Richard Melville wrote:
On 22 August 2015 at 17:32, Bruce Dubbs <[email protected]> wrote:
Richard Melville wrote:
On 21 August 2015 at 20:41, Bruce Dubbs <[email protected]> wrote:
Richard Melville wrote:
On 21 August 2015 at 19:10, Bruce Dubbs <[email protected]
<mailto:[email protected]>> wrote:
Richard Melville wrote:
It was ftp and telnet that I was thinking of, along with rcp,
rexec,
rlogin, rsh and tftp. Surely, ifconfig has been marked as
deprecated
for some time and replaced with iproute2.
I agree that the r* programs are obsolete, but the others are
useful
in some circumstances. Many users, including me, expect ifconfig.
Do you know of any distros that do not include ifconfig?
Not sure if that was rhetorical, but no, not off hand. Mind you, I
haven't carried out a survey. It's a fair point, but if it comes down
to having to install inetutils just to get ifconfig I'm not sure that
warrants it. If users have the r* programs the likelihood is that they
will use them, even though we all know that they are a security hazard.
Maybe, at least, there should be a health warning in the book.
Perhaps I'll disable the r* programs, but we still want ftp and telnet.
We could add one of the ftp programs like vsftpd, but that goes against
the
intended minimal set of packages in LFS. I do not know where else the
telnet program could be obtained.
Of course, there are plenty of issues with ftp and telnet, but I
understand
the problem. Quite often we are forced to use these tools by third
parties: ftp by hosting companies that don't have a decent secure
framework
in place, and telnet by wifi router manufacturers, whose cheap and nasty
routers are foisted upon us by cost-cutting ISPs.
BTW, netkit has ftp and telnet as part of the suite.
With respect to ifconfig, that exists as part of the net-tools package
which is already in the BLFS book. Can't that be moved to LFS?
To summarise, iputils (in place of inetutils), netkit, and net-tools
(already in blfs) would be, in my opinion, safer alternatives; no highly
insecure r* programs. We would only be adding one more package and moving
another.
I've made changes in my sandbox to remove the r* tools. It will be in my
next commit.
The telnet program is very useful for testing/debugging, For example, the
telnet program can be used to connect to a http or smtp server to see the
protocol transfer.
I know of no problems with the ftp client we install and it is useful for
a raw lfs system to get additional packages, even though there are better
ways to do that.
The last thing I want to do for LFS is to exchange one package for two or
three others just because the ping program does not handle an incorrectly
formatted /etc/hosts file, even if some other implementation does handle
it. I am open to adding a package to BLFS if it is reasonable. I did that
a long time ago for traceroute.
I'd be interested to know where it states that an IPv4 and an IPv6 entry
in /etc/hosts *cannot* have the same host name.
OK, I did some research and multiple names are supported in
getaddrinfo(). The calling program must then extract the appropriate
information from the array of struct addrinfo that is returned.
I'm open to disabling ping/ping6 in inetutils and adding another package
to replace them, but I need to get someone to figure the procedure (I
can do the xml). The iputils package does not ship built man pages or
documentation and they cannot be built in the LFS environment. They
would need to be built externally and have LFS include them in a
separate tarball like we used to do with eudev.
We are not restricted to the iputils package. Another package that has
the proper programs is acceptable.
This is a corner case and will not go into LFS 7.8, but can go into -dev
after the 7.8 release.
-- Bruce
--
http://lists.linuxfromscratch.org/listinfo/lfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
Do not top post on this list.
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?
http://en.wikipedia.org/wiki/Posting_style
