[arch-dev-public] dropping tcp_wrapper support
Allan McRae
allan at archlinux.org
Tue Jul 12 22:55:51 EDT 2011
On 13/07/11 12:27, Dave Reisner wrote:
> I'd like to pick up something Dan proposed about a year ago, which is
> dropping support for tcp_wrappers. Its last official upstream release
> was 1997, and we currently add 10 patches to it from 3 different distros
> in order to make it compile, fix bugs, and add features (ipv6). We also
> add in an odd default of ALL: ALL in the config file, meaning that the
> first thing most people do on a new arch system is add a line to
> /etc/hosts.allow along the lines of 'sshd: ALL' (or just delete the
> blanket deny. To my knowledge, there isn't anything tcp_wrappers does
> that iptables can't do more eloquently, and without the need to be
> linked against an external library.
>
> Therefore, I'd like to propose that we just dump this. The rebuild list
> would be small, at 20 packages:
>
> archboot
> dante
> esound
> exim
> gdm
> inetutils
> libmysqlclient
> mailutils
> net-snmp
> nfs-utils
> openldap
> openssh
> quota-tools
> rrdtool
> socat
> stunnel
> syslog-ng
> tftp-hpa
> vsftpd
> xinetd
>
> Is there any pressing reason to hang onto this aging library?
>
For reference:
Dan's original email about this:
http://mailman.archlinux.org/pipermail/arch-dev-public/2010-September/017872.html
and the follow-up a few months later:
http://mailman.archlinux.org/pipermail/arch-dev-public/2010-December/018754.html
Given the lack of strong opinion either way last time, I'd lean on
dropping the package just because it seems to have no upstream
development and all the patching that is required. So just create a
rebuild list and get as many of those packages rebuilt without
tcp_wrappers and go from there.
Allan
More information about the arch-dev-public
mailing list