From 2a8d2f71d1d9963368e0ef3d641d75979a689d12 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Thu, 4 Jul 2024 08:06:08 +0100 Subject: gentoo auto-resync : 04:07:2024 - 08:06:07 --- net-analyzer/Manifest.gz | Bin 43289 -> 43289 bytes net-analyzer/fail2ban/Manifest | 2 + net-analyzer/fail2ban/fail2ban-1.1.0-r1.ebuild | 136 +++++++++++++++++++++ .../files/fail2ban-1.1.0-openssh-9.8.patch | 75 ++++++++++++ 4 files changed, 213 insertions(+) create mode 100644 net-analyzer/fail2ban/fail2ban-1.1.0-r1.ebuild create mode 100644 net-analyzer/fail2ban/files/fail2ban-1.1.0-openssh-9.8.patch (limited to 'net-analyzer') diff --git a/net-analyzer/Manifest.gz b/net-analyzer/Manifest.gz index a0af75b7ab1b..89de99dfa0d5 100644 Binary files a/net-analyzer/Manifest.gz and b/net-analyzer/Manifest.gz differ diff --git a/net-analyzer/fail2ban/Manifest b/net-analyzer/fail2ban/Manifest index 90386899979d..ef2131933761 100644 --- a/net-analyzer/fail2ban/Manifest +++ b/net-analyzer/fail2ban/Manifest @@ -1,10 +1,12 @@ AUX fail2ban-0.11.2-adjust-apache-logs-paths.patch 893 BLAKE2B 5b80b81488a5245d9d9d15a1b0205a1d86f132e3faa5ea3e5cf91d55082b2d264e558dca4b7fbe62f643601b3315ac31cae387c433c2d90b670965abfa744f87 SHA512 dddff4858431170f5a24daab2d3cedcdcd7a1194b8ecbbcd794dfe00dcaee4af410afef102d3a25f86f541267d7be63e3e1d239c879e95d20cef9f0dacdcdc4c AUX fail2ban-1.0.2-configreader-warning.patch 844 BLAKE2B 3dca580b50c7fa425765ee28fd07d033e738e81ac08f1b66a9b328c7fdf24227c0dca81927e61933c3c3d0c7b6895aed797642f15b449bb6485c8bef6c2315a7 SHA512 119f6b06c099f1dd147859408714fdfe3c73e254ad0d4bf04e535a1f6cbaf08ba368f3e616df792579528e5b6e26bd1be5408258a807d7e2ba36020b211d8e9e AUX fail2ban-1.0.2-umask-tests.patch 1329 BLAKE2B a7535b515e5d3be56d6e842b34e37cc6786338c1874827ff82c58251ecab63917b54d3c1de6fb4047112deade46195c168b5783922dec8895a13f7751f2c64a7 SHA512 bfffcaa54e74c34e87f4a1205573ac9fb8a66dbcc8534f9b42574be699e21ee92ce153204a7dfc63aedfe319a34d9ac3e656ff29cc054fcaf3b4709b0d56b24b +AUX fail2ban-1.1.0-openssh-9.8.patch 2482 BLAKE2B 5ca3d572332470131ec93330a14676a988f85e7177d44441c36c25ecd3095d8c0ea34cf9535c64df258d211cddf22306119f4a055c8ec5fc19c49d4b5d2281b5 SHA512 c26efa8e4929ed8a3973e4176a8adb0ca3d34fdac550376b3b5da6788f8f0f0afffc7a9031b118e6ce70052af590ff4669ea191b09d34f97636abf3515fc548e DIST fail2ban-1.0.2.tar.gz 583295 BLAKE2B 84eb5e3487c4db734f4f0a36af142d520e1cc53c2960893ee2f05ff4e78133860be59ed9580fa0d972509a03c17e5d9458b8e3f6b470a4c3154f10911f94691e SHA512 688a84361b5794e1658f53d2d200ce752fe1e3320ddb1742c32c4b4b82a79ace16ae464e7ea3eeb94a0e862bcac73c2d3a0e61dd7b28e179a4c857f950d74dbb DIST fail2ban-1.1.0.tar.gz 603854 BLAKE2B f7c2d3a1e5b5cdca1f26d92cefe75958bb61b87ad1cf316380b91527c96f3261e5665478c5fbb053f6419956dda934c8ef3ce837af2819b1b1c8d162246fc15f SHA512 9bff7b9c41e58a953901800468e5c4153c9db6af01c7eb18111ad8620b40d03a0771020472fb759b2809d250e2bb45471e6c7e8283e72ea48290ecf7bf921821 EBUILD fail2ban-1.0.2-r2.ebuild 3524 BLAKE2B f809eaaf425c548842f6b4c749f1f9613b4fd6e1c44aa6dbf5c3790e96b34ea9d14a62fb7b2d1e76afa31a9f05efdc840db5a3415f2af422cc9254b4afdd59ef SHA512 070ee0ef942c9fb8559afb7f60d188d91b83759bbb9c343ab31484292aee94fe55c3d1f1642e090d99fe2685f448e2f9048c095aebc05d47dd7030508dcd91fb EBUILD fail2ban-1.0.2-r3.ebuild 3817 BLAKE2B 