search

shadow-maint / shadow

Upstream shadow tree
Other
292 stars 228 forks source link

Remove "incomplete" TCB support #1046

Closed zeha closed 2 months ago

zeha commented 2 months ago

Remove Owl TCB support, as:

In the context of #999, reimplementing something incomplete in util-linux does not seem like a good idea to me.

alejandro-colomar commented 2 months ago

I'll let someone else merge. I agree with this, but let's confirm with @hallyn or @ikerexxe .

ikerexxe commented 2 months ago

Are you sure this is an incomplete functionality? I know the configure script states it's incomplete, but that could be a leftover. I'd like to make sure that nobody is using this functionality before removing it.

hallyn commented 2 months ago

Looks like it would need to build against https://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/tcb/tcb/libs/libtcb.c?rev=1.9;content-type=text%2Fplain;only_with_tag=MAIN to get the tcp_drop_priv() etc functions. What distros package those?

alejandro-colomar commented 2 months ago

Here's one: https://madb.mageia.org/package/list/t_search/tcb/application/0.

I found it because it's listed here: https://www.openwall.com/tcb/.

alejandro-colomar commented 2 months ago

Here's another one that I found: https://packages.altlinux.org/en/search/?branch=sisyphus&q=tcb.

alejandro-colomar commented 2 months ago

In Mageia, tcb seems to be unmaintained. In ALTLinux, the maintainer seems to be @ldv-alt .

sem-gh commented 2 months ago

I'm currently a shadow utilities maintainer in ALTLinux. In ALTLinux we have been using TCB for years and the TCB support in shadow-utils certainly works, but our shadow-utils package is heavily patched (not only to support TCB, there are many other ALT-specific patches). I haven’t tested TCB support in shadow without our patches for a long time, but in any case, I would be glad to see working support for TCB in the upstream and can prepare a merge request with the necessary changes. Although I can’t promise that I’ll do this quickly: it will take quite a lot of work to separate our TCB patches from others and may require partialy rewrite them. In the meantime, please do not remove TCB support from shadow

jubalh commented 2 months ago

What distros package ?

According to https://repology.org/project/tcb/versions only:

hallyn commented 1 month ago

I'm currently a shadow utilities maintainer in ALTLinux. In ALTLinux we have been using TCB for years and the TCB support in shadow-utils certainly works, but our shadow-utils package is heavily patched (not only to support TCB, there are many other ALT-specific patches). I haven’t tested TCB support in shadow without our patches for a long time, but in any case, I would be glad to see working support for TCB in the upstream and can prepare a merge request with the necessary changes. Although I can’t promise that I’ll do this quickly: it will take quite a lot of work to separate our TCB patches from others and may require partialy rewrite them. In the meantime, please do not remove TCB support from shadow

Thanks, looking forward to a merge request!