[fail2ban] Fix log paths for some jails (bug #1128152)
Orion Poplawski
orion at fedoraproject.org
Fri Aug 8 19:55:01 UTC 2014
commit 5d9a81c73977b3b06bd79f0fd6b5defec0c88ecc
Author: Orion Poplawski <orion at cora.nwra.com>
Date: Fri Aug 8 13:55:00 2014 -0600
Fix log paths for some jails (bug #1128152)
fail2ban-logpath.patch | 53 ++++++++++++++++++++++++++++++++++++++++++++++++
fail2ban.spec | 10 ++++++++-
2 files changed, 62 insertions(+), 1 deletions(-)
---
diff --git a/fail2ban-logpath.patch b/fail2ban-logpath.patch
new file mode 100644
index 0000000..8de38a0
--- /dev/null
+++ b/fail2ban-logpath.patch
@@ -0,0 +1,53 @@
+diff -up fail2ban-0.9/config/jail.conf.logpath fail2ban-0.9/config/jail.conf
+--- fail2ban-0.9/config/jail.conf.logpath 2014-08-08 13:29:40.101582649 -0600
++++ fail2ban-0.9/config/jail.conf 2014-08-08 13:33:56.376307236 -0600
+@@ -370,7 +370,7 @@ logpath = /var/log/tomcat*/catalina.out
+ [webmin-auth]
+
+ port = 10000
+-logpath = /var/log/auth.log
++logpath = %(syslog_authpriv)s
+
+
+ #
+@@ -423,7 +423,7 @@ maxretry = 6
+
+ [vsftpd]
+ # or overwrite it in jails.local to be
+-# logpath = /var/log/auth.log
++# logpath = %(syslog_authpriv)s
+ # if you want to rely on PAM failed login attempts
+ # vsftpd's failregex should match both of those formats
+ port = ftp,ftp-data,ftps,ftps-data
+@@ -533,7 +533,7 @@ logpath = %(postfix_log)s
+ [perdition]
+
+ port = imap3,imaps,pop3,pop3s
+-logpath = /var/log/maillog
++logpath = %(syslog_mail)s
+
+
+ [squirrelmail]
+@@ -657,13 +657,13 @@ maxretry = 5
+ [pam-generic]
+ # pam-generic filter can be customized to monitor specific subset of 'tty's
+ banaction = iptables-allports
+-logpath = /var/log/auth.log
++logpath = %(syslog_authpriv)s
+
+
+ [xinetd-fail]
+
+ banaction = iptables-multiport-log
+-logpath = /var/log/daemon.log
++logpath = %(syslog_daemon)s
+ maxretry = 2
+
+
+@@ -693,5 +693,5 @@ action = %(banaction)s[name=%(__name__)
+ [nagios]
+
+ enabled = false
+-logpath = /var/log/messages ; nrpe.cfg may define a different log_facility
++logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility
+ maxretry = 1
diff --git a/fail2ban.spec b/fail2ban.spec
index 37b3d73..2f5c67e 100644
--- a/fail2ban.spec
+++ b/fail2ban.spec
@@ -1,7 +1,7 @@
Summary: Daemon to ban hosts that cause multiple authentication errors
Name: fail2ban
Version: 0.9
-Release: 7%{?dist}
+Release: 8%{?dist}
License: GPLv2+
URL: http://fail2ban.sourceforge.net/
Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
@@ -14,6 +14,10 @@ Patch1: fail2ban-tests-nonet.patch
# Upstream patch to skip syslog tests without /dev/log
# https://github.com/fail2ban/fail2ban/issues/110
Patch2: fail2ban-tests-syslog.patch
+# Fix logpaths to use syslog macros
+# https://bugzilla.redhat.com/show_bug.cgi?id=1128152
+# https://github.com/fail2ban/fail2ban/pull/780
+Patch3: fail2ban-logpath.patch
BuildRequires: python2-devel
# For testcases
@@ -148,6 +152,7 @@ by default.
%patch0 -p1 -b .loglevel
%patch1 -p1 -b .tests-nonet
%patch2 -p1 -b .tests-syslog
+%patch3 -p1 -b .logpath
# Use Fedora paths
sed -i -e 's/^before = paths-.*/before = paths-fedora.conf/' config/jail.conf
# Start after firewalld (https://bugzilla.redhat.com/show_bug.cgi?id=1067147)
@@ -274,6 +279,9 @@ fi
%changelog
+* Fri Aug 8 2014 Orion Poplawski <orion at cora.nwra.com> - 0.9-8
+- Fix log paths for some jails (bug #1128152)
+
* Mon Jul 21 2014 Orion Poplawski <orion at cora.nwra.com> - 0.9-7
- Use systemd for EL7
More information about the scm-commits
mailing list