[denyhosts] Run the daemon properly in the foreground.
Jason ティビツ
tibbs at fedoraproject.org
Fri Feb 6 01:12:58 UTC 2015
commit 149c483be09d537a76ffc0f66d4d30d35d41228f
Author: Jason Tibbitts <tibbs at math.uh.edu>
Date: Thu Feb 5 19:12:21 2015 -0600
Run the daemon properly in the foreground.
denyhosts-2.9-foreground.patch | 11 +++++++++++
denyhosts-2.9-unlock.patch | 23 +++++++++++++++++++++++
denyhosts.service | 5 +----
denyhosts.spec | 8 +++++++-
4 files changed, 42 insertions(+), 5 deletions(-)
---
diff --git a/denyhosts-2.9-foreground.patch b/denyhosts-2.9-foreground.patch
new file mode 100644
index 0000000..8738e76
--- /dev/null
+++ b/denyhosts-2.9-foreground.patch
@@ -0,0 +1,11 @@
+--- denyhosts.py.orig 2015-02-05 19:05:53.549166497 -0600
++++ denyhosts.py 2015-02-05 19:07:22.218959351 -0600
+@@ -143,7 +143,7 @@
+ print e
+ sys.exit(1)
+
+- setup_logging(prefs, enable_debug, verbose, daemon)
++ setup_logging(prefs, enable_debug, verbose, 1)
+
+ if not logfiles or daemon:
+ logfiles = [prefs.get('SECURE_LOG')]
diff --git a/denyhosts-2.9-unlock.patch b/denyhosts-2.9-unlock.patch
new file mode 100644
index 0000000..abd671c
--- /dev/null
+++ b/denyhosts-2.9-unlock.patch
@@ -0,0 +1,23 @@
+diff --git denyhosts.py denyhosts.py
+index feaaa60..b74a53d 100755
+--- denyhosts.py
++++ denyhosts.py
+@@ -107,6 +107,8 @@ if __name__ == '__main__':
+ purge = 1
+ if opt in ('-s', '--sync'):
+ sync_mode = 1
++ if opt in ('-s', '--unlock'):
++ unlock = 1
+ if opt == '--daemon':
+ daemon = 1
+ if opt == '--foreground':
+@@ -144,6 +146,9 @@ if __name__ == '__main__':
+
+ lock_file = LockFile(prefs.get('LOCK_FILE'))
+
++ if unlock:
++ lock_file.remove()
++
+ lock_file.create()
+
+ if upgrade099 and not (daemon or foreground):
diff --git a/denyhosts.service b/denyhosts.service
index abe01ca..691248c 100644
--- a/denyhosts.service
+++ b/denyhosts.service
@@ -3,10 +3,7 @@ Description=SSH log watcher
Before=sshd.service
[Service]
-Type=forking
-ExecStartPre=/bin/rm -f /run/lock/subsys/denyhosts
-ExecStart=/usr/bin/denyhosts.py --daemon --config=/etc/denyhosts.conf
-PIDFile=/run/denyhosts.pid
+ExecStart=/usr/bin/denyhosts.py --foreground --unlock --config=/etc/denyhosts.conf
[Install]
WantedBy=multi-user.target
diff --git a/denyhosts.spec b/denyhosts.spec
index 1b72784..ed88bce 100644
--- a/denyhosts.spec
+++ b/denyhosts.spec
@@ -1,6 +1,6 @@
Name: denyhosts
Version: 2.9
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: A script to help thwart ssh server attacks
Group: Applications/System
@@ -18,6 +18,8 @@ Patch2: denyhosts-2.9-commandlinesync.patch
Patch3: denyhosts-2.9-hostname.patch
Patch4: denyhosts-2.9-noiptables.patch
Patch5: denyhosts-2.9-noetcdir.patch
+Patch6: denyhosts-2.9-unlock.patch
+Patch7: denyhosts-2.9-foreground.patch
BuildArch: noarch
BuildRequires: python2-devel systemd-units
@@ -132,6 +134,10 @@ done
%dir /var/lib/denyhosts
%changelog
+* Thu Feb 05 2015 Jason L Tibbitts III <tibbs at math.uh.edu> - 2.9-4
+- Add patched implementing --unlock and allowing logging while running in the
+ foreground. Adapt the .service file to use these.
+
* Thu Feb 05 2015 Jason L Tibbitts III <tibbs at math.uh.edu> - 2.9-3
- Allow configurations without ETC_DIR.
More information about the scm-commits
mailing list