ports/164659: fail2ban overwrite config files

Matthias Fechner idefix at fechner.net
Tue Jan 31 11:30:19 UTC 2012 

The following reply was made to PR ports/164659; it has been noted by GNATS.

From: Matthias Fechner <idefix at fechner.net>
To: FreeBSD-gnats-submit at FreeBSD.org, freebsd-ports-bugs at FreeBSD.org
Cc:  
Subject: Re: ports/164659: fail2ban overwrite config files
Date: Tue, 31 Jan 2012 12:27:58 +0100

 This is a multi-part message in MIME format.
 --------------020808050508030908080707
 Content-Type: text/plain; charset=ISO-8859-15; format=flowed
 Content-Transfer-Encoding: 7bit
 
 what do you think about the attached patch?
 That should make clear how to configure and prevent the overwrite of the 
 config file with an update.
 
 Bye
 Matthias
 
 --------------020808050508030908080707
 Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0";
  name="fail2ban.patch"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
  filename="fail2ban.patch"
 
 diff -urN py-fail2ban.old/Makefile py-fail2ban/Makefile
 --- py-fail2ban.old/Makefile	2012-01-31 12:19:28.247134384 +0100
 +++ py-fail2ban/Makefile	2012-01-31 12:13:04.901139503 +0100
 @@ -23,6 +23,7 @@
  USE_PYDISTUTILS=	yes
  
  USE_RC_SUBR=	fail2ban
 +SUB_FILES=	pkg-message
  SUB_LIST+=	PYTHON_CMD=${PYTHON_CMD}
  
  PYDISTUTILS_INSTALLARGS+=	--install-purelib=${PYTHON_SITELIBDIR} \
 @@ -38,4 +39,7 @@
  post-patch:
  	@${ECHO_CMD} ${FILES} | ${XARGS} ${REINPLACE_CMD} -e 's,/etc/fail2ban,${ETCDIR},g'
  
 +post-install:
 +		@${CAT} ${PKGMESSAGE}
 +
  .include <bsd.port.mk>
 diff -urN py-fail2ban.old/files/pkg-message.in py-fail2ban/files/pkg-message.in
 --- py-fail2ban.old/files/pkg-message.in	1970-01-01 01:00:00.000000000 +0100
 +++ py-fail2ban/files/pkg-message.in	2012-01-31 12:18:31.331132519 +0100
 @@ -0,0 +1,19 @@
 +
 +To complete the configuration:
 +
 +1. Copy the standard config file to a local one:
 +      cp %%ETCDIR%%/jail.conf %%ETCDIR%%/jail.local
 +
 +2. Add new jails in the jail.local, e.g. for ssh:
 +[ssh-pf]
 +enabled = true
 +filter = bsd-sshd
 +action = pf[name=SSH, port=ssh, protocol=tcp]
 +logpath = /var/log/auth.log
 +
 +3. Enable fail2ban
 +   Edit /etc/rc.conf to enable it.
 +
 +4. Start it
 +   Use the start script in /usr/local/etc/rc.d/fail2ban start
 +
 
 --------------020808050508030908080707--

More information about the freebsd-ports-bugs mailing list