Re: git: 0eea46fb1f83 - main - Remove telnetd
- In reply to: Xin LI : "Re: git: 0eea46fb1f83 - main - Remove telnetd"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 28 Sep 2022 23:10:43 UTC
For the list, there's a review stack beginning here:
https://reviews.freebsd.org/D36782
Thanks,
Brooks
On Wed, Sep 28, 2022 at 01:54:46PM -0700, Xin LI wrote:
> This removal is incomplete. Could you please also remove it from e.g.
> usr.sbin/inetd/inetd.conf, release/packages/Makefile.package, bsdbox, and
> mentions in various manual pages?
>
> On Wed, Sep 28, 2022 at 11:54 AM Brooks Davis <brooks@freebsd.org> wrote:
>
> > The branch main has been updated by brooks:
> >
> > URL:
> > https://cgit.FreeBSD.org/src/commit/?id=0eea46fb1f83f6091df92b5f2eae993cd6c2c873
> >
> > commit 0eea46fb1f83f6091df92b5f2eae993cd6c2c873
> > Author: Brooks Davis <brooks@FreeBSD.org>
> > AuthorDate: 2022-09-28 18:53:10 +0000
> > Commit: Brooks Davis <brooks@FreeBSD.org>
> > CommitDate: 2022-09-28 18:53:49 +0000
> >
> > Remove telnetd
> >
> > The telnetd codebase is unmaintained and has a number of quality
> > issues. Telnet has been largely supplanted by ssh. If needed, a port is
> > available (net/freebsd-telnetd), but a more maintained implementation
> > should be prefered.
> >
> > While the telnet client suffers from the same issues, it is deemed
> > to be of lower risk and is required to connect to legacy devices, so
> > it remains.
> >
> > Reviewed by: emaste, imp
> > Differential Revision: https://reviews.freebsd.org/D36620
> > ---
> > ObsoleteFiles.inc | 5 ++++
> > lib/libpam/pam.d/Makefile | 6 -----
> > lib/libpam/pam.d/telnetd | 26 ------------------
> > libexec/Makefile | 5 ----
> > libexec/telnetd/Makefile | 45
> > --------------------------------
> > libexec/telnetd/Makefile.depend | 25 ------------------
> > libexec/telnetd/Makefile.depend.options | 6 -----
> > tools/build/mk/OptionalObsoleteFiles.inc | 3 ---
> > 8 files changed, 5 insertions(+), 116 deletions(-)
> >
> > diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc
> > index 2056b4296a94..0a0c6dfb044a 100644
> > --- a/ObsoleteFiles.inc
> > +++ b/ObsoleteFiles.inc
> > @@ -52,6 +52,11 @@
> > # xargs -n1 | sort | uniq -d;
> > # done
> >
> > +# 20220928: telnetd(8) removed
> > +OLD_FILES+=etc/pam.d/telnetd
> > +OLD_FILES+=usr/libexec/telnetd
> > +OLD_FILES+=usr/share/man/man8/telnetd.8.gz
> > +
> > # 20220914: domain(9) updated
> > OLD_FILES+=usr/share/man/man9/domain_init.9.gz
> > OLD_FILES+=usr/share/man/man9/pfctlinput.9.gz
> > diff --git a/lib/libpam/pam.d/Makefile b/lib/libpam/pam.d/Makefile
> > index 1499f916cb17..da30a4682f53 100644
> > --- a/lib/libpam/pam.d/Makefile
> > +++ b/lib/libpam/pam.d/Makefile
> > @@ -34,10 +34,4 @@ afterinstallconfig:
> > ${INSTALL_LINK} ${TAG_ARGS} ${DESTDIR}${CONFDIR}/ftpd
> > ${DESTDIR}${CONFDIR}/ftp
> > .endif
> >
> > -.if ${MK_TELNET} != "no"
> > -CONFGROUPS+= TELNET
> > -TELNET+= telnetd
> > -TELNETPACKAGE= telnet
> > -.endif
> > -
> > .include <bsd.prog.mk>
> > diff --git a/lib/libpam/pam.d/telnetd b/lib/libpam/pam.d/telnetd
> > deleted file mode 100644
> > index fb2f523d4ad1..000000000000
> > --- a/lib/libpam/pam.d/telnetd
> > +++ /dev/null
> > @@ -1,26 +0,0 @@
> > -#
> > -# $FreeBSD$
> > -#
> > -# PAM configuration for the "telnetd" service
> > -#
> > -
> > -# auth
> > -auth sufficient pam_opie.so no_warn
> > no_fake_prompts
> > -auth requisite pam_opieaccess.so no_warn allow_local
> > -#auth sufficient pam_krb5.so no_warn
> > try_first_pass
> > -#auth sufficient pam_ssh.so no_warn
> > try_first_pass
> > -auth required pam_unix.so no_warn
> > try_first_pass
> > -
> > -# account
> > -account required pam_nologin.so
> > -#account required pam_krb5.so
> > -account required pam_login_access.so
> > -account required pam_unix.so
> > -
> > -# session
> > -#session optional pam_ssh.so want_agent
> > -session required pam_lastlog.so no_fail
> > -
> > -# password
> > -#password sufficient pam_krb5.so no_warn
> > try_first_pass
> > -password required pam_unix.so no_warn
> > try_first_pass
> > diff --git a/libexec/Makefile b/libexec/Makefile
> > index 1b41ae81565c..8d7565fe3ee5 100644
> > --- a/libexec/Makefile
> > +++ b/libexec/Makefile
> > @@ -27,7 +27,6 @@ SUBDIR= ${_atf} \
> > ${_rtld-elf} \
> > save-entropy \
> > ${_smrsh} \
> > - ${_telnetd} \
> > ${_tests} \
> > ${_tftp-proxy} \
> > ulog-helper \
> > @@ -104,10 +103,6 @@ SUBDIR+= talkd
> > SUBDIR+= tcpd
> > .endif
> >
> > -.if ${MK_TELNET} != "no"
> > -_telnetd= telnetd
> > -.endif
> > -
> > .if ${MK_TFTP} != "no"
> > SUBDIR+= tftpd
> > .endif
> > diff --git a/libexec/telnetd/Makefile b/libexec/telnetd/Makefile
> > deleted file mode 100644
> > index 09136d360a71..000000000000
> > --- a/libexec/telnetd/Makefile
> > +++ /dev/null
> > @@ -1,45 +0,0 @@
> > -# $FreeBSD$
> > -
> > -# Do not define -DKLUDGELINEMODE, as it does not interact well with many
> > -# telnet implementations.
