Bug 450222

Summary:	Denyhosts purge command cannot find configuration file
Product:	[Fedora] Fedora	Reporter:	srh <srhtemp1>
Component:	denyhosts	Assignee:	Jason Tibbitts <j>
Status:	CLOSED NEXTRELEASE	QA Contact:	Fedora Extras Quality Assurance <extras-qa>
Severity:	medium	Docs Contact:
Priority:	low
Version:	9	CC:	dennis
Target Milestone:	---
Target Release:	---
Hardware:	i386
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2008-07-05 18:41:36 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description srh 2008-06-05 23:00:20 UTC

Description of problem:
The denyhosts --purge command removes any blocked IPs in /etc/hosts.deny older
than the PURGE_DENY variable set in /etc/denyhosts.conf. When I stop the
denyhosts service, and run the purge command, an error comes up:

[root@XXXXX XXXX]# /usr/bin/denyhosts.py --purge
Error reading file: denyhosts.cfg
[Errno 2] No such file or directory: 'denyhosts.cfg'
[root@sXXXXX XXXX]#

Should denyhosts be looking for denyhosts.conf, not denyhosts.cfg???

Version-Release number of selected component (if applicable):
denyhosts.noarch 2.6-8.fc9

How reproducible:
Always

Steps to Reproduce:
1. service denyhosts stop
2. denyhosts.py --purge
3. error message produced
  
Actual results:
error

Expected results:
successful purge command

Additional info:

Comment 1 Jason Tibbitts 2008-06-06 01:09:48 UTC

Well, the default config file in the denyhosts executable is
/usr/share/denyhosts/denyhosts.cfg; Fedora uses /etc/denyhosts.conf but of
course you're welcome to use whatever config file you like.

I suppose it's theoretically possible to patch the denyhosts executable but
honestly I try to patch the upstream sources as little as I can get away with.

I don't really see this as a bug, but I'll give it some thought.

Comment 2 srh 2008-06-06 04:42:41 UTC

If Fedora has decided to actively change the default config to
/etc/denyhosts.conf (which is a reasonable action for how this distro organises
things), then ALL default aspects of denyhosts should point to this. This
particular config file is where the action happens, not a copy of the config
file pasted elsewhere. That is just confusing.

Comment 3 Jason Tibbitts 2008-06-06 05:01:03 UTC

Well, Fedora hasn't decided to actively change the default config to
/etc/denyhosts.conf.  In fact, the fact that it Fedora doesn't do that is the
reason you've opened this ticket.  The initscripts and crontabs all specify a
config file location and don't rely on the default setting.

You are asking that we introduce a variance from the upstream sources.  If you
installed the Fedora package, tossed the initscript and decided to roll your
own, you wouldn't be able to use existing documentation because Fedora would
have changed the behavior of the program.

I indicated that I would give this some thought, and I will do that.  I will
consult other Fedora packagers and get their input.  I have to balance your
valid concerns against the above valid concerns, and I promise I won't make a
snap judgment.  Just give me some time to consider the options.

Comment 4 srh 2008-06-06 09:34:38 UTC

No rush at all in the decision making. I can work around the problem easily
enough meanwhile. I do not actually mind how the system works in the end, so
long as it is well thought out, logical and consistent. Thats what all software
aspires to. Following upstream closely is also very good in general.

I only started this bug as it appears there is a possibly inconsistency
(previously unnoticed??) as to where different software tools look for the
config file. However, it makes sense to have only one config file, and also for
the --purge command to work, as explained on the denyhosts website.

Comment 5 Jason Tibbitts 2008-07-02 03:40:29 UTC

I did some work on denyhosts today.

Regarding your problem, inspection reveals that what you want to work wouldn't
work even if we hadn't used a different name for the configuration file, because
denyhosts.py only looks for the config file in the current directory.

I just patched it to default to /etc/denyhosts.conf.  Given the mostly useless
default behavior I think there's a low possibility of anyone depending on it, so
I feel confident in pushing this to F9.  Please do test and comment on the
update as  appropriate.

Comment 6 Fedora Update System 2008-07-02 03:41:15 UTC

denyhosts-2.6-10.fc9 has been submitted as an update for Fedora 9

Comment 7 Fedora Update System 2008-07-03 03:13:26 UTC

denyhosts-2.6-10.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update denyhosts'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-6008

Comment 8 srh 2008-07-05 04:51:57 UTC

I have installed and from updates-testing. The command "/usr/bin/denyhosts.py
--purge" now works as expected with the default /etc/denyhosts.conf.

Thanks for fixing this issue for Fedora. Perhaps this issue could be forwarded
upstream, so some easy upstream solution could be implemented.

Comment 9 Jason Tibbitts 2008-07-05 18:41:36 UTC

Thanks for testing; don't forget to make a note in the update system so that
this can be pushed to the stable repository.

Comment 10 Fedora Update System 2008-07-09 21:49:55 UTC

denyhosts-2.6-10.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.