On Tue, Aug 15, 2017 at 1:58 PM, Jakub Jelen <jjelen(a)redhat.com> wrote:
So can we discuss it now once more without the affiliation to systemd?
The fact is that we still do not have any other replacement except
firewalls. But do we need one?
IIRC, in the past discussion there was quite a lot of people arguing
that we actually need one. I personally don't think we as a
distribution need a drop-in replacement. However, what we possibly
need, is a migration path for already deployed systems using
tcp_wrappers. Just dropping tcp_wrappers and potentially leaving
deployed services completely open would very irresponsible.
Also we should consider an impact this change will have on our
downstreams focusing on enterprise use-cases (CentOS, RHEL). I recon
that "splash damage" potentially caused by this change will be bigger
there than in Fedora itself.
Michal