From 81c8227c5ed9c86bf8080843b53216edff5c7b7d Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mar 28 2018 19:56:34 +0000 Subject: Update to 0.10.2 --- diff --git a/.gitignore b/.gitignore index de75998..2ae54fe 100644 --- a/.gitignore +++ b/.gitignore @@ -15,3 +15,4 @@ fail2ban-0.8.4.tar.bz2 /fail2ban-0.9.7.tar.gz /fail2ban-0.10.0.tar.gz /fail2ban-0.10.1.tar.gz +/fail2ban-0.10.2.tar.gz diff --git a/eac80966c503b0bc940c119d9a0adafb9ccf50d4.patch b/eac80966c503b0bc940c119d9a0adafb9ccf50d4.patch deleted file mode 100644 index 269ba80..0000000 --- a/eac80966c503b0bc940c119d9a0adafb9ccf50d4.patch +++ /dev/null @@ -1,39 +0,0 @@ -From eac80966c503b0bc940c119d9a0adafb9ccf50d4 Mon Sep 17 00:00:00 2001 -From: sebres -Date: Fri, 24 Nov 2017 12:54:45 +0100 -Subject: [PATCH] Fix scripts-root within `fail2ban.service` (relative install - root-base directory). This is amend for - e3b061e94b54067525c5e7f2ac716d1c838c9f20. Closes gh-1964 - ---- - setup.py | 10 ++++++++-- - 1 file changed, 8 insertions(+), 2 deletions(-) - -diff --git a/setup.py b/setup.py -index 11748778b..5dbd5b1ae 100755 ---- a/setup.py -+++ b/setup.py -@@ -88,7 +88,13 @@ def get_outputs(self): - - def update_scripts(self, dry_run=False): - buildroot = os.path.dirname(self.build_dir) -- print('Creating %s/fail2ban.service (from fail2ban.service.in): @BINDIR@ -> %s' % (buildroot, self.install_dir)) -+ try: -+ root = self.distribution.command_options['install']['root'][1] -+ if self.install_dir.startswith(root): -+ install_dir = self.install_dir[len(root):] -+ except: # pragma: no cover -+ print('WARNING: Cannot find root-base option, check the bin-path to fail2ban-scripts in "fail2ban.service".') -+ print('Creating %s/fail2ban.service (from fail2ban.service.in): @BINDIR@ -> %s' % (buildroot, install_dir)) - with open(os.path.join(source_dir, 'files/fail2ban.service.in'), 'r') as fn: - lines = fn.readlines() - fn = None -@@ -96,7 +102,7 @@ def update_scripts(self, dry_run=False): - fn = open(os.path.join(buildroot, 'fail2ban.service'), 'w') - try: - for ln in lines: -- ln = re.sub(r'@BINDIR@', lambda v: self.install_dir, ln) -+ ln = re.sub(r'@BINDIR@', lambda v: install_dir, ln) - if dry_run: - sys.stdout.write(' | ' + ln) - continue diff --git a/fail2ban-ipset.patch b/fail2ban-ipset.patch deleted file mode 100644 index 205f3e2..0000000 --- a/fail2ban-ipset.patch +++ /dev/null @@ -1,37 +0,0 @@ -diff -up fail2ban-0.10.1/config/action.d/firewallcmd-ipset.conf.ipset fail2ban-0.10.1/config/action.d/firewallcmd-ipset.conf ---- fail2ban-0.10.1/config/action.d/firewallcmd-ipset.conf.ipset 2017-10-12 05:46:46.000000000 -0600 -+++ fail2ban-0.10.1/config/action.d/firewallcmd-ipset.conf 2017-12-30 12:51:29.714747457 -0700 -@@ -18,7 +18,7 @@ before = firewallcmd-common.conf - - [Definition] - --actionstart = ipset create hash:ip timeout -+actionstart = ipset create hash:ip timeout - firewall-cmd --direct --add-rule filter 0 -p -m multiport --dports -m set --match-set src -j - - actionstop = firewall-cmd --direct --remove-rule filter 0 -p -m multiport --dports -m set --match-set src -j -@@ -45,10 +45,12 @@ chain = INPUT_direct - bantime = 600 - - ipmset = f2b- -+familyopt = - - [Init?family=inet6] - - ipmset = f2b-6 -+familyopt = family inet6 - - - # DEV NOTES: -diff -up fail2ban-0.10.1/fail2ban/tests/servertestcase.py.ipset fail2ban-0.10.1/fail2ban/tests/servertestcase.py ---- fail2ban-0.10.1/fail2ban/tests/servertestcase.py.ipset 2017-12-30 12:51:29.714747457 -0700 -+++ fail2ban-0.10.1/fail2ban/tests/servertestcase.py 2017-12-30 12:52:05.823412753 -0700 -@@ -1644,7 +1644,7 @@ class ServerConfigReaderTests(LogCapture - "`firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp -m multiport --dports http -m set --match-set f2b-j-w-fwcmd-ipset src -j REJECT --reject-with icmp-port-unreachable`", - ), - 'ip6-start': ( -- "`ipset create f2b-j-w-fwcmd-ipset6 hash:ip timeout 600`", -+ "`ipset create f2b-j-w-fwcmd-ipset6 hash:ip timeout 600 family inet6`", - "`firewall-cmd --direct --add-rule ipv6 filter INPUT 0 -p tcp -m multiport --dports http -m set --match-set f2b-j-w-fwcmd-ipset6 src -j REJECT --reject-with icmp6-port-unreachable`", - ), - 