Remove "incomplete" TCB support

[zeha]

Remove Owl TCB support, as:

• WITH_TCB was always documented as incomplete.
• util-linux's vipw/vigr have never supported this.

In the context of #999, reimplementing something incomplete in util-linux does not seem like a good idea to me.

[alejandro-colomar]

Reviewed-by: Alejandro Colomar <[email protected]>

Thanks!

[alejandro-colomar]

I'll let someone else merge. I agree with this, but let's confirm with @hallyn or @ikerexxe .

[ikerexxe]

Are you sure this is an incomplete functionality? I know the configure script states it's incomplete, but that could be a leftover. I'd like to make sure that nobody is using this functionality before removing it.

[hallyn]

Looks like it would need to build against https://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/tcb/tcb/libs/libtcb.c?rev=1.9;content-type=text%2Fplain;only_with_tag=MAIN to get the tcp_drop_priv() etc functions. What distros package those?

[alejandro-colomar]

Here's one: https://madb.mageia.org/package/list/t_search/tcb/application/0.

I found it because it's listed here: https://www.openwall.com/tcb/.

[alejandro-colomar]

Here's another one that I found: https://packages.altlinux.org/en/search/?branch=sisyphus&q=tcb.

[alejandro-colomar]

In Mageia, tcb seems to be unmaintained. In ALTLinux, the maintainer seems to be @ldv-alt .

[sem-gh]

I'm currently a shadow utilities maintainer in ALTLinux.
In ALTLinux we have been using TCB for years and the TCB support in shadow-utils certainly works,
but our shadow-utils package is heavily patched (not only to support TCB, there are many other ALT-specific patches).
I haven’t tested TCB support in shadow without our patches for a long time, but in any case, I would be glad to see working support for
TCB in the upstream and can prepare a merge request with the necessary changes.
Although I can’t promise that I’ll do this quickly: it will take quite a lot of work to separate our TCB patches from others and may require partialy rewrite them.
In the meantime, please do not remove TCB support from shadow

It seems it's being used.

[jubalh]

What distros package ?

According to https://repology.org/project/tcb/versions only:

• ALT
• Mageia
• Nix
• OpenMandriva
• Rosa

[hallyn]

I'm currently a shadow utilities maintainer in ALTLinux. In ALTLinux we have been using TCB for years and the TCB support in shadow-utils certainly works, but our shadow-utils package is heavily patched (not only to support TCB, there are many other ALT-specific patches). I haven’t tested TCB support in shadow without our patches for a long time, but in any case, I would be glad to see working support for TCB in the upstream and can prepare a merge request with the necessary changes. Although I can’t promise that I’ll do this quickly: it will take quite a lot of work to separate our TCB patches from others and may require partialy rewrite them. In the meantime, please do not remove TCB support from shadow

Thanks, looking forward to a merge request!