Bug 1097720 - Request for update to 0.9.0
Summary: Request for update to 0.9.0
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: fail2ban
Version: el6
Hardware: Unspecified
OS: Linux
Target Milestone: ---
Assignee: Orion Poplawski
QA Contact: Fedora Extras Quality Assurance
: 1190909 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2014-05-14 12:07 UTC by giulix
Modified: 2015-08-25 15:01 UTC (History)
7 users (show)

Fixed In Version: fail2ban-0.9.2-1.el6
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2015-08-21 21:05:16 UTC
Type: Bug

Attachments (Terms of Use)
Modified spec file (13.77 KB, text/x-rpm-spec)
2014-05-15 14:52 UTC, giulix
no flags Details
Patch for file badips.py (863 bytes, patch)
2014-05-15 14:53 UTC, giulix
no flags Details | Diff
New spec file (13.78 KB, text/x-rpm-spec)
2014-05-16 11:55 UTC, giulix
no flags Details
Spec file with rhel6 changes (14.20 KB, text/x-rpm-spec)
2014-06-05 10:00 UTC, Cyril
no flags Details
added ignoreregex line to recidive filter (399 bytes, patch)
2014-06-05 10:01 UTC, Cyril
no flags Details | Diff

Description giulix 2014-05-14 12:07:36 UTC
Description of problem: Upstream has significant new features that make current version outdated.

Version-Release number of selected component (if applicable): 0.8.11-2

How reproducible: N.A.

Steps to Reproduce: N.A.

Actual results: Less features, still some open bugs

Expected results: More features, some bugs fixed

Additional info:

Comment 1 giulix 2014-05-15 14:52:41 UTC
Created attachment 895965 [details]
Modified spec file

Comment 2 giulix 2014-05-15 14:53:50 UTC
Created attachment 895966 [details]
Patch for file badips.py

Comment 3 giulix 2014-05-15 14:57:21 UTC
Builds with Fedora 21 source rpm and these modifications:

Modified .spec file
	updated release 5->1
	added patch
	removed tests execution

It will add dependencies libmnl and ipset.

Fedora 21 source RPM:

Sorry for multiple posts (no idea how to attach multiple files to a new comment).

Comment 4 giulix 2014-05-16 11:55:42 UTC
Created attachment 896376 [details]
New spec file

Some configuration files (e.g. action.d dir) were excluded from build. Now they are included.

Comment 5 Cyril 2014-06-05 10:00:16 UTC
I used your spec file and made some edits for RH6 builds with regards to systemd, firewalld and tmpfiles.d

Added a small patch for the recidive plugin and added logfile creation for /var/log/fail2ban.log.

Comment 6 Cyril 2014-06-05 10:00:25 UTC
Created attachment 902475 [details]
Spec file with rhel6 changes

Comment 7 Cyril 2014-06-05 10:01:37 UTC
Created attachment 902476 [details]
added ignoreregex line to recidive filter

Comment 8 Orion Poplawski 2014-07-21 23:16:52 UTC
I'm very hesitant to do this due to the large number of changes to the configuration files.

Comment 9 Orion Poplawski 2015-02-09 23:55:49 UTC
*** Bug 1190909 has been marked as a duplicate of this bug. ***

Comment 10 Gerwin Krist 2015-04-04 14:53:10 UTC
Any update on this one? Managing f2b on EL6 and EL7 is completely different now.

Comment 11 Gerwin Krist 2015-04-05 12:38:51 UTC

Could anyone tell me whats the problem atm? I used the spec file from the EL7 release and added some minor if/else changes based on OS version (eg. skipping systemd and firewalld). 

It builds without problems and seems to work. 

Or is the main pain with the 0.9 release that configuration changes are quiet big and do not find in a LTS version?

Comment 12 giulix 2015-04-05 19:39:57 UTC
Epel 6 still has 0.8.14 only. I don't know why it can't be updated to 0.9.1. Only Orion can answer your question. If your spec file builds ok on epel 6 too, and the only concern is stability, admins could be given the choice to install either 0.8.14 or 0.9.1.

Comment 13 Orion Poplawski 2015-04-07 22:01:26 UTC
Please give the package from https://copr.fedoraproject.org/coprs/orion/fail2ban-el6/ a try.  If everyone reports smooth upgrades with no surprises, I'll update the EPEL6 package to it.

Comment 14 Korthrun 2015-05-11 19:49:51 UTC
For what it's worth, so far so good.

I have done clean installs, updates to hosts with simple configs and updates to one host with a less than simple config.

No issues thus far!

Comment 15 Fedora Update System 2015-05-26 21:45:59 UTC
fail2ban-0.9.2-1.el6 has been submitted as an update for Fedora EPEL 6.

Comment 16 Fedora Update System 2015-05-29 21:47:58 UTC
Package fail2ban-0.9.2-1.el6:
* should fix your issue,
* was pushed to the Fedora EPEL 6 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=epel-testing fail2ban-0.9.2-1.el6'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).

Comment 17 Fedora Update System 2015-07-23 19:15:49 UTC
fail2ban-0.9.2-1.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 18 Patrick C. F. Ernzer 2015-08-11 10:26:49 UTC
root@sl6 ~ # yum update
Loaded plugins: downloadonly, security
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package fail2ban.noarch 0:0.8.14-2.el6 will be updated
---> Package fail2ban.noarch 0:0.9.2-1.el6 will be an update
--> Processing Dependency: ipset for package: fail2ban-0.9.2-1.el6.noarch
--> Finished Dependency Resolution
Error: Package: fail2ban-0.9.2-1.el6.noarch (epel)
           Requires: ipset
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest
root@sl6 ~ # uname -r

Comment 19 Orion Poplawski 2015-08-11 16:05:14 UTC
Works for me:

Dependencies Resolved

 Package         Arch      Version          Repository                   Size
 fail2ban        noarch    0.9.2-1.el6      epel                         410 k
Installing for dependencies:
 gamin-python    x86_64    0.1.10-9.el6     rhel-6-server-rpms           33 k
 ipset           x86_64    6.11-4.el6       rhel-6-server-rpms           63 k
 libmnl          x86_64    1.0.2-3.el6      rhel-6-server-rpms           21 k
 python-inotify  noarch    0.9.1-1.el6      epel                         50 k

Comment 20 Patrick C. F. Ernzer 2015-08-25 11:41:31 UTC
doh! my bad, this box runs SL6, not RHEL6.
Sorry for the noise.

Comment 21 Orion Poplawski 2015-08-25 15:01:56 UTC
Should work fine on SL6 too:

Installed Packages
ipset.x86_64            6.11-3.el6                  @sl

Note You need to log in before you can comment on or make changes to this bug.