diff options
Diffstat (limited to 'net-analyzer/fail2ban/files/fail2ban-0.11.2-upstream-openrc.patch')
| -rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-0.11.2-upstream-openrc.patch | 247 |
1 files changed, 0 insertions, 247 deletions
diff --git a/net-analyzer/fail2ban/files/fail2ban-0.11.2-upstream-openrc.patch b/net-analyzer/fail2ban/files/fail2ban-0.11.2-upstream-openrc.patch deleted file mode 100644 index bbe655124d36..000000000000 --- a/net-analyzer/fail2ban/files/fail2ban-0.11.2-upstream-openrc.patch +++ /dev/null @@ -1,247 +0,0 @@ -https://github.com/fail2ban/fail2ban/pull/2182 - -diff --git a/MANIFEST b/MANIFEST -index 48c751a0..c2df1e51 100644 ---- a/MANIFEST -+++ b/MANIFEST -@@ -393,8 +393,8 @@ files/fail2ban.service.in - files/fail2ban-tmpfiles.conf - files/fail2ban.upstart - files/gen_badbots --files/gentoo-confd --files/gentoo-initd -+files/fail2ban-openrc.conf -+files/fail2ban-openrc.init.in - files/ipmasq-ZZZzzz_fail2ban.rul - files/logwatch/fail2ban - files/logwatch/fail2ban-0.8.log -diff --git a/files/fail2ban-openrc.conf b/files/fail2ban-openrc.conf -new file mode 100644 -index 00000000..9454ef68 ---- /dev/null -+++ b/files/fail2ban-openrc.conf -@@ -0,0 +1,2 @@ -+# For available options, please run "fail2ban-server --help". -+#FAIL2BAN_OPTIONS="-x" -diff --git a/files/fail2ban-openrc.init.in b/files/fail2ban-openrc.init.in -new file mode 100755 -index 00000000..2c56ee3a ---- /dev/null -+++ b/files/fail2ban-openrc.init.in -@@ -0,0 +1,86 @@ -+#!/sbin/openrc-run -+# This file is part of Fail2Ban. -+# -+# Fail2Ban is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 2 of the License, or -+# (at your option) any later version. -+# -+# Fail2Ban is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with Fail2Ban; if not, write to the Free Software -+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -+# -+# Author: Sireyessire, Cyril Jaquier -+# -+ -+description="Ban hosts that cause multiple authentication errors" -+description_reload="reload configuration without dropping bans" -+extra_started_commands="reload" -+ -+# Can't (and shouldn't) be changed by the end-user. -+# -+# Note that @BINDIR@ is already supplied by the build system. Some -+# day, it might be nice to have @RUNDIR@ supplied by the build system -+# as well, so that we don't have to hard-code /run here. -+FAIL2BAN_RUNDIR="/run/${RC_SVCNAME}" -+FAIL2BAN_SOCKET="${FAIL2BAN_RUNDIR}/${RC_SVCNAME}.sock" -+ -+# The fail2ban-client program is also capable of starting and stopping -+# the server, but things are simpler if we let start-stop-daemon do it. -+command="@BINDIR@/fail2ban-server" -+pidfile="${FAIL2BAN_RUNDIR}/${RC_SVCNAME}.pid" -+ -+# We force the pidfile/socket location in this service script because -+# we're taking responsibility for ensuring that their parent directory -+# exists and has the correct permissions (which we can't do if the -+# user is allowed to change them). -+command_args="${FAIL2BAN_OPTIONS} -p ${pidfile} -s ${FAIL2BAN_SOCKET}" -+retry="30" -+ -+depend() { -+ use logger -+ after iptables -+} -+ -+checkconfig() { -+ "${command}" ${command_args} --test -+} -+ -+start_pre() { -+ # If this isn't a restart, make sure that the user's config isn't -+ # busted before we try to start the daemon (this will produce -+ # better error messages than if we just try to start it blindly). -+ # -+ # If, on the other hand, this *is* a restart, then the stop_pre -+ # action will have ensured that the config is usable and we don't -+ # need to do that again. -+ if [ "${RC_CMD}" != "restart" ] ; then -+ checkconfig || return $? -+ fi -+ checkpath -d "${FAIL2BAN_RUNDIR}" -+} -+ -+stop_pre() { -+ # If this is a restart, check to make sure the user's config -+ # isn't busted before we stop the running daemon. -+ if [ "${RC_CMD}" = "restart" ] ; then -+ checkconfig || return $? -+ fi -+} -+ -+reload() { -+ # The fail2ban-client uses an undocumented protocol to tell -+ # the server to reload(), so we have to use it here rather -+ # than e.g. sending a signal to the server daemon. Note that -+ # the reload will fail (on the server side) if the new config -+ # is invalid; we therefore don't need to test it ourselves -+ # with checkconfig() before initiating the