On 20 March 2014 13:55, Hans de Goede <hdego...@redhat.com> wrote: > Hi, > > On 03/20/2014 07:45 PM, Lennart Poettering wrote: > > On Thu, 20.03.14 14:31, Martin Langhoff (martin.langh...@gmail.com) > wrote: > > > >> On Thu, Mar 20, 2014 at 1:34 PM, Lennart Poettering < > mzerq...@0pointer.de>wrote: > >> > >>> I wonder whether it wouldn't be time to say goodbye to tcpwrappers in > >>> Fedora. There has been a request in systemd upstream to disable support > >>> > >> > >> As Stephen points out, they are used. Does systemd+xinetd match their > >> functionality? > > > > No. systemd is not a firewall. It currently supports libwrap checks for > > socket activated services. And I'd really like to get rid of that... > > > > I have no doubt that some people use them, however I am also pretty sure > > that they are massively awful, and not worth the trouble, and that I'd > > prefer not to see this crap in the default install. However, since the > > library is currently hooked into a lot of services (starting with > > systemd itself) I currently cannot do "rpm -e". > > > > I mean, I really don't mind that tcpd/tcpwrap stays in the archives, if > > people want to make use of that. I am simply proposing to not link > > agains them anymore for everything that is in the default system. > > So as an innocent bystander who happens to be reading along this thread, > I see 2 sides to the story here: > > Lennart says: > 1) It is horrible code > 2) It really really is horrible horrible code > 3) And there are other ways to achieve the same goal, so lets kill it > > Others say: > 1) There may be other ways but non so easily central managed with with > a unified syntax for all services > > The argument which the others are making actually sounds a lot like > a lot of the arguments in favor of systemd (wrt standardizing, etc.). > > And I'm getting the feeling that Lennart is not as much opposed to the > functionality of tcp-wrappers, as that he *really* hates the code. > > So maybe a solution would be to write a libwrap2 instead ? > > So offer something with equivalent functionality (and config file > syntax compatibility), with a nice modern clean API and then systemd > and others can be moved over to that 1 by 1, and once we've no more > users left we can kill of the old beast ? > > Note I've nothing to do with anything in this discussion, but I > just noticed a certain trend in it and I hope the above may lead > to a more fruitful discussion. >
Yes I agree Hans. I think this is the rational and correct course. I also realize that it isn't Lennart's job to do so even if I wish he would. -- Stephen J Smoogen.
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
