On Thu, Oct 21, 2021 at 9:38 PM Ben Cotton <bcotton@xxxxxxxxxx> wrote:
https://fedoraproject.org/wiki/Changes/retire_NIS_user_space_utils
== Summary ==
This change is about retiring the ypbind, yp-tools, and ypserv
packages, and removal of the {nis,yp}domainname user-space utility
programs from the hostname package.
== Owner ==
* Name: [[User:besser82 | Björn Esser]]
* Email: besser82@xxxxxxxxxxxxxxxxx
== Detailed Description ==
Those utility programs used to be present on virtually any UNIX system
for decades, but are starting to become more and more deprecated.
Also NIS(+) is known for not being secure at all. As we are going to
[https://fedoraproject.org/wiki/Changes/drop_NIS_support_from_PAM
remove the support for NIS(+) in PAM] during this development cycle,
we also should get rid of those.
== Feedback ==
There was some discussion on
[https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/T662DD2FD3YNPTVTOPCYFQRSOQCJWCSZ/
the fedora-devel mailing-list]. Some people are reluctant about the
removal of NIS(+) user-space support, while most are okay with it as
there are more secure alternatives (LDAP, FreeIPA, etc.) available.
The FPL is +1 on doing so.
== Benefit to Fedora ==
With this change we start directing our users and developers to move
away from NIS(+) to secure alternatives like LDAP and/or FreeIPA.
== Scope ==
* Proposal owners:
** Retire the ypbind, yp-tools, and ypserv packages from Fedora.
Have you talked with the maintainers of these packages at all? I can't recall if any of them replied in the RFC thread before, but it would be (in my opinion) very bad form to retire a package without asking for the maintainer's input and opinions.
(It might even be good to get one of/some of the maintainers as change owners on this proposal as well to show they are involved in this).
-Ian
** Remove the {nis,yp}domainname user-space utility programs from the
hostname package.
* Other developers:
** Test this change.
* Release engineering: [https://pagure.io/releng/issue/10352 #10352]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives: N/A
== Upgrade/compatibility impact ==
Users that were relying on support for NIS(+) will need to move to
secure alternatives like LDAP and/or FreeIPA.
== How To Test ==
Check whether the named utility programs are still installed on your
system after upgrading. If they are gone, everything is fine.
== User Experience ==
For some users this change may be a bit disruptive and it may require
some learning curve for switching to alternative solutions.
== Dependencies ==
There are actually no external dependencies.
== Contingency Plan ==
* Contingency mechanism: Unretire the packages and build them for Fedora 36.
* Contingency deadline: At beta freeze.
* Blocks release? Yes.
== Documentation ==
The documentation about those utility programs should be dropped, if
there even is any.
== Release Notes ==
The NIS(+) user-space utility programs have been removed from the distribution.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure