core: remove tcpwrap support

tcpwrap is legacy code, that is barely maintained upstream. It's APIs
are awful, and the feature set it exposes (such as DNS and IDENT
access control) questionnable. We should not support this natively in
systemd.

Hence, let's remove the code. If people want to continue making use of
this, they can do so by plugging in "tcpd" for the processes they start.
With that scheme things are as well or badly supported as they were from
traditional inetd, hence no functionality is really lost.

diff --git a/Makefile.am b/Makefile.am
index 54cd1c6bdf5d1bd3e3f68efb184a8576d96967f6..2cb0f2aea2d970bdc6e042e02b795e88f7f19839 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -1019,8 +1019,6 @@ libsystemd_core_la_SOURCES = \
        src/core/condition.h \
        src/core/namespace.c \
        src/core/namespace.h \
        src/core/condition.h \
        src/core/namespace.c \
        src/core/namespace.h \

-       src/core/tcpwrap.c \
-       src/core/tcpwrap.h \

        src/core/build.h \
        src/core/sysfs-show.h \
        src/core/switch-root.h \
        src/core/build.h \
        src/core/sysfs-show.h \
        src/core/switch-root.h \


@@ -1046,7 +1044,6 @@ nodist_libsystemd_core_la_SOURCES = \
 
 libsystemd_core_la_CFLAGS = \
        $(AM_CFLAGS) \
 
 libsystemd_core_la_CFLAGS = \
        $(AM_CFLAGS) \

-       $(LIBWRAP_CFLAGS) \

        $(PAM_CFLAGS) \
        $(AUDIT_CFLAGS) \
        $(CAP_CFLAGS) \
        $(PAM_CFLAGS) \
        $(AUDIT_CFLAGS) \
        $(CAP_CFLAGS) \


@@ -1062,7 +1059,6 @@ libsystemd_core_la_LIBADD = \
        libudev-internal.la \
        libsystemd-shared.la \
        libsystemd-internal.la \
        libudev-internal.la \
        libsystemd-shared.la \
        libsystemd-internal.la \

-       $(LIBWRAP_LIBS) \

        $(PAM_LIBS) \
        $(AUDIT_LIBS) \
        $(CAP_LIBS) \
        $(PAM_LIBS) \
        $(AUDIT_LIBS) \
        $(CAP_LIBS) \

diff --git a/README b/README
index 7fd5c0e5bf4176bb7e1df92a665c742cdb62b6aa..fc13e10d6fd4b94265c29fbf3f547d48daa51798 100644 (file)
--- a/README
+++ b/README
@@ -111,7 +111,6 @@ REQUIREMENTS:
         libattr (optional)
         libselinux (optional)
         liblzma (optional)
         libattr (optional)
         libselinux (optional)
         liblzma (optional)

-        tcpwrappers (optional)

         libgcrypt (optional)
         libqrencode (optional)
         libmicrohttpd (optional)
         libgcrypt (optional)
         libqrencode (optional)
         libmicrohttpd (optional)

diff --git a/TODO b/TODO
index febfc3aeb2781e46d0614de40b71c8d9bdb14f58..e081fcf1e6e47c49c2c255dfbd1d81921178cc18 100644 (file)
--- a/TODO
+++ b/TODO
@@ -550,7 +550,7 @@ Features:
 
 * for services: don't set $HOME in services unless requested
 
 
 * for services: don't set $HOME in services unless requested
 

-* hide PAM/TCPWrap options in fragment parser when compile time disabled
+* hide PAM options in fragment parser when compile time disabled

 
 * when we automatically restart a service, ensure we restart its rdeps, too.
 
