rpms/fail2ban/F-10 fail2ban-0.8.3-inodecheck.patch, NONE, 1.1 fail2ban-0.8.3-log2syslog.patch, NONE, 1.1 fail2ban-logrotate, NONE, 1.1 fail2ban.spec, 1.15, 1.16 sources, 1.9, 1.10
athimm
athimm at fedoraproject.org
Thu Aug 27 20:01:14 UTC 2009
- Previous message: rpms/kexec-tools/F-11 kexec-tools.spec, 1.133, 1.134 mkdumprd, 1.27, 1.28
- Next message: rpms/fail2ban/F-11 fail2ban-0.8.3-inodecheck.patch, NONE, 1.1 fail2ban-0.8.3-log2syslog.patch, NONE, 1.1 fail2ban-logrotate, NONE, 1.1 fail2ban.spec, 1.17, 1.18 sources, 1.9, 1.10
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: athimm
Update of /cvs/extras/rpms/fail2ban/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv4415/F-10
Modified Files:
fail2ban.spec sources
Added Files:
fail2ban-0.8.3-inodecheck.patch
fail2ban-0.8.3-log2syslog.patch fail2ban-logrotate
Log Message:
Fix bugs 491983, 515116, 503852
fail2ban-0.8.3-inodecheck.patch:
filter.py | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
--- NEW FILE fail2ban-0.8.3-inodecheck.patch ---
--- fail2ban-0.8.3/server/filter.py.inodecheck 2009-08-27 20:50:22.000000000 +0200
+++ fail2ban-0.8.3/server/filter.py 2009-08-27 20:50:22.000000000 +0200
@@ -31,7 +31,7 @@
from mytime import MyTime
from failregex import FailRegex, Regex, RegexException
-import logging, re
+import logging, re, os
# Gets the instance of the logger.
logSys = logging.getLogger("fail2ban.filter")
@@ -438,6 +438,8 @@
self.__handler = None
# Try to open the file. Raises an exception if an error occured.
handler = open(filename)
+ stats = os.fstat(handler.fileno())
+ self.__ino = stats.st_ino
try:
firstLine = handler.readline()
# Computes the MD5 of the first line.
@@ -464,10 +466,12 @@
firstLine = self.__handler.readline()
# Computes the MD5 of the first line.
myHash = md5.new(firstLine).digest()
- # Compare hash.
- if not self.__hash == myHash:
+ stats = os.fstat(self.__handler.fileno())
+ # Compare hash and inode
+ if self.__hash != myHash or self.__ino != stats.st_ino:
logSys.info("Log rotation detected for %s" % self.__filename)
self.__hash = myHash
+ self.__ino = stats.st_ino
self.__pos = 0
# Sets the file pointer to the last position.
self.__handler.seek(self.__pos)
fail2ban-0.8.3-log2syslog.patch:
fail2ban.conf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE fail2ban-0.8.3-log2syslog.patch ---
--- fail2ban-0.8.3/config/fail2ban.conf~ 2008-02-27 22:44:55.000000000 +0100
+++ fail2ban-0.8.3/config/fail2ban.conf 2009-08-27 20:48:25.000000000 +0200
@@ -22,7 +22,7 @@
# Only one log target can be specified.
# Values: STDOUT STDERR SYSLOG file Default: /var/log/fail2ban.log
#
-logtarget = /var/log/fail2ban.log
+logtarget = SYSLOG
# Option: socket
# Notes.: Set the socket file. This is used to communicate with the daemon. Do
--- NEW FILE fail2ban-logrotate ---
/var/log/fail2ban.log {
missingok
notifempty
size 30k
create 0600 root root
postrotate
/usr/bin/fail2ban-client set logtarget SYSLOG 2> /dev/null || true
endscript
}
Index: fail2ban.spec
===================================================================
RCS file: /cvs/extras/rpms/fail2ban/F-10/fail2ban.spec,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -p -r1.15 -r1.16
--- fail2ban.spec 14 Feb 2009 07:13:55 -0000 1.15
+++ fail2ban.spec 27 Aug 2009 20:01:13 -0000 1.16
@@ -4,7 +4,7 @@
Summary: Ban IPs that make too many password failures
Name: fail2ban
Version: 0.8.3
-Release: 18%{?dist}
+Release: 21%{?dist}
License: GPLv2+
Group: System Environment/Daemons
URL: http://fail2ban.sourceforge.net/
@@ -15,6 +15,8 @@ Patch1: fail2ban-0.8.1-sshd.patch
#Patch2: fail2ban-0.8.1-sock.patch
Patch3: fail2ban-0.8.2-fd_cloexec.patch
Patch4: 0001-BF-anchoring-regex-for-IP-with-at-the-end.patch
+Patch5: fail2ban-0.8.3-inodecheck.patch
+Patch6: fail2ban-0.8.3-log2syslog.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: python-devel >= 2.3
BuildArch: noarch
@@ -35,6 +37,8 @@ failures. It updates firewall rules to r
#patch2 -p1 -b .sock
%patch3 -p1 -b .fd_cloexec
%patch4 -p1 -b .CVE-2009-0362
+%patch5 -p1 -b .inodecheck
+%patch6 -p1 -b .log2syslog
%build
python setup.py build
@@ -84,6 +88,10 @@ fi
%dir %{_localstatedir}/run/fail2ban
%changelog
+* Thu Aug 27 2009 Axel Thimm <Axel.Thimm at ATrpms.net> - 0.8.3-21
+- Log to syslog (RH bug #491983). Also deals with RH bug #515116.
+- Check inodes of log files (RH bug #503852).
+
* Sat Feb 14 2009 Axel Thimm <Axel.Thimm at ATrpms.net> - 0.8.3-18
- Fix CVE-2009-0362 (Fedora bugs #485461, #485464, #485465, #485466).
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/fail2ban/F-10/sources,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -p -r1.9 -r1.10
--- sources 25 Aug 2008 09:20:30 -0000 1.9
+++ sources 27 Aug 2009 20:01:13 -0000 1.10
@@ -1,2 +1 @@
-1c87078f2c50497951ec46583020d723 fail2ban-logrotate
b438d7e2ce77a469fb0cca2a5cc0b81c fail2ban-0.8.3.tar.bz2
- Previous message: rpms/kexec-tools/F-11 kexec-tools.spec, 1.133, 1.134 mkdumprd, 1.27, 1.28
- Next message: rpms/fail2ban/F-11 fail2ban-0.8.3-inodecheck.patch, NONE, 1.1 fail2ban-0.8.3-log2syslog.patch, NONE, 1.1 fail2ban-logrotate, NONE, 1.1 fail2ban.spec, 1.17, 1.18 sources, 1.9, 1.10
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list