[arch-dev-public] dropping tcp_wrapper support
Jan Steffens
jan.steffens at gmail.com
Tue Jul 12 22:31:15 EDT 2011
On Tue, Jul 12, 2011 at 11:27 PM, Dave Reisner <d at falconindy.com> wrote:
> I'd like to pick up something Dan proposed about a year ago, which is
> dropping support for tcp_wrappers. Its last official upstream release
> was 1997, and we currently add 10 patches to it from 3 different distros
> in order to make it compile, fix bugs, and add features (ipv6). We also
> add in an odd default of ALL: ALL in the config file, meaning that the
> first thing most people do on a new arch system is add a line to
> /etc/hosts.allow along the lines of 'sshd: ALL' (or just delete the
> blanket deny. To my knowledge, there isn't anything tcp_wrappers does
> that iptables can't do more eloquently, and without the need to be
> linked against an external library.
>
> Therefore, I'd like to propose that we just dump this. The rebuild list
> would be small, at 20 packages:
>
> archboot
> dante
> esound
> exim
> gdm
> inetutils
> libmysqlclient
> mailutils
> net-snmp
> nfs-utils
> openldap
> openssh
> quota-tools
> rrdtool
> socat
> stunnel
> syslog-ng
> tftp-hpa
> vsftpd
> xinetd
>
> Is there any pressing reason to hang onto this aging library?
>
> Regards,
> Dave
>
>
I support this.
More information about the arch-dev-public
mailing list