 
 * when we automatically restart a service, ensure we restart its rdeps, too.
 

diff --git a/configure.ac b/configure.ac
index 3ced6cf3d503d2f80aa95c9d533e115becd21637..e95b682f57c2533b0400e0ccd39b05176114e8b6 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -430,32 +430,6 @@ if test "x$enable_xz" != "xno"; then
 fi
 AM_CONDITIONAL(HAVE_XZ, [test "$have_xz" = "yes"])
 
 fi
 AM_CONDITIONAL(HAVE_XZ, [test "$have_xz" = "yes"])
 

-# ------------------------------------------------------------------------------
-AC_ARG_ENABLE([tcpwrap],
-        AS_HELP_STRING([--disable-tcpwrap],[Disable optional TCP wrappers support]),
-                [case "${enableval}" in
-                        yes) have_tcpwrap=yes ;;
-                        no) have_tcpwrap=no ;;
-                        *) AC_MSG_ERROR(bad value ${enableval} for --disable-tcpwrap) ;;
-                esac],
-                [have_tcpwrap=auto])
-
-if test "x${have_tcpwrap}" != xno ; then
-        ACX_LIBWRAP
-        if test "x${LIBWRAP_LIBS}" = x ; then
-                if test "x$have_tcpwrap" = xyes ; then
-                        AC_MSG_ERROR([*** TCP wrappers support not found.])
-                fi
-                have_tcpwrap=no
-        else
-                M4_DEFINES="$M4_DEFINES -DHAVE_LIBWRAP"
-                have_tcpwrap=yes
-        fi
-else
-        LIBWRAP_LIBS=
-fi
-AC_SUBST(LIBWRAP_LIBS)
-

 # ------------------------------------------------------------------------------
 AC_ARG_ENABLE([pam],
         AS_HELP_STRING([--disable-pam],[Disable optional PAM support]),
 # ------------------------------------------------------------------------------
 AC_ARG_ENABLE([pam],
         AS_HELP_STRING([--disable-pam],[Disable optional PAM support]),


@@ -1130,7 +1104,6 @@ AC_MSG_RESULT([
         $PACKAGE_NAME $VERSION
 
         libcryptsetup:           ${have_libcryptsetup}
         $PACKAGE_NAME $VERSION
 
         libcryptsetup:           ${have_libcryptsetup}

-        tcpwrap:                 ${have_tcpwrap}

         PAM:                     ${have_pam}
         AUDIT:                   ${have_audit}
         IMA:                     ${have_ima}
         PAM:                     ${have_pam}
         AUDIT:                   ${have_audit}
         IMA:                     ${have_ima}

diff --git a/m4/acx_libwrap.m4 b/m4/acx_libwrap.m4
deleted file mode 100644 (file)
index ccf8afc..0000000
--- a/m4/acx_libwrap.m4
+++ /dev/null
@@ -1,19 +0,0 @@
-AC_DEFUN([ACX_LIBWRAP], [
-LIBWRAP_LIBS=
-saved_LIBS="$LIBS"
-LIBS="$LIBS -lwrap"
-AC_MSG_CHECKING([for tcpwrap library and headers])
-AC_LINK_IFELSE(
-[AC_LANG_PROGRAM(
-[#include <tcpd.h>
-#include <syslog.h>
-int allow_severity = LOG_INFO;
-int deny_severity = LOG_WARNING;],
-[struct request_info *req;
-return hosts_access (req);])],
-[AC_DEFINE(HAVE_LIBWRAP, [], [Have tcpwrap?])
-LIBWRAP_LIBS="-lwrap"
-AC_MSG_RESULT(yes)],
-[AC_MSG_RESULT(no)])
-LIBS="$saved_LIBS"
-])

diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index f47826ce4ae6a278d069be3bd847ff166789c23f..11ad7f6605df0d92da9f7505ebc4c609b34082e6 100644 (file)
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -686,31 +686,6 @@
                                 for details.</para></listitem>
                         </varlistentry>
 
                                 for details.</para></listitem>
                         </varlistentry>
 

-                        <varlistentry>
-                                <term><varname>TCPWrapName=</varname></term>
-                                <listitem><para>If this is a
-                                socket-activated service, this sets the
-                                tcpwrap service name to check the
-                                permission for the current connection
-                                with. This is only useful in
-                                conjunction with socket-activated
-                                services, and stream sockets (TCP) in
-                                particular. It has no effect on other
-                                socket types (e.g. datagram/UDP) and
-                                on processes unrelated to socket-based
-                                activation. If the tcpwrap
-                                verification fails, daemon start-up
-                                will fail and the connection is
-                                terminated. See
-                                <citerefentry><refentrytitle>tcpd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                                for details. Note that this option may
-                                be used to do access control checks
-                                only. Shell commands and commands
-                                described in
-                                <citerefentry><refentrytitle>hosts_options</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                                are not supported.</para></listitem>
-                        </varlistentry>
-