> > -
> > -.include <src.opts.mk>
> > -
> > -PACKAGE= telnet
> > -
> > -TELNETDIR= ${SRCTOP}/contrib/telnet
> > -.PATH: ${TELNETDIR}/telnetd
> > -
> > -PROG= telnetd
> > -MAN= telnetd.8
> > -
> > -SRCS= global.c slc.c state.c sys_term.c telnetd.c \
> > - termstat.c utility.c
> > -
> > -WARNS?= 2
> > -WFORMAT?= 0
> > -
> > -CFLAGS+= -DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON \
> > - -DENV_HACK -DSTREAMSPTY
> > -
> > -.if ${MK_INET6_SUPPORT} != "no"
> > -CFLAGS+= -DINET6
> > -.endif
> > -
> > -CFLAGS+= -I${TELNETDIR}
> > -CFLAGS+= -I${TELNETDIR}/telnet
> > -
> > -LIBADD= telnet util tinfow
> > -
> > -.if ${MK_OPENSSL} != "no"
> > -SRCS+= authenc.c
> > -CFLAGS+= -DAUTHENTICATION -DENCRYPTION
> > -LIBADD+= mp crypto pam
> > -.endif
> > -
> > -.if ${MK_KERBEROS_SUPPORT} != "no"
> > -CFLAGS+= -DKRB5 -DFORWARD -Dnet_write=telnet_net_write
> > -LIBADD+= krb5 roken
> > -.endif
> > -
> > -.include <bsd.prog.mk>
> > diff --git a/libexec/telnetd/Makefile.depend
> > b/libexec/telnetd/Makefile.depend
> > deleted file mode 100644
> > index 60b7e4479a3f..000000000000
> > --- a/libexec/telnetd/Makefile.depend
> > +++ /dev/null
> > @@ -1,25 +0,0 @@
> > -# $FreeBSD$
> > -# Autogenerated - do NOT edit!
> > -
> > -DIRDEPS = \
> > - include \
> > - include/arpa \
> > - include/xlocale \
> > - lib/${CSU_DIR} \
> > - lib/libc \
> > - lib/libcom_err \
> > - lib/libcompiler_rt \
> > - lib/libcrypt \
> > - lib/libmp \
> > - lib/libpam/libpam \
> > - lib/libtelnet \
> > - lib/libthr \
> > - lib/libutil \
> > - lib/ncurses/ncursesw \
> > -
> > -
> > -.include <dirdeps.mk>
> > -
> > -.if ${DEP_RELDIR} == ${_DEP_RELDIR}
> > -# local dependencies - needed for -jN in clean tree
> > -.endif
> > diff --git a/libexec/telnetd/Makefile.depend.options
> > b/libexec/telnetd/Makefile.depend.options
> > deleted file mode 100644
> > index 4c4ba810c0e2..000000000000
> > --- a/libexec/telnetd/Makefile.depend.options
> > +++ /dev/null
> > @@ -1,6 +0,0 @@
> > -# $FreeBSD$
> > -# This file is not autogenerated - take care!
> > -
> > -DIRDEPS_OPTIONS= KERBEROS_SUPPORT OPENSSL
> > -
> > -.include <dirdeps-options.mk>
> > diff --git a/tools/build/mk/OptionalObsoleteFiles.inc
> > b/tools/build/mk/OptionalObsoleteFiles.inc
> > index 1bcc0d2d80bc..4145859f21cd 100644
> > --- a/tools/build/mk/OptionalObsoleteFiles.inc
> > +++ b/tools/build/mk/OptionalObsoleteFiles.inc
> > @@ -8242,11 +8242,8 @@ OLD_FILES+=usr/share/nls/uk_UA.UTF-8/tcsh.cat
> > .endif
> >
> > .if ${MK_TELNET} == no
> > -OLD_FILES+=etc/pam.d/telnetd
> > OLD_FILES+=usr/bin/telnet
> > -OLD_FILES+=usr/libexec/telnetd
> > OLD_FILES+=usr/share/man/man1/telnet.1.gz
> > -OLD_FILES+=usr/share/man/man8/telnetd.8.gz
> > .endif
> >
> > .if ${MK_TESTS} == yes
> >