Description of problem: ``sshguard`` package lacks of ``sshguard.conf``, so it doesn't start by default. It has example (I was able to find it using ``rpm -q -l sshguard``) but it contains wrong path to the backend. I understand that we can't configure sshguard automatically since we do not know if user prefers firewall-cmd, iptables or ipset, but could we please have ``sshguard.conf`` with at least one backend configured (others could be simply commented)? Steps to Reproduce: # dnf install sshguard # systemctl start sshguard use journalctl to see errors. Actual results: You should see error saying no ``sshguard.conf`` exist
Thanks for reporting. On Fedora & EPEL8, configuration is contained in packages sshguard-<backend>, which are pulled in via weak dependencies depending on which firewall the user has installed. The error is that right now the package doesn't require any of those config packages, so if people can end up with no config at all. I'll fix that. In the meantime, as a workaround you can - remove the example config file from /etc & install the sshguard-<backend> package for your firewall or - uninstall sshguard and reinstall it with weak dependencies enabled.
Hello. Thank you. I cant find any separate package for backend, by the way. ``` $ cat /etc/redhat-release CentOS Linux release 8.3.2011 $ dnf search sshguard\* Last metadata expiration check: 0:03:00 ago on Mon 22 Feb 2021 07:51:06 PM MSK. ======================================================================== Name Matched: sshguard* ========================================================================= sshguard.x86_64 : Protects hosts from brute-force attacks against SSH and other services $ $ dnf list | grep sshgu sshguard.x86_64 2.4.1-1.el8 epel ``` All files are in ``sshguard`` package instead ``` $ rpm -q -l sshguard | grep sshg- /usr/libexec/sshguard/sshg-blocker /usr/libexec/sshguard/sshg-fw-firewalld /usr/libexec/sshguard/sshg-fw-hosts /usr/libexec/sshguard/sshg-fw-ipfilter /usr/libexec/sshguard/sshg-fw-ipfw /usr/libexec/sshguard/sshg-fw-ipset /usr/libexec/sshguard/sshg-fw-iptables /usr/libexec/sshguard/sshg-fw-nft-sets /usr/libexec/sshguard/sshg-fw-null /usr/libexec/sshguard/sshg-fw-pf /usr/libexec/sshguard/sshg-logtail /usr/libexec/sshguard/sshg-parser ``` I tried to install it with ``dnf --setopt=install_weak_deps=True`` but obviously got nothing
That backends are always included, it's just the corresponding config that is split out. OK, I'll see why those other packages are missing in the repos. That is very weird.
FEDORA-2021-24fe20bf97 has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2021-24fe20bf97
FEDORA-EPEL-2021-2e7114e329 has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-2e7114e329
I've pushed an update that should fix this issue. Sshguard should automatically pull in one of it's config packages (the one matching your installed firewall, if you have weak dependencies enabled). Let me know if you have any problems.
FEDORA-2021-24fe20bf97 has been pushed to the Fedora 34 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-24fe20bf97` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-24fe20bf97 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2021-2e7114e329 has been pushed to the Fedora EPEL 8 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-2e7114e329 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-116ac896ae has been pushed to the Fedora 33 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-116ac896ae` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-116ac896ae See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-116ac896ae has been pushed to the Fedora 33 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2021-2e7114e329 has been pushed to the Fedora EPEL 8 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2021-24fe20bf97 has been pushed to the Fedora 34 stable repository. If problem still persists, please make note of it in this bug report.