Gentoo Archives: gentoo-dev

From:	David Seifert <soap@g.o>
To:	gentoo-dev@l.g.o
Cc:	David Seifert <soap@g.o>
Subject:	[gentoo-dev] [PATCH v2] 2021-08-01-tcpd-disabled: Remove USE=tcpd from make.defaults
Date:	Thu, 29 Jul 2021 20:40:59
Message-Id:	`20210729204042.630737-1-soap@gentoo.org`

1	Signed-off-by: David Seifert <soap@g.o>
2	---
3	.../2021-08-01-tcpd-disabled.en.txt \| 68 +++++++++++++++++++
4	1 file changed, 68 insertions(+)
5	create mode 100644 2021-08-01-tcpd-disabled/2021-08-01-tcpd-disabled.en.txt
6
7	diff --git a/2021-08-01-tcpd-disabled/2021-08-01-tcpd-disabled.en.txt b/2021-08-01-tcpd-disabled/2021-08-01-tcpd-disabled.en.txt
8	new file mode 100644
9	index 0000000..977be80
10	--- /dev/null
11	+++ b/2021-08-01-tcpd-disabled/2021-08-01-tcpd-disabled.en.txt
12	@@ -0,0 +1,68 @@
13	+Title: USE=tcpd no longer globally enabled
14	+Author: David Seifert <soap@g.o>
15	+Posted: 2021-08-01
16	+Revision: 1
17	+News-Item-Format: 2.0
18	+Display-If-Profile: default/linux/*
19	+Display-If-Installed: net-analyzer/argus-clients[tcpd]
20	+Display-If-Installed: net-ftp/proftpd[tcpd]
21	+Display-If-Installed: app-admin/conserver[tcpd]
22	+Display-If-Installed: app-admin/prelude-manager[tcpd]
23	+Display-If-Installed: app-admin/qpage[tcpd]
24	+Display-If-Installed: app-admin/syslog-ng[tcpd]
25	+Display-If-Installed: app-backup/bacula[tcpd]
26	+Display-If-Installed: app-backup/bareos[tcpd]
27	+Display-If-Installed: app-misc/mosquitto[tcpd]
28	+Display-If-Installed: dev-libs/yaz[tcpd]
29	+Display-If-Installed: gnome-base/gdm[tcpd]
30	+Display-If-Installed: mail-mta/exim[tcpd]
31	+Display-If-Installed: mail-mta/sendmail[tcpd]
32	+Display-If-Installed: media-sound/pulseaudio[tcpd]
33	+Display-If-Installed: net-analyzer/argus[tcpd]
34	+Display-If-Installed: net-analyzer/net-snmp[tcpd]
35	+Display-If-Installed: net-analyzer/nrpe[tcpd]
36	+Display-If-Installed: net-analyzer/nsca[tcpd]
37	+Display-If-Installed: net-analyzer/rrdtool[tcpd]
38	+Display-If-Installed: net-fs/netatalk[tcpd]
39	+Display-If-Installed: net-fs/nfs-utils[tcpd]
40	+Display-If-Installed: net-ftp/atftp[tcpd]
41	+Display-If-Installed: net-ftp/tftp-hpa[tcpd]
42	+Display-If-Installed: net-ftp/vsftpd[tcpd]
43	+Display-If-Installed: net-irc/ngircd[tcpd]
44	+Display-If-Installed: net-mail/cyrus-imapd[tcpd]
45	+Display-If-Installed: net-mail/dovecot[tcpd]
46	+Display-If-Installed: net-mail/mailutils[tcpd]
47	+Display-If-Installed: net-mail/tpop3d[tcpd]
48	+Display-If-Installed: net-misc/apt-cacher-ng[tcpd]
49	+Display-If-Installed: net-misc/ser2net[tcpd]
50	+Display-If-Installed: net-misc/socat[tcpd]
51	+Display-If-Installed: net-misc/sslh[tcpd]
52	+Display-If-Installed: net-misc/stunnel[tcpd]
53	+Display-If-Installed: net-misc/usbip[tcpd]
54	+Display-If-Installed: net-nds/openldap[tcpd]
55	+Display-If-Installed: net-nds/rpcbind[tcpd]
56	+Display-If-Installed: net-nds/tac_plus[tcpd]
57	+Display-If-Installed: net-proxy/dante[tcpd]
58	+Display-If-Installed: net-vpn/ocserv[tcpd]
59	+Display-If-Installed: net-vpn/pptpd[tcpd]
60	+Display-If-Installed: sci-libs/dcmtk[tcpd]
61	+Display-If-Installed: sys-apps/linux-misc-apps[tcpd]
62	+Display-If-Installed: sys-apps/xinetd[tcpd]
63	+Display-If-Installed: sys-fs/quota[tcpd]
64	+Display-If-Installed: sys-power/nut[tcpd]
65	+
66	+On 2021-11-01, we will remove USE="tcpd" from the globally default
67	+enabled USE flags (bug #805077). USE="tcpd" usually enables
68	+sys-apps/tcp-wrappers for an ad hoc firewall based on /etc/hosts.allow
69	+and /etc/hosts.deny.
70	+
71	+The Base System project has come to the conclusion that 24 years after
72	+the last upstream release, tcp-wrappers is not suitable for a default
73	+configuration in 2021 anymore. Other distributions have completely
74	+removed support at this point. We strongly recommend you switch to more
75	+modern packet filters, such as BPF, nftables, or iptables. If you rely
76	+on tcp-wrappers, you can re-enable the flag, see
77	+
78	+ https://wiki.gentoo.org/wiki//etc/portage/package.use
79	+
80	+for package-specific ways to re-enable tcp-wrappers.
81	--
82	2.32.0

Replies

Subject	Author
Re: [gentoo-dev] [PATCH v2] 2021-08-01-tcpd-disabled: Remove USE=tcpd from make.defaults	Alexey Sokolov <alexey+gentoo@××××××××.org>

Report Message

Find on MARC Find on Google Groups