Hi, On 03/20/2014 07:45 PM, Lennart Poettering wrote: > On Thu, 20.03.14 14:31, Martin Langhoff (martin.langhoff@xxxxxxxxx) wrote: > >> On Thu, Mar 20, 2014 at 1:34 PM, Lennart Poettering <mzerqung@xxxxxxxxxxx>wrote: >> >>> I wonder whether it wouldn't be time to say goodbye to tcpwrappers in >>> Fedora. There has been a request in systemd upstream to disable support >>> >> >> As Stephen points out, they are used. Does systemd+xinetd match their >> functionality? > > No. systemd is not a firewall. It currently supports libwrap checks for > socket activated services. And I'd really like to get rid of that... > > I have no doubt that some people use them, however I am also pretty sure > that they are massively awful, and not worth the trouble, and that I'd > prefer not to see this crap in the default install. However, since the > library is currently hooked into a lot of services (starting with > systemd itself) I currently cannot do "rpm -e". > > I mean, I really don't mind that tcpd/tcpwrap stays in the archives, if > people want to make use of that. I am simply proposing to not link > agains them anymore for everything that is in the default system. So as an innocent bystander who happens to be reading along this thread, I see 2 sides to the story here: Lennart says: 1) It is horrible code 2) It really really is horrible horrible code 3) And there are other ways to achieve the same goal, so lets kill it Others say: 1) There may be other ways but non so easily central managed with with a unified syntax for all services The argument which the others are making actually sounds a lot like a lot of the arguments in favor of systemd (wrt standardizing, etc.). And I'm getting the feeling that Lennart is not as much opposed to the functionality of tcp-wrappers, as that he *really* hates the code. So maybe a solution would be to write a libwrap2 instead ? So offer something with equivalent functionality (and config file syntax compatibility), with a nice modern clean API and then systemd and others can be moved over to that 1 by 1, and once we've no more users left we can kill of the old beast ? Note I've nothing to do with anything in this discussion, but I just noticed a certain trend in it and I hope the above may lead to a more fruitful discussion. Regards, Hans -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