                         <varlistentry>
                                 <term><varname>CapabilityBoundingSet=</varname></term>
 
                         <varlistentry>
                                 <term><varname>CapabilityBoundingSet=</varname></term>
 

diff --git a/src/core/build.h b/src/core/build.h
index 3d7cd3ea39b77e98aa8776afaf182d00856de2de..f6faf06ae80bff30193086fc6dcfef1baee8ef1b 100644 (file)
--- a/src/core/build.h
+++ b/src/core/build.h
@@ -27,12 +27,6 @@
 #define _PAM_FEATURE_ "-PAM"
 #endif
 
 #define _PAM_FEATURE_ "-PAM"
 #endif
 

-#ifdef HAVE_LIBWRAP
-#define _LIBWRAP_FEATURE_ "+LIBWRAP"
-#else
-#define _LIBWRAP_FEATURE_ "-LIBWRAP"
-#endif
-

 #ifdef HAVE_AUDIT
 #define _AUDIT_FEATURE_ "+AUDIT"
 #else
 #ifdef HAVE_AUDIT
 #define _AUDIT_FEATURE_ "+AUDIT"
 #else


@@ -93,4 +87,4 @@
 #define _SECCOMP_FEATURE_ "-SECCOMP"
 #endif
 
 #define _SECCOMP_FEATURE_ "-SECCOMP"
 #endif
 

-#define SYSTEMD_FEATURES _PAM_FEATURE_ " " _LIBWRAP_FEATURE_ " " _AUDIT_FEATURE_ " " _SELINUX_FEATURE_ " " _IMA_FEATURE_ " " _SYSVINIT_FEATURE_ " " _LIBCRYPTSETUP_FEATURE_ " " _GCRYPT_FEATURE_ " " _ACL_FEATURE_ " " _XZ_FEATURE_ " " _SECCOMP_FEATURE_ " " _APPARMOR_FEATURE_
+#define SYSTEMD_FEATURES _PAM_FEATURE_ " " _AUDIT_FEATURE_ " " _SELINUX_FEATURE_ " " _IMA_FEATURE_ " " _SYSVINIT_FEATURE_ " " _LIBCRYPTSETUP_FEATURE_ " " _GCRYPT_FEATURE_ " " _ACL_FEATURE_ " " _XZ_FEATURE_ " " _SECCOMP_FEATURE_ " " _APPARMOR_FEATURE_

diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
index bf4a682d3a9b6f018fc5c3a2709bd38aafa42f61..13b3d0dd14c8214ede175f2a972fe2dfac68dcd0 100644 (file)
--- a/src/core/dbus-execute.c
+++ b/src/core/dbus-execute.c
@@ -618,7 +618,6 @@ const sd_bus_vtable bus_exec_vtable[] = {
         SD_BUS_PROPERTY("User", "s", NULL, offsetof(ExecContext, user), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("Group", "s", NULL, offsetof(ExecContext, group), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("SupplementaryGroups", "as", NULL, offsetof(ExecContext, supplementary_groups), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("User", "s", NULL, offsetof(ExecContext, user), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("Group", "s", NULL, offsetof(ExecContext, group), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("SupplementaryGroups", "as", NULL, offsetof(ExecContext, supplementary_groups), SD_BUS_VTABLE_PROPERTY_CONST),

-        SD_BUS_PROPERTY("TCPWrapName", "s", NULL, offsetof(ExecContext, tcpwrap_name), SD_BUS_VTABLE_PROPERTY_CONST),

