FreeBSD Bugzilla – Attachment 242751 Details for
Bug 271972
security/py-fail2ban: More complex path rewrite and small refactoring
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
fail2ban.diff
fail2ban.diff (text/plain), 7.13 KB, created by
Dmitry Wagin
on 2023-06-12 21:22:25 UTC
(
hide
)
Description:
fail2ban.diff
Filename:
MIME Type:
Creator:
Dmitry Wagin
Created:
2023-06-12 21:22:25 UTC
Size:
7.13 KB
patch
obsolete
>diff --git a/security/py-fail2ban/Makefile b/security/py-fail2ban/Makefile >index dcc22566019..10c83413dbf 100644 >--- a/security/py-fail2ban/Makefile >+++ b/security/py-fail2ban/Makefile >@@ -1,5 +1,6 @@ > PORTNAME= fail2ban > DISTVERSION= 1.0.2 >+PORTREVISION= 1 > CATEGORIES= security python > PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} > >@@ -22,9 +23,15 @@ USE_RC_SUBR= fail2ban > SHEBANG_FILES= config/filter.d/ignorecommands/apache-fakegooglebot > SHEBANG_LANG= fail2ban-python > >+FAIL2BAN_DBDIR?= /var/db/${PORTNAME} >+FAIL2BAN_RUNDIR?= /var/run/${PORTNAME} >+ > NO_ARCH= yes >-SUB_LIST+= PYTHON_CMD=${PYTHON_CMD} >+SUB_LIST= FAIL2BAN_RUNDIR=${FAIL2BAN_RUNDIR} \ >+ PYTHON_CMD=${PYTHON_CMD} > >+PLIST_SUB= FAIL2BAN_DBDIR=${FAIL2BAN_DBDIR} \ >+ FAIL2BAN_RUNDIR=${FAIL2BAN_RUNDIR} > PORTDOCS= DEVELOP README.md > > OPTIONS_DEFINE= DOCS INOTIFY >@@ -34,40 +41,83 @@ INOTIFY_DESC= Support for (lib)inotify to monitor filesystem changes > > INOTIFY_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}pyinotify>=0.8.3:devel/py-pyinotify@${PY_FLAVOR} > >-FILES= ${WRKSRC}/bin/fail2ban-client \ >+FILES= ${WRKSRC}/config/action.d/abuseipdb.conf \ >+ ${WRKSRC}/config/action.d/apprise.conf \ >+ ${WRKSRC}/config/action.d/blocklist_de.conf \ >+ ${WRKSRC}/config/action.d/bsd-ipfw.conf \ >+ ${WRKSRC}/config/action.d/complain.conf \ >+ ${WRKSRC}/config/action.d/dshield.conf \ >+ ${WRKSRC}/config/action.d/dummy.conf \ >+ ${WRKSRC}/config/action.d/hostsdeny.conf \ >+ ${WRKSRC}/config/action.d/ipfilter.conf \ >+ ${WRKSRC}/config/action.d/ipfw.conf \ >+ ${WRKSRC}/config/action.d/ippool.conf \ >+ ${WRKSRC}/config/action.d/iptables-ipset-proto4.conf \ >+ ${WRKSRC}/config/action.d/iptables-ipset.conf \ >+ ${WRKSRC}/config/action.d/iptables-multiport-log.conf \ >+ ${WRKSRC}/config/action.d/iptables-xt_recent-echo.conf \ >+ ${WRKSRC}/config/action.d/iptables.conf \ >+ ${WRKSRC}/config/action.d/ipthreat.conf \ >+ ${WRKSRC}/config/action.d/mail-buffered.conf \ >+ ${WRKSRC}/config/action.d/mail-whois-lines.conf \ >+ ${WRKSRC}/config/action.d/mail-whois.conf \ >+ ${WRKSRC}/config/action.d/mail.conf \ >+ ${WRKSRC}/config/action.d/mynetwatchman.conf \ >+ ${WRKSRC}/config/action.d/nftables.conf \ >+ ${WRKSRC}/config/action.d/nsupdate.conf \ >+ ${WRKSRC}/config/action.d/sendmail-buffered.conf \ >+ ${WRKSRC}/config/action.d/sendmail-common.conf \ >+ ${WRKSRC}/config/action.d/sendmail-geoip-lines.conf \ >+ ${WRKSRC}/config/action.d/sendmail-whois-ipjailmatches.conf \ >+ ${WRKSRC}/config/action.d/sendmail-whois-ipmatches.conf \ >+ ${WRKSRC}/config/action.d/sendmail-whois-lines.conf \ >+ ${WRKSRC}/config/action.d/sendmail-whois-matches.conf \ >+ ${WRKSRC}/config/action.d/sendmail-whois.conf \ >+ ${WRKSRC}/config/action.d/sendmail.conf \ >+ ${WRKSRC}/config/action.d/shorewall-ipset-proto6.conf \ >+ ${WRKSRC}/config/action.d/shorewall.conf \ >+ ${WRKSRC}/config/fail2ban.conf \ >+ ${WRKSRC}/config/filter.d/openhab.conf \ >+ ${WRKSRC}/config/jail.conf \ > ${WRKSRC}/fail2ban/client/configreader.py \ > ${WRKSRC}/fail2ban/client/fail2bancmdline.py \ >+ ${WRKSRC}/fail2ban/client/fail2banreader.py \ > ${WRKSRC}/fail2ban/client/fail2banregex.py \ >+ ${WRKSRC}/fail2ban/server/filter.py \ >+ ${WRKSRC}/fail2ban/tests/clientbeautifiertestcase.py \ >+ ${WRKSRC}/fail2ban/tests/clientreadertestcase.py \ >+ ${WRKSRC}/fail2ban/tests/utils.py \ > ${WRKSRC}/man/fail2ban-client.1 \ >- ${WRKSRC}/man/fail2ban-client.h2m ${WRKSRC}/setup.py >- >-MAN_FILES= ${WRKSRC}/man/fail2ban-client.1 \ > ${WRKSRC}/man/fail2ban-client.h2m \ >- ${WRKSRC}/man/fail2ban-regex.1 ${WRKSRC}/man/fail2ban-server.1 \ >- ${WRKSRC}/man/fail2ban.1 >+ ${WRKSRC}/man/fail2ban-regex.1 ${WRKSRC}/man/fail2ban-regex.h2m \ >+ ${WRKSRC}/man/fail2ban.1 ${WRKSRC}/man/jail.conf.5 \ >+ ${WRKSRC}/setup.py > >-FAIL2BAN_DBDIR= /var/db/${PORTNAME} >+.if ${FAIL2BAN_RUNDIR} != "/var/run/fail2ban" >+FILES+= ${WRKSRC}/fail2ban/client/csocket.py \ >+ ${WRKSRC}/fail2ban/server/asyncserver.py >+.endif > > PY2TO3_CMD= ${LOCALBASE}/bin/2to3-${PYTHON_VER} > PY2TO3_ARG= --no-diffs --write --nobackups --fix=all > > post-patch: >- @${REINPLACE_CMD} -e 's,/etc/fail2ban,${ETCDIR},g' ${FILES} >+ @${REINPLACE_CMD} -e \ >+ 's,/etc/fail2ban,${ETCDIR},g ; \ >+ s,/var/lib/fail2ban,${FAIL2BAN_DBDIR},g ; \ >+ s,/var/run/fail2ban,${FAIL2BAN_RUNDIR},g ; \ >+ s,jail.conf(5),fail2ban-jail.conf(5),g' \ >+ ${FILES} > @${REINPLACE_CMD} -e 's,paths-debian.conf,paths-freebsd.conf,g' \ > ${WRKSRC}/config/jail.conf >- @${REINPLACE_CMD} -e 's,/var/lib/fail2ban/,${FAIL2BAN_DBDIR}/,g' \ >- ${WRKSRC}/config/fail2ban.conf >- @${REINPLACE_CMD} -e 's,jail.conf(5),fail2ban-jail.conf(5),g' \ >- ${MAN_FILES} > @${REINPLACE_CMD} -e 's, sed , ${SED} ,g' \ > ${WRKSRC}/config/action.d/hostsdeny.conf > >- # XXX Ideally this should be in do-build but it only works in >- # XXX post-patch >+# XXX Ideally this should be in do-build but it only works in >+# XXX