reload. -+ ebegin "Reloading ${RC_SVCNAME}" -+ "@BINDIR@/fail2ban-client" ${command_args} reload -+ eend $? "Failed to reload ${RC_SVCNAME}" -+} -diff --git a/files/gentoo-confd b/files/gentoo-confd -deleted file mode 100644 -index 00d19f8b..00000000 ---- a/files/gentoo-confd -+++ /dev/null -@@ -1,8 +0,0 @@ --# Config file for /etc/init.d/fail2ban --# --# For information on options, see "/usr/bin/fail2ban-client -h". -- --FAIL2BAN_OPTIONS="" -- --# Force execution of the server even if the socket already exists: --#FAIL2BAN_OPTIONS="-x" -diff --git a/files/gentoo-initd b/files/gentoo-initd -deleted file mode 100755 -index 0fb157cd..00000000 ---- a/files/gentoo-initd -+++ /dev/null -@@ -1,60 +0,0 @@ --#!/sbin/openrc-run --# This file is part of Fail2Ban. --# --# Fail2Ban is free software; you can redistribute it and/or modify --# it under the terms of the GNU General Public License as published by --# the Free Software Foundation; either version 2 of the License, or --# (at your option) any later version. --# --# Fail2Ban is distributed in the hope that it will be useful, --# but WITHOUT ANY WARRANTY; without even the implied warranty of --# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --# GNU General Public License for more details. --# --# You should have received a copy of the GNU General Public License --# along with Fail2Ban; if not, write to the Free Software --# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. --# --# Author: Sireyessire, Cyril Jaquier --# -- --description="Daemon to ban hosts that cause multiple authentication errors" --description_reload="reload configuration" --description_showlog="show fail2ban logs" --extra_started_commands="reload showlog" -- --FAIL2BAN="/usr/bin/fail2ban-client ${FAIL2BAN_OPTIONS}" -- --depend() { -- need net -- need logger -- after iptables --} -- --start() { -- ebegin "Starting fail2ban" -- mkdir -p /var/run/fail2ban || return 1 -- # remove stalled sock file after system crash -- # bug 347477 -- rm -f /var/run/fail2ban/fail2ban.sock || return 1 -- start-stop-daemon --start --pidfile /var/run/fail2ban/fail2ban.pid \ -- -- ${FAIL2BAN} start -- eend $? "Failed to start fail2ban" --} -- --stop() { -- ebegin "Stopping fail2ban" -- start-stop-daemon --stop --pidfile /var/run/fail2ban/fail2ban.pid --retry 30 \ -- -- ${FAIL2BAN} stop -- eend $? "Failed to stop fail2ban" --} -- --reload() { -- ebegin "Reloading fail2ban" -- ${FAIL2BAN} reload -- eend $? "Failed to reload fail2ban" --} -- --showlog(){ -- less /var/log/fail2ban.log --} -diff --git a/setup.py b/setup.py -index 98413273..91f71cf2 100755 ---- a/setup.py -+++ b/setup.py -@@ -89,24 +89,27 @@ class install_scripts_f2b(install_scripts): - if install_dir.startswith(root): - install_dir = install_dir[len(root):] - except: # pragma: no cover -- print('WARNING: Cannot find root-base option, check the bin-path to fail2ban-scripts in "fail2ban.service".') -- print('Creating %s/fail2ban.service (from fail2ban.service.in): @BINDIR@ -> %s' % (buildroot, install_dir)) -- with open(os.path.join(source_dir, 'files/fail2ban.service.in'), 'r') as fn: -- lines = fn.readlines() -- fn = None -- if not dry_run: -- fn = open(os.path.join(buildroot, 'fail2ban.service'), 'w') -- try: -- for ln in lines: -- ln = re.sub(r'@BINDIR@', lambda v: install_dir, ln) -- if dry_run: -- sys.stdout.write(' | ' + ln) -- continue -- fn.write(ln) -- finally: -- if fn: fn.close() -- if dry_run: -- print(' `') -+ print('WARNING: Cannot find root-base option, check the bin-path to fail2ban-scripts in "fail2ban.service" and "fail2ban-openrc.init".') -+ -+ scripts = ['fail2ban.service', 'fail2ban-openrc.init'] -+ for script in scripts: -+ print('Creating %s/%s (from %s.in): @BINDIR@ -> %s' % (buildroot, script, script, install_dir)) -+ with open(os.path.join(source_dir, 'files/%s.in' % script), 'r') as fn: -+ lines = fn.readlines() -+ fn = None -+ if not dry_run: -+ fn = open(os.path.join(buildroot, script), 'w') -+ try: -+ for ln in lines: -+ ln = re.sub(r'@BINDIR@', lambda v: install_dir, ln) -+ if dry_run: -+ sys.stdout.write(' | ' + ln) -+ continue -+ fn.write(ln) -+ finally: -+ if fn: fn.close() -+ if dry_run: -+ print(' `') - - - # Wrapper to specify fail2ban own options: |