FS#7096 - Portmap doesn't use tcpwrapper

Attached to Project: Arch Linux
Opened by Olivier Médoc (oliv) - Tuesday, 08 May 2007, 10:13 GMT
Last edited by Allan McRae (Allan) - Thursday, 25 December 2008, 06:04 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Tom Killian (tomk)
Architecture All
Severity Medium
Priority High
Reported Version 0.8 Voodoo
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

I found today that portmap isn't linked with libwrap, and access isn't ruled by /etc/hosts.deny

I don't know if it's a bug but most of servers are using libwrap in arch linux (ssh, ldap, ...).
This task depends upon

Closed by  Allan McRae (Allan)
Thursday, 25 December 2008, 06:04 GMT
Reason for closing:  Fixed
Additional comments about closing:  Also, no response from submitter to status query.
Comment by Attila (attila) - Tuesday, 08 May 2007, 20:22 GMT
You can get it if you change the make line in the PKGBUILD to:

WRAP_LIB=/usr/lib/libwrap.a make || return 1

Than ldd results the same as i can see on my server with opensuse and i suggest this or another way to get portmap linked dynamically against tcp-wrapper library
Comment by Glenn Matthys (RedShift) - Thursday, 19 June 2008, 11:24 GMT
Status: Not implemented in portmap 6.0-2 in extra. No package in testing.

(By the way, aren't those .a files from libtool? We don't (or try) not to use those anymore?)
Comment by Jan de Groot (JGC) - Thursday, 19 June 2008, 12:28 GMT
Programs should link dynamic where possible, so it should be /usr/lib/libwrap.so or just -lwrap instead. The static .a files don't belong to libtool, they're just normal static compiled libraries and should not be removed from many packages.
Comment by Glenn Matthys (RedShift) - Friday, 18 July 2008, 15:38 GMT
Status: Not implemented in portmap 6.0-2 in extra. No package in testing.
Comment by Tom Killian (tomk) - Saturday, 29 November 2008, 12:12 GMT
Uhmm...
$ ldd $(which portmap)
linux-vdso.so.1 => (0x00007fff9a1fe000)
==> libwrap.so.0 => /usr/lib/libwrap.so.0 (0x00007f1391d20000) <==
libc.so.6 => /lib/libc.so.6 (0x00007f13919cc000)
libnsl.so.1 => /lib/libnsl.so.1 (0x00007f13917b4000)
/lib/ld-linux-x86-64.so.2 (0x00007f1391f28000)
$ pacman -Q portmap
portmap 6.0-2

Olivier - if you're still around, and you still have this problem, let me know. Otherwise, it's a non-bug.
Comment by Glenn Matthys (RedShift) - Friday, 05 December 2008, 12:48 GMT
The PKGBUILD indeed hasn't been changed (that's why I said not implemented).
Comment by Tom Killian (tomk) - Friday, 05 December 2008, 15:10 GMT
WRAP_LIB = -lwrap is already hard-coded in the Makefile. It will complain if the lib is not there, unless NO_TCP_WRAPPER=1 is passed at compile time. As per my last comment, our current package is compiled against libwrap. If there's a bug here, it's the absence of tcp_wrappers from the DEPENDS array - then again, it's a base package. I'll add it on the next rebuild.

I would still like to hear from the OP about how he found the bug, but as it's 18 months since he reported it, and he hasn't responded to my previous request, I'm beginning to think he's moved on.

Loading...