Attachment 222508 Details for Bug 221602 – Patch

[patch] Patch

0001-security-sshguard-Remove-default-sshguard_blacklist-.patch (text/plain), 2.72 KB, created by Kevin Zheng on 2021-02-17 07:39:37 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Kevin Zheng

Created: 2021-02-17 07:39:37 UTC

Size: 2.72 KB

patch

obsolete

>From ba6cd47f7ebf762f84911ae1617b28434d735170 Mon Sep 17 00:00:00 2001
>From: Kevin Zheng <kevinz5000@gmail.com>
>Date: Tue, 16 Feb 2021 23:32:20 -0800
>Subject: [PATCH] security/sshguard: Remove default sshguard_blacklist rcvar
>
>The sshguard_blacklist rcvar always overrides the setting in
>sshguard.conf. Since the rc.d script sets sshguard_blacklist, the
>blacklist option in sshguard.conf is never used.
>
>This patch removes the default rcvar setting, and instead enables
>blacklisting in the example sshguard.conf. (Note that this is a
>traditional FreeBSD ports default, not an upstream default.)
>
>New users (with no existing sshguard.conf) will see no change. Users
>with existing sshguard.conf will have blacklisting turned off until they
>update their sshguard.conf.
>---
> security/sshguard/Makefile                                  | 1 +
> security/sshguard/files/patch-examples-sshguard.conf.sample | 2 +-
> security/sshguard/files/sshguard.in                         | 2 +-
> 3 files changed, 3 insertions(+), 2 deletions(-)
>
>diff --git a/security/sshguard/Makefile b/security/sshguard/Makefile
>index a3e1e1d25998..a7950a5aca5c 100644
>--- a/security/sshguard/Makefile
>+++ b/security/sshguard/Makefile
>@@ -3,6 +3,7 @@
> 
> PORTNAME=	sshguard
> PORTVERSION=	2.4.1
>+PORTREVISION=	1
> PORTEPOCH=	1
> CATEGORIES=	security
> MASTER_SITES=	SF/sshguard/sshguard/${PORTVERSION}
>diff --git a/security/sshguard/files/patch-examples-sshguard.conf.sample b/security/sshguard/files/patch-examples-sshguard.conf.sample
>index a9abccad5bbf..ec71817bc561 100644
>--- a/security/sshguard/files/patch-examples-sshguard.conf.sample
>+++ b/security/sshguard/files/patch-examples-sshguard.conf.sample
>@@ -25,7 +25,7 @@
>  # Colon-separated blacklist threshold and full path to blacklist file.
>  # (optional, no default)
> -#BLACKLIST_FILE=90:/var/lib/sshguard/enemies
>-+#BLACKLIST_FILE=120:/var/db/sshguard/blacklist.db
>++BLACKLIST_FILE=120:/var/db/sshguard/blacklist.db
>  
>  # IP addresses listed in the WHITELIST_FILE are considered to be
>  # friendlies and will never be blocked.
>diff --git a/security/sshguard/files/sshguard.in b/security/sshguard/files/sshguard.in
>index e9b8a0105b84..78b6eff280b0 100644
>--- a/security/sshguard/files/sshguard.in
>+++ b/security/sshguard/files/sshguard.in
>@@ -63,7 +63,7 @@
> name=sshguard
> rcvar=sshguard_enable
> 
>-set_rcvar sshguard_blacklist "120:/var/db/sshguard/blacklist.db" "Blacklisting threshold and path to blacklist file (colon-separated)"
>+set_rcvar sshguard_blacklist "" "Blacklisting threshold and path to blacklist file (colon-separated)"
> set_rcvar sshguard_danger_thresh "" "Attack threshold"
> set_rcvar sshguard_pidfile "/var/run/sshguard.pid" "Path to PID file"
> set_rcvar sshguard_release_interval "" "Time before releasing first-time attackers (s)"
>-- 
>2.30.0
>

Actions: View | Diff

Attachments on bug 221602: 222508 | 228131