         SD_BUS_PROPERTY("PAMName", "s", NULL, offsetof(ExecContext, pam_name), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("ReadWriteDirectories", "as", NULL, offsetof(ExecContext, read_write_dirs), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("ReadOnlyDirectories", "as", NULL, offsetof(ExecContext, read_only_dirs), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("PAMName", "s", NULL, offsetof(ExecContext, pam_name), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("ReadWriteDirectories", "as", NULL, offsetof(ExecContext, read_write_dirs), SD_BUS_VTABLE_PROPERTY_CONST),
         SD_BUS_PROPERTY("ReadOnlyDirectories", "as", NULL, offsetof(ExecContext, read_only_dirs), SD_BUS_VTABLE_PROPERTY_CONST),

diff --git a/src/core/execute.c b/src/core/execute.c
index 353f2d1297619f9ca4e6b4077d5ea85cf664fbfe..4a3aeda3cdd43b1bbcee35fa48872c7667c06fd3 100644 (file)
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -69,7 +69,6 @@
 #include "ioprio.h"
 #include "securebits.h"
 #include "namespace.h"
 #include "ioprio.h"
 #include "securebits.h"
 #include "namespace.h"

-#include "tcpwrap.h"

 #include "exit-status.h"
 #include "missing.h"
 #include "utmp-wtmp.h"
 #include "exit-status.h"
 #include "missing.h"
 #include "utmp-wtmp.h"


@@ -1362,23 +1361,6 @@ int exec_spawn(ExecCommand *command,
                                 goto fail_child;
                         }
 
                                 goto fail_child;
                         }
 

-                if (context->tcpwrap_name) {
-                        if (socket_fd >= 0)
-                                if (!socket_tcpwrap(socket_fd, context->tcpwrap_name)) {
-                                        err = -EACCES;
-                                        r = EXIT_TCPWRAP;
-                                        goto fail_child;
-                                }
-
-                        for (i = 0; i < (int) n_fds; i++) {
-                                if (!socket_tcpwrap(fds[i], context->tcpwrap_name)) {
-                                        err = -EACCES;
-                                        r = EXIT_TCPWRAP;
-                                        goto fail_child;
-                                }
-                        }
-                }
-

                 exec_context_tty_reset(context);
 
                 if (confirm_spawn) {
                 exec_context_tty_reset(context);
 
                 if (confirm_spawn) {


@@ -1878,9 +1860,6 @@ void exec_context_done(ExecContext *c) {
         free(c->tty_path);
         c->tty_path = NULL;
 
         free(c->tty_path);
         c->tty_path = NULL;
 

-        free(c->tcpwrap_name);
-        c->tcpwrap_name = NULL;
-

         free(c->syslog_identifier);
         c->syslog_identifier = NULL;
 
         free(c->syslog_identifier);
         c->syslog_identifier = NULL;
 


@@ -2148,11 +2127,6 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
         STRV_FOREACH(e, c->environment_files)
                 fprintf(f, "%sEnvironmentFile: %s\n", prefix, *e);
 
         STRV_FOREACH(e, c->environment_files)
                 fprintf(f, "%sEnvironmentFile: %s\n", prefix, *e);
 

-        if (c->tcpwrap_name)
-                fprintf(f,
-                        "%sTCPWrapName: %s\n",
-                        prefix, c->tcpwrap_name);
-

         if (c->nice_set)
                 fprintf(f,
                         "%sNice: %i\n",
         if (c->nice_set)
                 fprintf(f,
                         "%sNice: %i\n",

diff --git a/src/core/execute.h b/src/core/execute.h
index 9fcea121fa8211a036ff07d1cb7ee852ab776999..c9e29ffc8a9a0c730d2f54ddc1cfb869f21a96b0 100644 (file)
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -113,8 +113,6 @@ struct ExecContext {
 
         nsec_t timer_slack_nsec;
 
 
         nsec_t timer_slack_nsec;
 

-        char *tcpwrap_name;
-

         char *tty_path;
 
         bool tty_reset;
         char *tty_path;
 
         bool tty_reset;

diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4
index 3a77234e97385fde5c3053abe9b0adc6c2d8b2b8..dbb5d13b76f6ef93b043c38b6c5edeba2bed03e2 100644 (file)
--- a/src/core/load-fragment-gperf.gperf.m4
+++ b/src/core/load-fragment-gperf.gperf.m4
@@ -84,9 +84,6 @@ $1.MountFlags,                   config_parse_exec_mount_flags,      0,
 $1.Personality,                  config_parse_personality,           0,                             offsetof($1, exec_context.personality)
 $1.RuntimeDirectoryMode,         config_parse_mode,                  0,                             offsetof($1, exec_context.runtime_directory_mode)
 $1.RuntimeDirectory,             config_parse_runtime_directory,     0,                             offsetof($1, exec_context.runtime_directory)
 $1.Personality,                  config_parse_personality,           0,                             offsetof($1, exec_context.personality)
 $1.RuntimeDirectoryMode,         config_parse_mode,                  0,                             offsetof($1, exec_context.runtime_directory_mode)
 $1.RuntimeDirectory,             config_parse_runtime_directory,     0,                             offsetof($1, exec_context.runtime_directory)

-m4_ifdef(`HAVE_LIBWRAP',
-`$1.TCPWrapName,                 config_parse_unit_string_printf,    0,                             offsetof($1, exec_context.tcpwrap_name)',
-`$1.TCPWrapName,                 config_parse_warn_compat,           0,                             0')

 m4_ifdef(`HAVE_PAM',
 `$1.PAMName,                     config_parse_unit_string_printf,    0,                             offsetof($1, exec_context.pam_name)',
 `$1.PAMName,                     config_parse_warn_compat,           0,                             0')
 m4_ifdef(`HAVE_PAM',
 `$1.PAMName,                     config_parse_unit_string_printf,    0,                             offsetof($1, exec_context.pam_name)',
 `$1.PAMName,                     config_parse_warn_compat,           0,                             0')

diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index e7779d16251aaf8885881c41eddd8690c1fe8d0a..c604f9096d0e4d33e48830e90134db6c95802ac9 100644 (file)
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -64,7 +64,7 @@
 #include "seccomp-util.h"
 #endif
 
 #include "seccomp-util.h"
 #endif
 

-#if !defined(HAVE_SYSV_COMPAT) || !defined(HAVE_SECCOMP) || !defined(HAVE_LIBWRAP) || !defined(HAVE_PAM) || !defined(HAVE_SELINUX) || !defined(HAVE_SMACK) || !defined(HAVE_APPARMOR)
+#if !defined(HAVE_SYSV_COMPAT) || !defined(HAVE_SECCOMP) || !defined(HAVE_PAM) || !defined(HAVE_SELINUX) || !defined(HAVE_SMACK) || !defined(HAVE_APPARMOR)

 int config_parse_warn_compat(
                 const char *unit,
                 const char *filename,
 int config_parse_warn_compat(
                 const char *unit,
                 const char *filename,


@@ -3328,7 +3328,7 @@ void unit_dump_config_items(FILE *f) {
                 const ConfigParserCallback callback;
                 const char *rvalue;
         } table[] = {
                 const ConfigParserCallback callback;
                 const char *rvalue;
         } table[] = {

-#if !defined(HAVE_SYSV_COMPAT) || !defined(HAVE_SECCOMP) || !defined(HAVE_LIBWRAP) || !defined(HAVE_PAM) || !defined(HAVE_SELINUX) || !defined(HAVE_SMACK) || !defined(HAVE_APPARMOR)
+#if !defined(HAVE_SYSV_COMPAT) || !defined(HAVE_SECCOMP) || !defined(HAVE_PAM) || !defined(HAVE_SELINUX) || !defined(HAVE_SMACK) || !defined(HAVE_APPARMOR)

                 { config_parse_warn_compat,           "NOTSUPPORTED" },
 #endif
                 { config_parse_int,                   "INTEGER" },
                 { config_parse_warn_compat,           "NOTSUPPORTED" },
 #endif
                 { config_parse_int,                   "INTEGER" },