'stop': ( diff --git a/fail2ban-partof.patch b/fail2ban-partof.patch index 353d7b0..db0fae3 100644 --- a/fail2ban-partof.patch +++ b/fail2ban-partof.patch @@ -1,12 +1,12 @@ -diff -up fail2ban-0.10.1/files/fail2ban.service.in.partof fail2ban-0.10.1/files/fail2ban.service.in ---- fail2ban-0.10.1/files/fail2ban.service.in.partof 2017-10-12 05:46:46.000000000 -0600 -+++ fail2ban-0.10.1/files/fail2ban.service.in 2017-11-14 09:25:23.163912667 -0700 +diff -up fail2ban-0.10.2/files/fail2ban.service.in.partof fail2ban-0.10.2/files/fail2ban.service.in +--- fail2ban-0.10.2/files/fail2ban.service.in.partof 2018-03-28 09:07:46.990072640 -0600 ++++ fail2ban-0.10.2/files/fail2ban.service.in 2018-03-28 09:08:54.360701976 -0600 @@ -2,7 +2,7 @@ Description=Fail2Ban Service Documentation=man:fail2ban(1) - After=network.target iptables.service firewalld.service --PartOf=iptables.service firewalld.service -+PartOf=firewalld.service + After=network.target iptables.service firewalld.service ip6tables.service ipset.service +-PartOf=iptables.service firewalld.service ip6tables.service ipset.service ++PartOf=firewalld.service ipset.service [Service] Type=simple diff --git a/fail2ban-sendmail.patch b/fail2ban-sendmail.patch deleted file mode 100644 index ccd6328..0000000 --- a/fail2ban-sendmail.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up fail2ban-0.10.0/config/filter.d/sendmail-auth.conf.sendmail fail2ban-0.10.0/config/filter.d/sendmail-auth.conf ---- fail2ban-0.10.0/config/filter.d/sendmail-auth.conf.sendmail 2017-09-20 20:01:34.624748219 -0600 -+++ fail2ban-0.10.0/config/filter.d/sendmail-auth.conf 2017-09-20 20:02:56.902880330 -0600 -@@ -7,7 +7,7 @@ before = common.conf - - [Definition] - --_daemon = (?:sm-(mta|acceptingconnections)) -+_daemon = (?:sendmail|sm-(?:mta|acceptingconnections)) - - failregex = ^%(__prefix_line)s\w{14}: (\S+ )?\[\]( \(may be forged\))?: possible SMTP attack: command=AUTH, count=\d+$ - diff --git a/fail2ban.spec b/fail2ban.spec index 8956a5e..14f9a3b 100644 --- a/fail2ban.spec +++ b/fail2ban.spec @@ -1,30 +1,20 @@ Summary: Daemon to ban hosts that cause multiple authentication errors Name: fail2ban -Version: 0.10.1 -Release: 4%{?dist} +Version: 0.10.2 +Release: 1%{?dist} License: GPLv2+ URL: http://fail2ban.sourceforge.net/ Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz -# Fix buildroot issue -# https://github.com/fail2ban/fail2ban/issues/1964 -Patch0: https://github.com/fail2ban/fail2ban/commit/eac80966c503b0bc940c119d9a0adafb9ccf50d4.patch -# Fix ipset issue -# https://bugzilla.redhat.com/show_bug.cgi?id=1525134 -# https://github.com/fail2ban/fail2ban/issues/1990 -Patch1: fail2ban-ipset.patch #Source0: https://github.com/sebres/%{name}/archive/f2b-perfom-prepare-716-cs.tar.gz#/%{name}-test.tar.gz # Give up being PartOf iptables for now # https://bugzilla.redhat.com/show_bug.cgi?id=1379141 Patch2: fail2ban-partof.patch -# Add journalmatch entries for sendmail -# https://bugzilla.redhat.com/show_bug.cgi?id=1329919 -# https://github.com/fail2ban/fail2ban/pull/1566 -Patch3: fail2ban-sendmail.patch BuildRequires: python3-devel BuildRequires: /usr/bin/2to3 # For testcases BuildRequires: python3-inotify +BuildRequires: sqlite BuildArch: noarch %if 0%{?fedora} || 0%{?rhel} >= 7 BuildRequires: systemd @@ -163,10 +153,7 @@ by default. %prep %setup -q -%patch0 -p1 -%patch1 -p1 -b .ipset %patch2 -p1 -b .partof -%patch3 -p1 -b .sendmail # Use Fedora paths sed -i -e 's/^before = paths-.*/before = paths-fedora.conf/' config/jail.conf 2to3 --write --nobackups . @@ -307,6 +294,9 @@ fi %changelog +* Wed Mar 28 2018 Orion Poplawski - 0.10.2-1 +- Update to 0.10.2 + * Wed Feb 07 2018 Fedora Release Engineering - 0.10.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild diff --git a/sources b/sources index aa19b17..97ffc49 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (fail2ban-0.10.1.tar.gz) = 556e071e439454ef369e7e323cae9652bbfb8e43d697e9b6c19d710e9d59838db489ffe07125443c86837b0a9f0688b7567135178591d1817caaab954ce40366 +SHA512 (fail2ban-0.10.2.tar.gz) = bc3c7b8caff6f78833cb222aeb57ecaf4ada447610aa6a7187e4e5744ee408eb582d209f012968f9921463dee1d203d86fe5cddabc99974d15ef4f3155e685c1