On 22 August 2015 at 17:32, Bruce Dubbs <[email protected]> wrote:
> Richard Melville wrote: > >> On 21 August 2015 at 20:41, Bruce Dubbs <[email protected]> wrote: >> >> Richard Melville wrote: >>> >>> On 21 August 2015 at 19:10, Bruce Dubbs <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> >>>> Richard Melville wrote: >>>> >>>> It was ftp and telnet that I was thinking of, along with rcp, >>>> rexec, >>>> rlogin, rsh and tftp. Surely, ifconfig has been marked as >>>> deprecated >>>> for some time and replaced with iproute2. >>>> >>>> >>>> I agree that the r* programs are obsolete, but the others are >>>> useful >>>> in some circumstances. Many users, including me, expect ifconfig. >>>> Do you know of any distros that do not include ifconfig? >>>> >>>> >>>> Not sure if that was rhetorical, but no, not off hand. Mind you, I >>>> haven't carried out a survey. It's a fair point, but if it comes down >>>> to having to install inetutils just to get ifconfig I'm not sure that >>>> warrants it. If users have the r* programs the likelihood is that they >>>> will use them, even though we all know that they are a security hazard. >>>> Maybe, at least, there should be a health warning in the book. >>>> >>>> >>> Perhaps I'll disable the r* programs, but we still want ftp and telnet. >>> We could add one of the ftp programs like vsftpd, but that goes against >>> the >>> intended minimal set of packages in LFS. I do not know where else the >>> telnet program could be obtained. >>> >> >> >> Of course, there are plenty of issues with ftp and telnet, but I >> understand >> the problem. Quite often we are forced to use these tools by third >> parties: ftp by hosting companies that don't have a decent secure >> framework >> in place, and telnet by wifi router manufacturers, whose cheap and nasty >> routers are foisted upon us by cost-cutting ISPs. >> >> BTW, netkit has ftp and telnet as part of the suite. >> >> With respect to ifconfig, that exists as part of the net-tools package >> which is already in the BLFS book. Can't that be moved to LFS? >> >> To summarise, iputils (in place of inetutils), netkit, and net-tools >> (already in blfs) would be, in my opinion, safer alternatives; no highly >> insecure r* programs. We would only be adding one more package and moving >> another. >> > > I've made changes in my sandbox to remove the r* tools. It will be in my > next commit. > > The telnet program is very useful for testing/debugging, For example, the > telnet program can be used to connect to a http or smtp server to see the > protocol transfer. > > I know of no problems with the ftp client we install and it is useful for > a raw lfs system to get additional packages, even though there are better > ways to do that. > > The last thing I want to do for LFS is to exchange one package for two or > three others just because the ping program does not handle an incorrectly > formatted /etc/hosts file, even if some other implementation does handle > it. I am open to adding a package to BLFS if it is reasonable. I did that > a long time ago for traceroute. I'd be interested to know where it states that an IPv4 and an IPv6 entry in /etc/hosts *cannot* have the same host name. Here's an example of an /etc/hosts file entry from the IBM website using the same host name for both:- Example: 2001:DB8:1:2:3:4:5:6 stsyscon.example.com stsyscon 192.0.2.10 stsyscon.example.com stsyscon Using the above example (but substituting my own host and domain names) I ran some further tests. The results are that *both* inetutils and iputils versions of ping and ping6 return successful packets. However, if the two lines of the /etc/hosts file are reversed, that is, the IPv4 entry *precedes* the IPv6 entry, then the inetutils version of ping6 fails with "unknown host", but the iputils version succeeds. The only conclusion I can draw from this is that the inetutils version of ping (the version used in LFS) has a bug, but the iputils version (now used by most, or all, the distros) does not. Richard
-- http://lists.linuxfromscratch.org/listinfo/lfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page Do not top post on this list. A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? http://en.wikipedia.org/wiki/Posting_style