diff --git a/src/core/tcpwrap.c b/src/core/tcpwrap.c
deleted file mode 100644 (file)
index 6c630fa..0000000
--- a/src/core/tcpwrap.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
-
-/***
-  This file is part of systemd.
-
-  Copyright 2010 Lennart Poettering
-
-  systemd is free software; you can redistribute it and/or modify it
-  under the terms of the GNU Lesser General Public License as published by
-  the Free Software Foundation; either version 2.1 of the License, or
-  (at your option) any later version.
-
-  systemd is distributed in the hope that it will be useful, but
-  WITHOUT ANY WARRANTY; without even the implied warranty of
-  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-  Lesser General Public License for more details.
-
-  You should have received a copy of the GNU Lesser General Public License
-  along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <sys/socket.h>
-#include <sys/un.h>
-#include <arpa/inet.h>
-#include <netinet/in.h>
-
-#ifdef HAVE_LIBWRAP
-#include <tcpd.h>
-#endif
-
-#include "tcpwrap.h"
-#include "log.h"
-
-bool socket_tcpwrap(int fd, const char *name) {
-#ifdef HAVE_LIBWRAP
-        struct request_info req;
-        union {
-                struct sockaddr sa;
-                struct sockaddr_in in;
-                struct sockaddr_in6 in6;
-                struct sockaddr_un un;
-                struct sockaddr_storage storage;
-        } sa_union;
-        socklen_t l = sizeof(sa_union);
-
-        if (getsockname(fd, &sa_union.sa, &l) < 0)
-                return true;
-
-        if (sa_union.sa.sa_family != AF_INET &&
-            sa_union.sa.sa_family != AF_INET6)
-                return true;
-
-        request_init(&req,
-                     RQ_DAEMON, name,
-                     RQ_FILE, fd,
-                     NULL);
-
-        fromhost(&req);
-
-        if (!hosts_access(&req)) {
-                log_warning("Connection refused by tcpwrap.");
-                return false;
-        }
-
-        log_debug("Connection accepted by tcpwrap.");
-#endif
-        return true;
-}

diff --git a/src/core/tcpwrap.h b/src/core/tcpwrap.h
deleted file mode 100644 (file)
index 3353b65..0000000
--- a/src/core/tcpwrap.h
+++ /dev/null
@@ -1,26 +0,0 @@
-/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
-
-#pragma once
-
-/***
-  This file is part of systemd.
-
-  Copyright 2010 Lennart Poettering
-
-  systemd is free software; you can redistribute it and/or modify it
-  under the terms of the GNU Lesser General Public License as published by
-  the Free Software Foundation; either version 2.1 of the License, or
-  (at your option) any later version.
-
-  systemd is distributed in the hope that it will be useful, but
-  WITHOUT ANY WARRANTY; without even the implied warranty of
-  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-  Lesser General Public License for more details.
-
-  You should have received a copy of the GNU Lesser General Public License
-  along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <stdbool.h>
-
-bool socket_tcpwrap(int fd, const char *name);

diff --git a/src/shared/exit-status.c b/src/shared/exit-status.c
index d860b55511cce48d2ee1e0da67d139f21f4f2267..208d329c1e27348b7c9221f7da2164ec2310a082 100644 (file)
--- a/src/shared/exit-status.c
+++ b/src/shared/exit-status.c
@@ -113,9 +113,6 @@ const char* exit_status_to_string(ExitStatus status, ExitStatusLevel level) {
                 case EXIT_STDERR:
                         return "STDERR";
 
                 case EXIT_STDERR:
                         return "STDERR";
 

-                case EXIT_TCPWRAP:
-                        return "TCPWRAP";
-

                 case EXIT_PAM:
                         return "PAM";
 
                 case EXIT_PAM:
                         return "PAM";
 

diff --git a/src/shared/exit-status.h b/src/shared/exit-status.h
index 385d6def06f6f864afaa80d9a2db191b2be065e0..d6bf84c69803c44efb06f138dbaaa58e0e0361df 100644 (file)
--- a/src/shared/exit-status.h
+++ b/src/shared/exit-status.h
@@ -64,7 +64,7 @@ typedef enum ExitStatus {
         EXIT_SETSID,   /* 220 */
         EXIT_CONFIRM,
         EXIT_STDERR,
         EXIT_SETSID,   /* 220 */
         EXIT_CONFIRM,
         EXIT_STDERR,

-        EXIT_TCPWRAP,
+        _EXIT_RESERVED, /* used to be tcpwrap, don't reuse! */

         EXIT_PAM,
         EXIT_NETWORK,
         EXIT_NAMESPACE,
         EXIT_PAM,
         EXIT_NETWORK,
         EXIT_NAMESPACE,