FreeBSD Bugzilla – Attachment 228131 Details for
Bug 221602
security/sshguard: configuration inconvenience wrt blacklisting
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
0001-security-sshguard-Disable-blacklisting-by-default.patch (text/plain), 2.03 KB, created by
Kevin Zheng
on 2021-09-23 06:59:18 UTC
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Kevin Zheng
Created:
2021-09-23 06:59:18 UTC
Size:
2.03 KB
patch
obsolete
>From 49241b071dcb76cd14ff4ebe1d1002472956210d Mon Sep 17 00:00:00 2001 >From: Kevin Zheng <kevinz5000@gmail.com> >Date: Tue, 16 Feb 2021 23:32:20 -0800 >Subject: [PATCH] security/sshguard: Disable blacklisting by default > >The sshguard_blacklist rcvar always overrides the setting in >sshguard.conf. Since the rc.d script sets sshguard_blacklist, the >blacklist option in sshguard.conf is never used. > >This patch removes the default rcvar setting, which matches the upstream >behavior of disabling blacklisting unless explicitly enabled. >--- > UPDATING | 8 ++++++++ > security/sshguard/files/sshguard.in | 2 +- > 2 files changed, 9 insertions(+), 1 deletion(-) > >diff --git a/UPDATING b/UPDATING >index c933014e3939..25b113e5dae2 100644 >--- a/UPDATING >+++ b/UPDATING >@@ -5,6 +5,14 @@ they are unavoidable. > You should get into the habit of checking this file for changes each time > you update your ports collection, before attempting any port upgrades. > >+20210922: >+ AFFECTS: security/sshguard >+ AUTHOR: kevinz5000@gmail.com >+ >+ Blacklisting is now disabled by default to avoid overriding the setting in >+ sshguard.conf. To enable blacklisting, uncomment the BLACKLIST_FILE line in >+ sshguard.conf. >+ > 20210912: > AFFECTS: x11-wm/cage, x11-wm/hikari, x11-wm/labwc, x11-wm/sway, x11-wm/wayfire > AUTHOR: jbeich@FreeBSD.org >diff --git a/security/sshguard/files/sshguard.in b/security/sshguard/files/sshguard.in >index d3e88a6ff196..fd59b3297e2f 100644 >--- a/security/sshguard/files/sshguard.in >+++ b/security/sshguard/files/sshguard.in >@@ -60,7 +60,7 @@ > name=sshguard > rcvar=sshguard_enable > >-set_rcvar sshguard_blacklist "120:/var/db/sshguard/blacklist.db" "Blacklisting threshold and path to blacklist file (colon-separated)" >+set_rcvar sshguard_blacklist "" "Blacklisting threshold and path to blacklist file (colon-separated)" > set_rcvar sshguard_danger_thresh "" "Attack threshold" > set_rcvar sshguard_pidfile "/var/run/sshguard.pid" "Path to PID file" > set_rcvar sshguard_release_interval "" "Time before releasing first-time attackers (s)" >-- >2.32.0 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=228131">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 221602
:
222508
| 228131