therefore, I'd like to propose that we just dump this. The rebuild list
> would be small, at 20 packages:
>
> archboot
> dante
> esound
> exim
> gdm
> inetutils
> libmysqlclient
> mailutils
> net-snmp
> nfs-utils
> openldap
> openssh
> quota-tools
> rrdtool
> socat
> stunnel
> syslog-ng
> tftp-hpa
> vsftpd
> xinetd
>
> Is there any pressing reason to hang onto this aging library?
>
> Regards,
> Dave
>
>

I support this.
 

Thread Tools




All times are GMT. The time now is 02:50 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org