-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/20/2014 01:55 PM, Hans de Goede wrote: > Hi, > > On 03/20/2014 07:45 PM, Lennart Poettering wrote: >> On Thu, 20.03.14 14:31, Martin Langhoff >> (martin.langhoff@xxxxxxxxx) wrote: >> >>> On Thu, Mar 20, 2014 at 1:34 PM, Lennart Poettering >>> <mzerqung@xxxxxxxxxxx>wrote: >>> >>>> I wonder whether it wouldn't be time to say goodbye to >>>> tcpwrappers in Fedora. There has been a request in systemd >>>> upstream to disable support >>>> >>> >>> As Stephen points out, they are used. Does systemd+xinetd match >>> their functionality? >> >> No. systemd is not a firewall. It currently supports libwrap >> checks for socket activated services. And I'd really like to get >> rid of that... >> >> I have no doubt that some people use them, however I am also >> pretty sure that they are massively awful, and not worth the >> trouble, and that I'd prefer not to see this crap in the default >> install. However, since the library is currently hooked into a >> lot of services (starting with systemd itself) I currently cannot >> do "rpm -e". >> >> I mean, I really don't mind that tcpd/tcpwrap stays in the >> archives, if people want to make use of that. I am simply >> proposing to not link agains them anymore for everything that is >> in the default system. > > So as an innocent bystander who happens to be reading along this > thread, I see 2 sides to the story here: > > Lennart says: 1) It is horrible code 2) It really really is > horrible horrible code 3) And there are other ways to achieve the > same goal, so lets kill it > > Others say: 1) There may be other ways but non so easily central > managed with with a unified syntax for all services > > The argument which the others are making actually sounds a lot > like a lot of the arguments in favor of systemd (wrt standardizing, > etc.). > > And I'm getting the feeling that Lennart is not as much opposed to > the functionality of tcp-wrappers, as that he *really* hates the > code. > > So maybe a solution would be to write a libwrap2 instead ? > > So offer something with equivalent functionality (and config file > syntax compatibility), with a nice modern clean API and then > systemd and others can be moved over to that 1 by 1, and once we've > no more users left we can kill of the old beast ? > > Note I've nothing to do with anything in this discussion, but I > just noticed a certain trend in it and I hope the above may lead to > a more fruitful discussion. > > Regards, > > Hans > Hans, Now that is just too entirely rational ;). This sounds like a wonderful solution, but someone has to be willing to write the thing. - -Erinn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJTK0hrAAoJEFg7BmJL2iPOsnwH/0q5Kf7GvOMKaAemk9y/mYmE nsB0QHt8nVhWTOd+T4O726loBZlE5pEzhdFTseIROYsmrSsKaKl7DR44CuVSOyXp q0+TDkT17YxpbrM1OqZWFVW3osbvQo2dohgwaCovviOOiKKHprSC/teTRJ3eKjZI B1Ymw6PnxzAdyNkrisWqgSpTCCTKvqCLDqLXVRLpC8K/3rj5IY7h8CPg2Ny3ORZI vL6bP4cAfvdS3wmKeSSIPzvRroPORSWTVJ3IOkvX3NBuWweaIh5nxqP1kiLbkx5G a8akc48Lhq1DKD0L7aAOHzPb4gtBDw6YnkJu6soCBA0eguRUhyMSMMwrcZBqkoI= =k0nE -----END PGP SIGNATURE----- -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
