ports/180327: bug fix: bugfixes for security/py-fail2ban port
Nick Hilliard
nick at foobar.org
Fri Jul 5 16:10:01 UTC 2013
>Number: 180327
>Category: ports
>Synopsis: bug fix: bugfixes for security/py-fail2ban port
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Fri Jul 05 16:10:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Nick Hilliard
>Release: FreeBSD 9.0-RELEASE amd64
>Organization:
Network Ability Ltd
>Environment:
System: FreeBSD 9.0-RELEASE
>Description:
this patch fixes two bugs:
- installation / removal stomps all over existing configuration files, which
means that upgrading destroys existing configs.
- default to /var/log/auth.log instead of /var/log/sshd.log in jail.conf.
auth.log exists by default on all freebsd installations; sshd.log doesn't.
>How-To-Repeat:
>Fix:
diff -bNur py-fail2ban.orig/Makefile py-fail2ban/Makefile
--- py-fail2ban.orig/Makefile 2013-07-05 12:13:41.000000000 +0100
+++ py-fail2ban/Makefile 2013-07-05 16:37:47.000000000 +0100
@@ -3,6 +3,7 @@
PORTNAME= fail2ban
PORTVERSION= 0.8.9
+PORTREVISION= 1
CATEGORIES= security python
MASTER_SITES= https://github.com/${PORTNAME}/${PORTNAME}/tarball/${PORTVERSION}/
PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX}
@@ -38,12 +39,17 @@
${WRKSRC}/client/configreader.py \
${WRKSRC}/fail2ban-client
+CONFFILES= fail2ban.conf jail.conf
+
.include <bsd.port.options.mk>
post-patch:
@${ECHO_CMD} ${FILES} | ${XARGS} ${REINPLACE_CMD} -e 's,/etc/fail2ban,${ETCDIR},g'
@${REINPLACE_CMD} -e 's,/bin/grep,grep,g' \
${WRKSRC}/config/action.d/sendmail-whois-lines.conf
+.for f in ${CONFFILES}
+ @${INSTALL_DATA} ${WRKSRC}/config/${f} ${WRKSRC}/config/${f}.dist
+.endfor
post-install:
.if ${PORT_OPTIONS:MDOCS}
diff -bNur py-fail2ban.orig/files/patch-jail.conf py-fail2ban/files/patch-jail.conf
--- py-fail2ban.orig/files/patch-jail.conf 1970-01-01 01:00:00.000000000 +0100
+++ py-fail2ban/files/patch-jail.conf 2013-07-05 12:17:46.000000000 +0100
@@ -0,0 +1,11 @@
+--- config/jail.conf.orig 2013-07-05 12:16:39.000000000 +0100
++++ config/jail.conf 2013-07-05 12:17:20.000000000 +0100
+@@ -400,7 +400,7 @@
+ enabled=false
+ filter = sshd
+ action = pf
+-logpath = /var/log/sshd.log
++logpath = /var/log/auth.log
+ maxretry=5
+
+
diff -bNur py-fail2ban.orig/files/patch-setup.py py-fail2ban/files/patch-setup.py
--- py-fail2ban.orig/files/patch-setup.py 2013-07-05 12:13:41.000000000 +0100
+++ py-fail2ban/files/patch-setup.py 2013-07-05 16:34:24.000000000 +0100
@@ -1,5 +1,14 @@
---- setup.py.orig 2013-06-10 03:40:55.000000000 -0400
-+++ setup.py 2013-06-10 03:41:17.000000000 -0400
+--- setup.py.orig 2013-05-13 16:24:07.000000000 +0100
++++ setup.py 2013-07-05 16:32:15.000000000 +0100
+@@ -57,7 +57,7 @@
+ ],
+ data_files = [
+ ('/etc/fail2ban',
+- glob("config/*.conf")
++ glob("config/*.conf.dist")
+ ),
+ ('/etc/fail2ban/filter.d',
+ glob("config/filter.d/*.conf")
@@ -67,9 +67,6 @@
),
('/var/run/fail2ban',
@@ -10,3 +19,4 @@
)
]
)
+
diff -bNur py-fail2ban.orig/pkg-plist py-fail2ban/pkg-plist
--- py-fail2ban.orig/pkg-plist 2013-07-05 12:13:41.000000000 +0100
+++ py-fail2ban/pkg-plist 2013-07-05 16:27:14.000000000 +0100
@@ -26,7 +26,7 @@
%%ETCDIR%%/action.d/sendmail-whois.conf
%%ETCDIR%%/action.d/sendmail.conf
%%ETCDIR%%/action.d/shorewall.conf
-%%ETCDIR%%/fail2ban.conf
+%%ETCDIR%%/fail2ban.conf.dist
%%ETCDIR%%/filter.d/apache-auth.conf
%%ETCDIR%%/filter.d/apache-badbots.conf
%%ETCDIR%%/filter.d/apache-nohome.conf
@@ -66,7 +66,7 @@
%%ETCDIR%%/filter.d/webmin-auth.conf
%%ETCDIR%%/filter.d/wuftpd.conf
%%ETCDIR%%/filter.d/xinetd-fail.conf
-%%ETCDIR%%/jail.conf
+%%ETCDIR%%/jail.conf.dist
%%PYTHON_SITELIBDIR%%/client/__init__.py
%%PYTHON_SITELIBDIR%%/client/__init__.pyc
%%PYTHON_SITELIBDIR%%/client/actionreader.py
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list