Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 896376 Details for
Bug 1097720
Request for update to 0.9.0
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
New spec file
fail2ban.spec (text/x-rpm-spec), 13.78 KB, created by
giulix
on 2014-05-16 11:55:42 UTC
(
hide
)
Description:
New spec file
Filename:
MIME Type:
Creator:
giulix
Created:
2014-05-16 11:55:42 UTC
Size:
13.78 KB
patch
obsolete
>Summary: Daemon to ban hosts that cause multiple authentication errors >Name: fail2ban >Version: 0.9 >Release: 1%{?dist} >License: GPLv2+ >URL: http://fail2ban.sourceforge.net/ >Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz ># Upstream patch to fix setting loglevel ># https://github.com/fail2ban/fail2ban/issues/657 >Patch0: fail2ban-loglevel.patch ># Upstream patch to skip tests with no-network ># https://github.com/fail2ban/fail2ban/issues/110 >Patch1: fail2ban-tests-nonet.patch ># Upstream patch to skip syslog tests without /dev/log ># https://github.com/fail2ban/fail2ban/issues/110 >Patch2: fail2ban-tests-syslog.patch ># Patch to fix syntax error >Patch3: fail2ban-badips.patch > >BuildRequires: python2-devel ># For testcases >BuildRequires: python-inotify >BuildArch: noarch >%if 0%{?fedora} >= 19 >BuildRequires: systemd >%endif ># Default components >Requires: %{name}-firewalld = %{version}-%{release} >Requires: %{name}-sendmail = %{version}-%{release} >Requires: %{name}-server = %{version}-%{release} >Requires: %{name}-systemd = %{version}-%{release} > >%description >Fail2Ban scans log files and bans IP addresses that makes too many password >failures. It updates firewall rules to reject the IP address. These rules can >be defined by the user. Fail2Ban can read multiple log files such as sshd or >Apache web server ones. > >Fail2Ban is able to reduce the rate of incorrect authentications attempts >however it cannot eliminate the risk that weak authentication presents. >Configure services to use only two factor or public/private authentication >mechanisms if you really want to protect services. > >This is a meta-package that will install the default configuration. Other >sub-packages are available to install support for other actions and >configurations. > > >%package server >Summary: Core server component for Fail2Ban >%if 0%{?fedora} >= 19 >Requires: systemd-python >Requires(post): systemd >Requires(preun): systemd >Requires(postun): systemd >%else >Requires: initscripts >Requires(post): /sbin/chkconfig >Requires(preun): /sbin/chkconfig >Requires(preun): /sbin/service >%endif >Requires: ipset >Requires: iptables > >%description server >This package contains the core server components for Fail2Ban with minimal >dependencies. You can install this directly if you want to have a small >installation and know what you are doing. > > >%package all >Summary: Install all Fail2Ban packages and dependencies >Requires: %{name}-firewalld = %{version}-%{release} >Requires: %{name}-hostsdeny = %{version}-%{release} >Requires: %{name}-mail = %{version}-%{release} >Requires: %{name}-sendmail = %{version}-%{release} >Requires: %{name}-server = %{version}-%{release} >Requires: %{name}-shorewall = %{version}-%{release} >Requires: %{name}-systemd = %{version}-%{release} >Requires: gamin-python >Requires: perl >Requires: python-inotify >Requires: /usr/bin/whois > >%description all >This package installs all of the Fail2Ban packages and dependencies. > > >%package firewalld >Summary: Firewalld support for Fail2Ban >Requires: %{name}-server = %{version}-%{release} >Requires: firewalld > >%description firewalld >This package enables support for manipulating firewalld rules. This is the >default firewall service in Fedora. > > >%package hostsdeny >Summary: Hostsdeny (tcp_wrappers) support for Fail2Ban >Requires: %{name}-server = %{version}-%{release} >Requires: ed >Requires: tcp_wrappers > >%description hostsdeny >This package enables support for manipulating tcp_wrapper's /etc/hosts.deny >files. > > >%package mail >Summary: Mail actions for Fail2Ban >Requires: %{name}-server = %{version}-%{release} >Requires: mailx > >%description mail >This package installs Fail2Ban's mail actions. These are an alternative >to the default sendmail actions. > > >%package sendmail >Summary: Sendmail actions for Fail2Ban >Requires: %{name}-server = %{version}-%{release} >Requires: /usr/sbin/sendmail > >%description sendmail >This package installs Fail2Ban's sendmail actions. This is the default >mail actions for Fail2Ban. > > >%package shorewall >Summary: Shorewall support for Fail2Ban >Requires: %{name}-server = %{version}-%{release} >Requires: shorewall > >%description shorewall >This package enables support for manipulating shoreall rules. > > >%package systemd >Summary: Systemd journal configuration for Fail2Ban >Requires: %{name}-server = %{version}-%{release} > >%description systemd >This package configures Fail2Ban to use the systemd journal for its log input >by default. > > >%prep >%setup -q >%patch0 -p1 -b .loglevel >%patch1 -p1 -b .tests-nonet >%patch2 -p1 -b .tests-syslog >%patch3 -p1 -b .badips ># Use Fedora paths >sed -i -e 's/^before = paths-.*/before = paths-fedora.conf/' config/jail.conf ># Start after firewalld (https://bugzilla.redhat.com/show_bug.cgi?id=1067147) >sed -i -e '/^After=/s/$/ firewalld.service/' files/fail2ban.service > >%build >python setup.py build > >%install >python setup.py install -O1 --root %{buildroot} >%if 0%{?fedora} >= 19 >mkdir -p %{buildroot}%{_unitdir} >cp -p files/fail2ban.service %{buildroot}%{_unitdir}/ >%else >mkdir -p %{buildroot}%{_initddir} >install -p -m 755 files/redhat-initd %{buildroot}%{_initddir}/fail2ban >%endif >mkdir -p %{buildroot}%{_mandir}/man{1,5} >install -p -m 644 man/*.1 %{buildroot}%{_mandir}/man1 >install -p -m 644 man/*.5 %{buildroot}%{_mandir}/man5 >mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d >install -p -m 644 files/fail2ban-logrotate %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban >install -d -m 0755 %{buildroot}%{_localstatedir}/run/fail2ban/ >install -d -m 0755 %{buildroot}%{_localstatedir}/lib/fail2ban/ >mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d >install -p -m 0644 files/fail2ban-tmpfiles.conf %{buildroot}%{_sysconfdir}/tmpfiles.d/fail2ban.conf ># Remove non-Linux actions >rm %{buildroot}%{_sysconfdir}/%{name}/action.d/*ipfw.conf >rm %{buildroot}%{_sysconfdir}/%{name}/action.d/{ipfilter,pf,ufw}.conf >rm %{buildroot}%{_sysconfdir}/%{name}/action.d/osx-*.conf ># firewalld configuration >cat > %{buildroot}%{_sysconfdir}/%{name}/jail.d/00-firewalld.conf <<EOF >[DEFAULT] >banaction = firewallcmd-ipset >EOF ># systemd journal configuration >cat > %{buildroot}%{_sysconfdir}/%{name}/jail.d/00-systemd.conf <<EOF >[DEFAULT] >backend=systemd >EOF ># Remove installed doc, use doc macro instead >rm -r %{buildroot}%{_docdir}/%{name} > >#%check >#./fail2ban-testcases-all --no-network > >%post server >%if 0%{?fedora} >= 19 >%systemd_post fail2ban.service >%else >/sbin/chkconfig --add %{name} >%endif > >%preun server >%if 0%{?fedora} >= 19 >%systemd_preun fail2ban.service >%else >if [ $1 = 0 ]; then > /sbin/service %{name} stop > /dev/null 2>&1 > /sbin/chkconfig --del %{name} >fi >%endif > >%if 0%{?fedora} >= 19 >%postun server >%systemd_postun_with_restart fail2ban.service >%endif > >%files > >%files server >%doc README.md TODO ChangeLog COPYING doc/*.txt >%{_bindir}/fail2ban-server >%{_bindir}/fail2ban-client >%{_bindir}/fail2ban-regex >%{_bindir}/fail2ban-testcases >%{python_sitelib}/* >%if 0%{?fedora} >= 19 >%{_unitdir}/fail2ban.service >%else >%{_initddir}/fail2ban >%endif >%{_mandir}/man1/fail2ban*.1* >%{_mandir}/man5/*.5* >%config(noreplace) %{_sysconfdir}/fail2ban >#%exclude %{_sysconfdir}/fail2ban/action.d/complain.conf >#%exclude %{_sysconfdir}/fail2ban/action.d/hostsdeny.conf >#%exclude %{_sysconfdir}/fail2ban/action.d/mail-*.conf >#%exclude %{_sysconfdir}/fail2ban/action.d/sendmail-*.conf >#%exclude %{_sysconfdir}/fail2ban/action.d/shorewall.conf >#%exclude %{_sysconfdir}/fail2ban/jail.d/*.conf >%config(noreplace) %{_sysconfdir}/logrotate.d/fail2ban >%config(noreplace) %{_sysconfdir}/tmpfiles.d/fail2ban.conf >%dir %{_localstatedir}/lib/fail2ban/ >%dir %{_localstatedir}/run/fail2ban/ > >%files all > >%files firewalld >%config(noreplace) %{_sysconfdir}/fail2ban/jail.d/00-firewalld.conf > >%files hostsdeny >%config(noreplace) %{_sysconfdir}/fail2ban/action.d/hostsdeny.conf > >%files mail >%config(noreplace) %{_sysconfdir}/fail2ban/action.d/complain.conf >%config(noreplace) %{_sysconfdir}/fail2ban/action.d/mail-*.conf > >%files sendmail >%config(noreplace) %{_sysconfdir}/fail2ban/action.d/sendmail-*.conf > >%files shorewall >%config(noreplace) %{_sysconfdir}/fail2ban/action.d/shorewall.conf > >%files systemd >%config(noreplace) %{_sysconfdir}/fail2ban/jail.d/00-systemd.conf > > >%changelog >* Thu Mar 20 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-5 >- Require mailx for /usr/bin/mailx > >* Thu Mar 20 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-4 >- Need empty %%files to produce main and -all package > >* Wed Mar 19 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-3 >- Split into sub-packages for different components >- Enable journal filter by default (bug #985567) >- Enable firewalld action by default (bug #1046816) >- Add upstream patch to fix setting loglevel in fail2ban.conf >- Add upstream patches to fix tests in mock, run tests > >* Tue Mar 18 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-2 >- Use Fedora paths >- Start after firewalld (bug #1067147) > >* Mon Mar 17 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-1 >- Update to 0.9 > >* Tue Sep 24 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.3.git1f1a561 >- Update to current 0.9 git branch >- Rebase init patch, drop jail.d and notmp patch applied upstream > >* Fri Aug 9 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.2.gitd529151 >- Ship jail.conf(5) man page >- Ship empty /etc/fail2ban/jail.d directory > >* Thu Aug 8 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.1.gitd529151 >- Update to 0.9 git branch >- Rebase patches >- Require systemd-python for journal support > >* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.10-2 >- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild > >* Wed Jun 12 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.10-1 >- Update to 0.8.10 security release >- Use upstream provided systemd files >- Drop upstreamed patches, rebase log2syslog and notmp patches > >* Fri Mar 15 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.8-4 >- Use systemd init for Fedora 19+ (bug #883158) > >* Thu Feb 14 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.8-3 >- Add patch from upstream to fix module imports (Bug #892365) >- Add patch from upstream to UTF-8 characters in syslog (Bug #905097) >- Drop Requires: tcp_wrappers and shorewall (Bug #781341) > >* Fri Jan 18 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.8-2 >- Add patch to prevent sshd blocks of successful logins for systems that use > sssd or ldap > >* Mon Dec 17 2012 Orion Poplawski <orion@cora.nwra.com> - 0.8.8-1 >- Update to 0.8.8 (CVE-2012-5642 Bug #887914) > >* Thu Oct 11 2012 Orion Poplawski <orion@cora.nwra.com> - 0.8.7.1-1 >- Update to 0.8.7.1 >- Drop fd_cloexec, pyinotify, and examplemail patches fixed upstream >- Rebase sshd and notmp patches >- Use _initddir