Hi,
On 03/20/2014 07:45 PM, Lennart Poettering wrote:
On Thu, 20.03.14 14:31, Martin Langhoff (martin.langhoff(a)gmail.com)
wrote:
> On Thu, Mar 20, 2014 at 1:34 PM, Lennart Poettering
<mzerqung(a)0pointer.de>wrote:
>
>> I wonder whether it wouldn't be time to say goodbye to tcpwrappers in
>> Fedora. There has been a request in systemd upstream to disable support
>>
>
> As Stephen points out, they are used. Does systemd+xinetd match their
> functionality?
No. systemd is not a firewall. It currently supports libwrap checks for
socket activated services. And I'd really like to get rid of that...
I have no doubt that some people use them, however I am also pretty sure
that they are massively awful, and not worth the trouble, and that I'd
prefer not to see this crap in the default install. However, since the
library is currently hooked into a lot of services (starting with
systemd itself) I currently cannot do "rpm -e".
I mean, I really don't mind that tcpd/tcpwrap stays in the archives, if
people want to make use of that. I am simply proposing to not link
agains them anymore for everything that is in the default system.
So as an innocent bystander who happens to be reading along this thread,
I see 2 sides to the story here:
Lennart says:
1) It is horrible code
2) It really really is horrible horrible code
3) And there are other ways to achieve the same goal, so lets kill it
Others say:
1) There may be other ways but non so easily central managed with with
a unified syntax for all services
The argument which the others are making actually sounds a lot like
a lot of the arguments in favor of systemd (wrt standardizing, etc.).
And I'm getting the feeling that Lennart is not as much opposed to the
functionality of tcp-wrappers, as that he *really* hates the code.
So maybe a solution would be to write a libwrap2 instead ?
So offer something with equivalent functionality (and config file
syntax compatibility), with a nice modern clean API and then systemd
and others can be moved over to that 1 by 1, and once we've no more
users left we can kill of the old beast ?
Note I've nothing to do with anything in this discussion, but I
just noticed a certain trend in it and I hope the above may lead
to a more fruitful discussion.
Regards,
Hans