post-patch > (cd ${WRKSRC}/ && ${PY2TO3_CMD} ${PY2TO3_ARG} bin/* fail2ban) > > post-install: >- @${MKDIR} ${STAGEDIR}${FAIL2BAN_DBDIR} ${STAGEDIR}/var/run/fail2ban > .for file in fail2ban-client fail2ban-regex fail2ban-server fail2ban > ${INSTALL_MAN} ${WRKSRC}/man/${file}.1 ${STAGEDIR}${MANPREFIX}/man/man1 > .endfor >diff --git a/security/py-fail2ban/files/fail2ban.in b/security/py-fail2ban/files/fail2ban.in >index a0cd0de97f5..54337ee0eca 100644 >--- a/security/py-fail2ban/files/fail2ban.in >+++ b/security/py-fail2ban/files/fail2ban.in >@@ -7,42 +7,36 @@ > # Add the following lines to /etc/rc.conf to enable fail2ban: > # fail2ban_enable="YES" > # fail2ban_flags="<set as needed>" >-# fail2ban_pidfile="<same as in fail2ban.local>" >- >-# Make sure pidfile and socket point to the same directory > > . /etc/rc.subr > > PATH=${PATH}:%%PREFIX%%/sbin:%%PREFIX%%/bin > >-name="fail2ban" >+name=fail2ban > rcvar=fail2ban_enable > >-start_precmd="fail2ban_prestart" >-command="%%PREFIX%%/bin/fail2ban-server" >-command_interpreter="%%PYTHON_CMD%%" >-client="%%PREFIX%%/bin/fail2ban-client" >- >-extra_commands="reload jailstatus" >- >-fail2ban_prestart() >-{ >- install -d -m 0755 "$(dirname ${pidfile})" >-} >- > load_rc_config ${name} > >-# >-# DO NOT CHANGE THESE DEFAULT VALUES HERE >-# SET THEM IN THE /etc/rc.conf FILE >-# >+: ${fail2ban_enable:="NO"} > >-fail2ban_enable=${fail2ban_enable-"NO"} >-pidfile=${fail2ban_pidfile-"/var/run/fail2ban/fail2ban.pid"} >+client="%%PREFIX%%/bin/fail2ban-client" >+command="%%PREFIX%%/bin/fail2ban-server" >+command_interpreter="%%PYTHON_CMD%%" > >+start_precmd="fail2ban_start_precmd" > start_cmd="${client} ${fail2ban_flags} start" > stop_cmd="${client} ${fail2ban_flags} stop" > reload_cmd="${client} ${fail2ban_flags} reload" > jailstatus_cmd="${client} ${fail2ban_flags} status" >+extra_commands="reload jailstatus" >+ >+pidfile="%%FAIL2BAN_RUNDIR%%/fail2ban.pid" >+ >+fail2ban_start_precmd() >+{ >+ if [ ! -d "%%FAIL2BAN_RUNDIR%%" ]; then >+ install -d -m 0755 "%%FAIL2BAN_RUNDIR%%" >+ fi >+} > > run_rc_command "$1" >diff --git a/security/py-fail2ban/pkg-plist b/security/py-fail2ban/pkg-plist >index 9836b30ee19..4fd7dacfb21 100644 >--- a/security/py-fail2ban/pkg-plist >+++ b/security/py-fail2ban/pkg-plist >@@ -6,7 +6,5 @@ man/man5/fail2ban-jail.conf.5.gz > bin/fail2ban-python > @dir %%ETCDIR%%/fail2ban.d > @dir %%ETCDIR%%/jail.d >-@dir /var/db/fail2ban >-@dir /var/lib/fail2ban >-@dir /var/lib >-@dir /var/run/fail2ban >+@dir %%FAIL2BAN_DBDIR%% >+@dir %%FAIL2BAN_RUNDIR%%
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=242751">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 271972
: 242751