[fail2ban/el6] Update to 0.8.7.1 Drop fd_cloexec, pyinotify, and examplemail patches fixed upstream Rebase sshd and
Orion Poplawski
orion at fedoraproject.org
Thu Oct 11 18:14:39 UTC 2012
commit 5fa977db4a1e2a862a348d93d67d128ab8c4f767
Author: Orion Poplawski <orion at nwra.com>
Date: Thu Oct 11 12:06:59 2012 -0600
Update to 0.8.7.1
Drop fd_cloexec, pyinotify, and examplemail patches fixed upstream
Rebase sshd and notmp patches
Use _initddir macro
.gitignore | 1 +
fail2ban-0.8.1-sshd.patch | 17 ---
fail2ban-0.8.2-fd_cloexec.patch | 22 ----
fail2ban-0.8.4-examplemail.patch | 110 -------------------
fail2ban-0.8.4-notmp.patch | 101 -----------------
fail2ban-0.8.7.1-notmp.patch | 35 ++++++
fail2ban-0.8.7.1-sshd.patch | 18 +++
fail2ban.spec | 31 +++---
pyinotify.patch | 224 --------------------------------------
sources | 2 +-
10 files changed, 69 insertions(+), 492 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 24ea3a7..c028cca 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
fail2ban-FAIL2BAN-0_8.tar.bz2
fail2ban-0.8.4.tar.bz2
+/fail2ban_0.8.7.1.orig.tar.gz
diff --git a/fail2ban-0.8.7.1-notmp.patch b/fail2ban-0.8.7.1-notmp.patch
new file mode 100644
index 0000000..6c52c96
--- /dev/null
+++ b/fail2ban-0.8.7.1-notmp.patch
@@ -0,0 +1,35 @@
+diff -U0 fail2ban-0.8.7.1/ChangeLog.notmp fail2ban-0.8.7.1/ChangeLog
+--- fail2ban-0.8.7.1/ChangeLog.notmp 2012-07-31 19:45:04.000000000 -0600
++++ fail2ban-0.8.7.1/ChangeLog 2012-10-11 11:49:16.317481660 -0600
+@@ -511 +511 @@
+-- Changed default PID lock file location from /tmp to /var/run
++- Changed default PID lock file location from /var/lib/fail2ban to /var/run
+diff -up fail2ban-0.8.7.1/client/fail2banreader.py.notmp fail2ban-0.8.7.1/client/fail2banreader.py
+--- fail2ban-0.8.7.1/client/fail2banreader.py.notmp 2012-07-31 19:45:04.000000000 -0600
++++ fail2ban-0.8.7.1/client/fail2banreader.py 2012-10-11 11:49:16.318481661 -0600
+@@ -42,7 +42,7 @@ class Fail2banReader(ConfigReader):
+ ConfigReader.read(self, "fail2ban")
+
+ def getEarlyOptions(self):
+- opts = [["string", "socket", "/tmp/fail2ban.sock"]]
++ opts = [["string", "socket", "/var/lib/fail2ban/fail2ban.sock"]]
+ return ConfigReader.getOptions(self, "Definition", opts)
+
+ def getOptions(self):
+diff -up fail2ban-0.8.7.1/config/action.d/dshield.conf.notmp fail2ban-0.8.7.1/config/action.d/dshield.conf
+diff -up fail2ban-0.8.7.1/config/action.d/mail-buffered.conf.notmp fail2ban-0.8.7.1/config/action.d/mail-buffered.conf
+diff -up fail2ban-0.8.7.1/config/action.d/mynetwatchman.conf.notmp fail2ban-0.8.7.1/config/action.d/mynetwatchman.conf
+diff -up fail2ban-0.8.7.1/config/action.d/sendmail-buffered.conf.notmp fail2ban-0.8.7.1/config/action.d/sendmail-buffered.conf
+diff -up fail2ban-0.8.7.1/files/nagios/f2ban.txt.notmp fail2ban-0.8.7.1/files/nagios/f2ban.txt
+--- fail2ban-0.8.7.1/files/nagios/f2ban.txt.notmp 2012-07-31 19:45:04.000000000 -0600
++++ fail2ban-0.8.7.1/files/nagios/f2ban.txt 2012-10-11 11:53:32.323532817 -0600
+@@ -6,7 +6,7 @@ HELP:
+ /etc/init.d/fail2ban stop
+
+ 2.) delete the socket if available
+-rm /tmp/fail2ban.sock
++rm /var/run/fail2ban/fail2ban.sock
+
+ 3.) start the Service
+ /etc/init.d/fail2ban start
+diff -up fail2ban-0.8.7.1/testcases/actiontestcase.py.notmp fail2ban-0.8.7.1/testcases/actiontestcase.py
diff --git a/fail2ban-0.8.7.1-sshd.patch b/fail2ban-0.8.7.1-sshd.patch
new file mode 100644
index 0000000..aa3773e
--- /dev/null
+++ b/fail2ban-0.8.7.1-sshd.patch
@@ -0,0 +1,18 @@
