From matthias.andree@web.de  Thu Dec 27 15:26:50 2001
Return-Path: <matthias.andree@web.de>
Received: from krusty.e-technik.uni-dortmund.de (krusty.E-Technik.Uni-Dortmund.DE [129.217.163.1])
	by hub.freebsd.org (Postfix) with ESMTP
	id 1C81237B416; Thu, 27 Dec 2001 15:26:45 -0800 (PST)
Received: from emma1.emma.line.org (krusty.dt.e-technik.uni-dortmund.de [129.217.163.1])
	by krusty.e-technik.uni-dortmund.de (Postfix) with ESMTP
	id 0ED57A3826; Fri, 28 Dec 2001 00:26:42 +0100 (CET)
Received: from freebsd.emma.line.org (freebsd.emma.line.org [192.168.0.4])
	by emma1.emma.line.org (Postfix) with ESMTP
	id 86B00A2003; Fri, 28 Dec 2001 00:26:41 +0100 (CET)
Received: by freebsd.emma.line.org (Postfix, from userid 500)
	id B7FED2D30F; Fri, 28 Dec 2001 00:26:39 +0100 (CET)
Message-Id: <20011227232639.B7FED2D30F@freebsd.emma.line.org>
Date: Fri, 28 Dec 2001 00:26:39 +0100 (CET)
From: Matthias Andree <matthias.andree@web.de>
Reply-To: Matthias Andree <matthias.andree@web.de>
To: FreeBSD-gnats-submit@freebsd.org
Cc: cjc@freebsd.org
Subject: FreeBSD base system does not install tcpd
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         33261
>Category:       misc
>Synopsis:       FreeBSD base system does not install tcpd
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    dwmalone
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Dec 27 15:30:01 PST 2001
>Closed-Date:    Thu Sep 05 10:34:09 PDT 2002
>Last-Modified:  Thu Sep 05 10:34:09 PDT 2002
>Originator:     Matthias Andree
>Release:        FreeBSD 4.5-PRERELEASE i386
>Organization:
>Environment:
System: FreeBSD freebsd.emma.line.org 4.5-PRERELEASE FreeBSD 4.5-PRERELEASE #0: Thu Dec 27 17:45:41 CET 2001 root@freebsd.emma.line.org:/usr/obj/usr/src/sys/M2A2 i386


	
>Description:
tcpd and its manual page (part of tcp_wrappers by Wietse Venema) are
not installed by make buildworld && make installworld

tcpd should be compiled with -DHOSTS_OPTIONS and be installed into
/usr/sbin.

tcp_wrappers are claimed part of the base system and contained in the
contrib subtree.

** NOTE: THIS IS A BUG REPORT AGAINST THE BASE SYSTEM, NOT THE PORTS TREE. **

PR #misc/33257 already reported this, but had been closed by
cjc@freebsd.org after a misunderstanding.

NOTE #2: Any argumentation that tcpd was deliberately left out is bogus:

1. The user may want to run inetd without -w to wrap only some services.

2. The user may want to run a super server that is not libwrap aware (other
than inetd, from ports e. g.), and thus should be able to use tcpd.

Therefore, tcpd should be installed.
	
>How-To-Repeat:
make buildworld && make installworld ; ls /usr/sbin
	
>Fix:
Fix the base system.
	


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->dwmalone 
Responsible-Changed-By: dwmalone 
Responsible-Changed-When: Fri Dec 28 05:21:03 PST 2001 
Responsible-Changed-Why:  
As you know, tcpd is not installed in the base system because its 
functionality is built into inetd. If you want to run some services 
wrapped and some unwrapped then it is simple to do this by adding 
apropriate allow rules (at the top of) hosts.allow. Alternatively, 
you can run a second copy of inetd without wrapping. 

If you want to install something from ports with which you want to 
use tcpd then you can build tcpd from ports for from the main source 
tree. It might be useful to have some infrasturcture to do this, 
but I believe most users who have enough knowlege to decide they 
want to use tcpd with tcpserver are capable of building tcpd in one 
of the ways I have mentioned. 

(Besides, wouldn't using tcpd with tcpserver be some sort of religious 
travisty ;-) 

As you point out in -stable, tcpd is a very small program and it 
wouldn't take up much space we shipped it with the base system.  My 
main fear would be that it would cause more confusion about how tcp 
wrapping works. People would accidently use both tcpd's and inetd's 
wrapping and get unexpected effects. We could get around this by 
adding "tcpd: ALL: allow" to the top of the default hosts.allow, 
but this is likely to cause even move confusion about hosts.allow. 


http://www.FreeBSD.org/cgi/query-pr.cgi?pr=33261 

From: Sheldon Hearn <sheldonh@starjuice.net>
To: dwmalone@FreeBSD.org
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: misc/33261: FreeBSD base system does not install tcpd 
Date: Sun, 30 Dec 2001 14:21:56 +0200

 On Fri, 28 Dec 2001 05:21:26 PST, dwmalone@FreeBSD.org wrote:
 
 > Responsible-Changed-From-To: freebsd-bugs->dwmalone
 > Responsible-Changed-By: dwmalone
 > Responsible-Changed-When: Fri Dec 28 05:21:03 PST 2001
 > Responsible-Changed-Why: 
 
 Not closed? :-)
 
 Okay, then I suggest a tcpd(8) manual page that explains that inetd(8)
 has built-in wrapper support and that a tcpd binary is not shipped with
 the base system.
 
 Ciao,
 Sheldon.

From: Sheldon Hearn <sheldonh@starjuice.net>
To: dwmalone@FreeBSD.org
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: misc/33261: FreeBSD base system does not install tcpd 
Date: Sun, 30 Dec 2001 14:22:51 +0200

 On Sun, 30 Dec 2001 14:21:56 +0200, Sheldon Hearn wrote:
 
 > Not closed? :-)
 > 
 > Okay, then I suggest a tcpd(8) manual page that explains that inetd(8)
 > has built-in wrapper support and that a tcpd binary is not shipped with
 > the base system.
 
 Ignore that...  I see the PR is already closed.  I thought you'd left it
 open because you thought more action was required.
 
 Ciao,
 Sheldon.
State-Changed-From-To: open->closed 
State-Changed-By: dwmalone 
State-Changed-When: Thu Sep 5 10:33:33 PDT 2002 
State-Changed-Why:  
tcpd is now built for -stable and -current. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=33261 
>Unformatted:
