| 1 |
Signed-off-by: David Seifert <soap@g.o> |
| 2 |
--- |
| 3 |
.../2021-08-01-tcpd-disabled.en.txt | 62 +++++++++++++++++++ |
| 4 |
1 file changed, 62 insertions(+) |
| 5 |
create mode 100644 2021-08-01-tcpd-disabled/2021-08-01-tcpd-disabled.en.txt |
| 6 |
|
| 7 |
diff --git a/2021-08-01-tcpd-disabled/2021-08-01-tcpd-disabled.en.txt b/2021-08-01-tcpd-disabled/2021-08-01-tcpd-disabled.en.txt |
| 8 |
new file mode 100644 |
| 9 |
index 0000000..3631de3 |
| 10 |
--- /dev/null |
| 11 |
+++ b/2021-08-01-tcpd-disabled/2021-08-01-tcpd-disabled.en.txt |
| 12 |
@@ -0,0 +1,62 @@ |
| 13 |
+Title: USE=tcpd no longer globally enabled |
| 14 |
+Author: David Seifert <soap@g.o> |
| 15 |
+Posted: 2021-08-01 |
| 16 |
+Revision: 1 |
| 17 |
+News-Item-Format: 2.0 |
| 18 |
+Display-If-Installed: net-analyzer/argus-clients |
| 19 |
+Display-If-Installed: net-ftp/proftpd |
| 20 |
+Display-If-Installed: app-admin/conserver |
| 21 |
+Display-If-Installed: app-admin/prelude-manager |
| 22 |
+Display-If-Installed: app-admin/qpage |
| 23 |
+Display-If-Installed: app-admin/syslog-ng |
| 24 |
+Display-If-Installed: app-backup/bacula |
| 25 |
+Display-If-Installed: app-backup/bareos |
| 26 |
+Display-If-Installed: app-misc/mosquitto |
| 27 |
+Display-If-Installed: dev-libs/yaz |
| 28 |
+Display-If-Installed: gnome-base/gdm |
| 29 |
+Display-If-Installed: mail-mta/exim |
| 30 |
+Display-If-Installed: mail-mta/sendmail |
| 31 |
+Display-If-Installed: media-sound/pulseaudio |
| 32 |
+Display-If-Installed: net-analyzer/argus |
| 33 |
+Display-If-Installed: net-analyzer/net-snmp |
| 34 |
+Display-If-Installed: net-analyzer/nrpe |
| 35 |
+Display-If-Installed: net-analyzer/nsca |
| 36 |
+Display-If-Installed: net-analyzer/rrdtool |
| 37 |
+Display-If-Installed: net-fs/netatalk |
| 38 |
+Display-If-Installed: net-fs/nfs-utils |
| 39 |
+Display-If-Installed: net-ftp/atftp |
| 40 |
+Display-If-Installed: net-ftp/tftp-hpa |
| 41 |
+Display-If-Installed: net-ftp/vsftpd |
| 42 |
+Display-If-Installed: net-irc/ngircd |
| 43 |
+Display-If-Installed: net-mail/cyrus-imapd |
| 44 |
+Display-If-Installed: net-mail/dovecot |
| 45 |
+Display-If-Installed: net-mail/mailutils |
| 46 |
+Display-If-Installed: net-mail/tpop3d |
| 47 |
+Display-If-Installed: net-misc/apt-cacher-ng |
| 48 |
+Display-If-Installed: net-misc/ser2net |
| 49 |
+Display-If-Installed: net-misc/socat |
| 50 |
+Display-If-Installed: net-misc/sslh |
| 51 |
+Display-If-Installed: net-misc/stunnel |
| 52 |
+Display-If-Installed: net-misc/usbip |
| 53 |
+Display-If-Installed: net-nds/openldap |
| 54 |
+Display-If-Installed: net-nds/rpcbind |
| 55 |
+Display-If-Installed: net-nds/tac_plus |
| 56 |
+Display-If-Installed: net-proxy/dante |
| 57 |
+Display-If-Installed: net-vpn/ocserv |
| 58 |
+Display-If-Installed: net-vpn/pptpd |
| 59 |
+Display-If-Installed: sci-libs/dcmtk |
| 60 |
+Display-If-Installed: sys-apps/linux-misc-apps |
| 61 |
+Display-If-Installed: sys-apps/xinetd |
| 62 |
+Display-If-Installed: sys-fs/quota |
| 63 |
+Display-If-Installed: sys-power/nut |
| 64 |
+ |
| 65 |
+On 2021-11-01, we will remove USE="tcpd" from the globally default |
| 66 |
+enabled USE flags. USE="tcpd" usually enables sys-apps/tcp-wrappers |
| 67 |
+for an adhoc firewall based on /etc/hosts.allow and /etc/hosts.deny. |
| 68 |
+ |
| 69 |
+The base system project has come to the conclusion that 24 years after |
| 70 |
+the last upstream release, tcp-wrappers is not relevant in 2021 anymore. |
| 71 |
+Other distributions have completely removed support at this point. If |
| 72 |
+you rely on tcp-wrappers, you can re-enable the flag. We strongly |
| 73 |
+recommend you switch to more modern packet filters, such as BPF, |
| 74 |
+nftables or iptables. |
| 75 |
-- |
| 76 |
2.32.0 |
Archives