macro > >* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.4-29 >- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild > >* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.4-28 >- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild > >* Sat Apr 9 2011 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.4-27 >- Move tmp files to /var/lib (suggested by Phil Anderson). >- Enable inotify support (by Jonathan Underwood). >- Fixes RH bugs #669966, #669965, #551895, #552947, #658849, #656584. > >* Sun Feb 14 2010 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.4-24 >- Patch by Jonathan G. Underwood <jonathan.underwood@gmail.com> to > cloexec another fd leak. > >* Fri Sep 11 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.4-23 >- update to 0.8.4. > >* Wed Sep 2 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.3-22 >- Update to a newer svn snapshot to fix python 2.6 issue. > >* Thu Aug 27 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.3-21 >- Log to syslog (RH bug #491983). Also deals with RH bug #515116. >- Check inodes of log files (RH bug #503852). > >* Sat Feb 14 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.3-18 >- Fix CVE-2009-0362 (Fedora bugs #485461, #485464, #485465, #485466). > >* Mon Dec 01 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 0.8.3-17 >- Rebuild for Python 2.6 > >* Sun Aug 24 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.3-16 >- Update to 0.8.3. > >* Wed May 21 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.8.2-15 >- fix license tag > >* Thu Mar 27 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.2-14 >- Close on exec fixes by Jonathan Underwood. > >* Sun Mar 16 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.2-13 >- Add %%{_localstatedir}/run/fail2ban (David Rees). > >* Fri Mar 14 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.2-12 >- Update to 0.8.2. > >* Thu Jan 31 2008 Jonathan G. Underwood <jonathan.underwood@gmail.com> - 0.8.1-11 >- Move socket file from /tmp to /var/run to prevent SElinux from stopping > fail2ban from starting (BZ #429281) >- Change logic in init file to start with -x to remove the socket file in case > of unclean shutdown > >* Wed Aug 15 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.1-10 >- Update to 0.8.1. >- Remove patch fixing CVE-2007-4321 (upstream). >- Remove AllowUsers patch (upstream). >- Add dependency to gamin-python. > >* Thu Jun 21 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-9 >- Fix remote log injection (no CVE assignment yet). > >* Sun Jun 3 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-8 >- Also trigger on non-AllowUsers failures (Jonathan Underwood > <jonathan.underwood@gmail.com>). > >* Wed May 23 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-7 >- logrotate should restart fail2ban (Zing <zing@fastmail.fm>). >- send mail to root; logrotate (Jonathan Underwood > <jonathan.underwood@gmail.com>) > >* Sat May 19 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-4 >- Update to 0.8.0. >- enable ssh by default, fix log file for ssh scanning, adjust python > dependency (Jonathan Underwood <jonathan.underwood@gmail.com>) > >* Sat Dec 30 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.6.2-3 >- Remove forgotten condrestart. > >* Fri Dec 29 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.6.2-2 >- Move /usr/lib/fail2ban to %%{_datadir}/fail2ban. >- Don't default chkconfig to enabled. >- Add dependencies on service/chkconfig. >- Use example iptables/ssh config as default config. > >* Mon Dec 25 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.6.2-1 >- Initial build.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=896376">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 1097720
:
895965
|
895966
| 896376 |
902475
|
902476