+diff -up fail2ban-0.8.7.1/config/jail.conf.sshd fail2ban-0.8.7.1/config/jail.conf
+--- fail2ban-0.8.7.1/config/jail.conf.sshd 2012-07-31 19:45:04.000000000 -0600
++++ fail2ban-0.8.7.1/config/jail.conf 2012-10-11 11:47:33.131451895 -0600
+@@ -62,11 +62,11 @@ usedns = warn
+
+ [ssh-iptables]
+
+-enabled = false
++enabled = true
+ filter = sshd
+ action = iptables[name=SSH, port=ssh, protocol=tcp]
+- sendmail-whois[name=SSH, dest=you at example.com, sender=fail2ban at example.com]
+-logpath = /var/log/sshd.log
++ sendmail-whois[name=SSH, dest=root, sender=fail2ban at example.com]
++logpath = /var/log/secure
+ maxretry = 5
+
+ [proftpd-iptables]
diff --git a/fail2ban.spec b/fail2ban.spec
index 8542b27..60f52d3 100644
--- a/fail2ban.spec
+++ b/fail2ban.spec
@@ -1,24 +1,18 @@
-# Not defined in Fedora's buildsystem
-%global _initdir %{_sysconfdir}/rc.d/init.d
-
Summary: Ban IPs that make too many password failures
Name: fail2ban
-Version: 0.8.4
-Release: 28%{?dist}
+Version: 0.8.7.1
+Release: 1%{?dist}
License: GPLv2+
Group: System Environment/Daemons
URL: http://fail2ban.sourceforge.net/
-Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.bz2
+Source0: https://github.com/downloads/%{name}/%{name}/%{name}_%{version}.orig.tar.gz
Source1: fail2ban-logrotate
Source2: fail2ban-tmpfiles.conf
Patch0: fail2ban-0.8.3-init.patch
-Patch1: fail2ban-0.8.1-sshd.patch
-Patch3: fail2ban-0.8.2-fd_cloexec.patch
+Patch1: fail2ban-0.8.7.1-sshd.patch
Patch6: fail2ban-0.8.3-log2syslog.patch
Patch7: asyncserver.start_selinux.patch
-Patch8: fail2ban-0.8.4-notmp.patch
-Patch9: pyinotify.patch
-Patch10: fail2ban-0.8.4-examplemail.patch
+Patch8: fail2ban-0.8.7.1-notmp.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: python-devel >= 2.3
BuildArch: noarch
@@ -38,12 +32,9 @@ failures. It updates firewall rules to reject the IP address.
%setup -q
%patch0 -p1 -b .init
%patch1 -p1 -b .sshd
-%patch3 -p1 -b .fd_cloexec
%patch6 -p1 -b .log2syslog
%patch7 -p1 -b .fd_cloexec2
%patch8 -p1 -b .notmp
-%patch9 -p1 -b .inotify
-%patch10 -p1 -b .mail
%build
python setup.py build
@@ -51,8 +42,8 @@ python setup.py build
%install
rm -rf %{buildroot}
python setup.py install -O1 --root %{buildroot}
-mkdir -p %{buildroot}%{_initdir}
-install -p -m 755 files/redhat-initd %{buildroot}%{_initdir}/fail2ban
+mkdir -p %{buildroot}%{_initddir}
+install -p -m 755 files/redhat-initd %{buildroot}%{_initddir}/fail2ban
mkdir -p %{buildroot}%{_mandir}/man1
install -p -m 644 man/fail2ban*.1 %{buildroot}%{_mandir}/man1
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
@@ -82,7 +73,7 @@ fi
%{_bindir}/fail2ban-client
%{_bindir}/fail2ban-regex
%{_datadir}/fail2ban
-%{_initdir}/fail2ban
+%{_initddir}/fail2ban
%{_mandir}/man1/fail2ban-*.1*
%dir %{_sysconfdir}/fail2ban
%dir %{_sysconfdir}/fail2ban/action.d
@@ -97,6 +88,12 @@ fi
%dir %{_localstatedir}/lib/fail2ban/
%changelog
+* Thu Oct 11 2012 Orion Poplawski <orion at cora.nwra.com> - 0.8.7.1-1
+- Update to 0.8.7.1
+- Drop fd_cloexec, pyinotify, and examplemail patches fixed upstream
+- Rebase sshd and notmp patches
+- Use _initddir macro
+
* Sat Feb 11 2012 Adam Miller <maxamillion at fedoraproject.org> - 0.8.4-28
- Rebase EPEL packages on latest Fedora upstream to fix CVE-2009-5023
diff --git a/sources b/sources
index 1d19c45..b243c67 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-df94335a5d12b4750869e5fe350073fa fail2ban-0.8.4.tar.bz2
+39ae20deafbd0441ad385204d532e423 fail2ban_0.8.7.1.orig.tar.gz
More information about the scm-commits
mailing list