Bug 193621 - fail2ban doesn't use syslog correctly-patch attached
Summary: fail2ban doesn't use syslog correctly-patch attached
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Some People
Assignee: Tijl Coosemans
Depends on:
Reported: 2014-09-13 22:40 UTC by dewayne
Modified: 2014-09-14 19:32 UTC (History)
2 users (show)

See Also:

Patch to server/server.py (613 bytes, patch)
2014-09-13 22:40 UTC, dewayne
no flags Details | Diff
patch for syslog socket and missing /var/run/fail2ban (1.81 KB, text/plain)
2014-09-14 09:24 UTC, theis
no flags Details
Same as above, but without the precmd (1.06 KB, text/plain)
2014-09-14 16:27 UTC, theis
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description dewayne 2014-09-13 22:40:06 UTC
Created attachment 147288 [details]
Patch to server/server.py

fail2ban uses /dev/log rather than /var/run/log, per an email from stavros@staff.esc.net.au.  As we're just starting integration testing we thought we'd enhance the application with Stavros suggestion (Thank-you for sharing).

There are two server.py's in the distfile, the patch's name identifies which one.

Upstream should address, however in the interim, please refer to patch.
Comment 1 theis 2014-09-14 09:24:01 UTC
Created attachment 147301 [details]
patch for syslog socket and missing /var/run/fail2ban

I changed the patch to do it inline in the Makefile.

I also added a patch to create the /var/run/fail2ban directory via a start_precmd in the rc file: as it was pointed out to me by Andrey Chernov it is not sufficient to create directories under /var/run in pkg-plist because anything under /var/run may be removed at a reboot.
I hope I did it the correct way in the rc file ...
Comment 2 Tijl Coosemans freebsd_committer 2014-09-14 10:27:31 UTC
I think what Andrey is referring to is /etc/rc.d/cleanvar, but that only removes files under /var/run, not directories.
Comment 3 theis 2014-09-14 11:10:19 UTC
Yes, that's right, he was referring to cleanvar. And I didn't try to understand what cleanvar will do in detail ...

But the problem remains that pkg_plist has to add a dummy file (.keep_me) so that the installation creates the directory, but cleanvar would remove that file which will cause an error in pkg check -Ba.

And I just found a comment from him, stating that cleanvar removes files and empty directories from /var/run. So the first call would remove .keep_me, leaving behind an empty directory, a second call would remove the directory if it were not populated by fail2ban in the meantime.
Comment 4 Tijl Coosemans freebsd_committer 2014-09-14 12:04:05 UTC
With pkg you no longer need .keep_me files for emtpy directories and cleanvar does not delete directories.  There's no "rmdir" or "rm -d" in the script and only one "rm -r" unrelated to /var/run.  It would be damaging to several ports if cleanvar deleted directories.
Comment 5 theis 2014-09-14 13:59:09 UTC
So, what is then the canonical way to create /var/run/fail2ban?
Comment 6 Tijl Coosemans freebsd_committer 2014-09-14 14:28:19 UTC
Just add this to pkg-plist:

@dirrm /var/run/fail2ban

Your pkg-plist already has this.  You just need to remove the .keep_me files (also from the post-install target in the Makefile).
Comment 7 theis 2014-09-14 16:27:39 UTC
Created attachment 147320 [details]
Same as above, but without the precmd

Thanks for your patience.
I attach a patch which just removes the /var/run/fail2ban/.keep_me from pkg-plist. And fixes that syslog error, or course.
Comment 8 Tijl Coosemans freebsd_committer 2014-09-14 18:56:33 UTC
Does /var/log work instead of /var/run/log?
Comment 9 Tijl Coosemans freebsd_committer 2014-09-14 18:57:53 UTC
Ugh, never mind, you need /var/run/log
Comment 10 commit-hook freebsd_committer 2014-09-14 19:31:25 UTC
A commit references this bug:

Author: tijl
Date: Sun Sep 14 19:31:17 UTC 2014
New revision: 368222
URL: http://svnweb.freebsd.org/changeset/ports/368222

  - Patch a script to use the right syslogd socket (/var/run/log)
  - Remove .keep_me files because pkg can handle empty directories

  PR:		193621
  Submitted by:	theis@gmx.at (maintainer)