350ebf2c9d0523009ed9f390548132367805742b20014c719fa396f3edf8df188b531374237922324b591238f4e8df5ff5fdade2505c32444e301a9b3f3d533b SHA512 9b42311a494d88f0f9ac71ed85ad1cc47917824f54858a13857176674c3ccaee66ff88b1f4fa63245556563274bcb0de891c8777f925deef3b4156e02f1c5c32 +EBUILD fail2ban-1.1.0-r1.ebuild 3737 BLAKE2B 2616f4c8f1c061274c620d8059d82cecd500d2a208edc582ccff60b3a1bbb6c71b1387d64412f6639533fc14d91a137293fa4be5c0da50d24f1e9516ba302942 SHA512 ddc09cb902df53beb1b162395b8366dfdd69b9834c44753b9a4cf2b57678ac08eb3756f58e55e5cbf2683e935c316ce9dc8c215d34447b44393c17cc253d7842 EBUILD fail2ban-1.1.0.ebuild 3692 BLAKE2B 0185481423dd83d1ebbd22f249e483852a496f22208084840c59e67d86978452e956f66da4e8021cb9fe9322513bc9316b29ab412ed3c50ba3f8e14512355e0b SHA512 bd8c84d5976a2b6d7cb823f6090a5f4ab88b2a9588f1368d8a736ed62224ef72c803a308b5e23184d667ac93966763f4c1255a5b51423bb9f0091797bb5f1743 EBUILD fail2ban-9999.ebuild 3692 BLAKE2B 0185481423dd83d1ebbd22f249e483852a496f22208084840c59e67d86978452e956f66da4e8021cb9fe9322513bc9316b29ab412ed3c50ba3f8e14512355e0b SHA512 bd8c84d5976a2b6d7cb823f6090a5f4ab88b2a9588f1368d8a736ed62224ef72c803a308b5e23184d667ac93966763f4c1255a5b51423bb9f0091797bb5f1743 MISC metadata.xml 357 BLAKE2B a5dee8c760b80bbfad6bca9a7adae797eda34b9db80716db8842c6813b4ed25ed4707290756dc869a7db4163de1ff6114c1995fcc2c485df1bcc6cad9c9a8f14 SHA512 9877a507bd3617c33351036317c5dc7855a1024d8f04f76a57edb93bd80e62b2b7c4f35784f447e94497305eab33246ae5913ba36ea001aa9068d1f91aeee9f0 diff --git a/net-analyzer/fail2ban/fail2ban-1.1.0-r1.ebuild b/net-analyzer/fail2ban/fail2ban-1.1.0-r1.ebuild new file mode 100644 index 000000000000..653e6d91c9c9 --- /dev/null +++ b/net-analyzer/fail2ban/fail2ban-1.1.0-r1.ebuild @@ -0,0 +1,136 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DISTUTILS_SINGLE_IMPL=1 +PYTHON_COMPAT=( python3_{10..12} ) + +inherit bash-completion-r1 distutils-r1 systemd tmpfiles + +DESCRIPTION="Scans log files and bans IPs that show malicious signs" +HOMEPAGE="https://www.fail2ban.org/" + +if [[ ${PV} == *9999 ]] ; then + EGIT_REPO_URI="https://github.com/fail2ban/fail2ban" + inherit git-r3 +else + SRC_URI="https://github.com/fail2ban/fail2ban/archive/${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86" +fi + +LICENSE="GPL-2" +SLOT="0" +IUSE="selinux systemd test" +RESTRICT="!test? ( test )" + +RDEPEND=" + $(python_gen_cond_dep ' + dev-python/pyasyncore[${PYTHON_USEDEP}] + dev-python/pyasynchat[${PYTHON_USEDEP}] + ' 3.12) + virtual/logger + virtual/mta + selinux? ( sec-policy/selinux-fail2ban ) + systemd? ( + $(python_gen_cond_dep ' + dev-python/python-systemd[${PYTHON_USEDEP}] + ') + ) +" +BDEPEND=" + test? ( + $(python_gen_cond_dep ' + dev-python/aiosmtpd[${PYTHON_USEDEP}] + ') + ) +" + +DOCS=( ChangeLog DEVELOP README.md THANKS TODO doc/run-rootless.txt ) + +PATCHES=( + "${FILESDIR}"/${PN}-0.11.2-adjust-apache-logs-paths.patch + "${FILESDIR}"/${PN}-1.0.2-umask-tests.patch + "${FILESDIR}"/${PN}-1.1.0-openssh-9.8.patch +) + +python_prepare_all() { + distutils-r1_python_prepare_all + + # Replace /var/run with /run, but not in the top source directory + find . -mindepth 2 -type f -exec \ + sed -i -e 's|/var\(/run/fail2ban\)|\1|g' {} + || die +} + +python_test() { + # Skip testRepairDb for bug #907348 (didn't always fail..) + # https://github.com/fail2ban/fail2ban/issues/3586 + bin/fail2ban-testcases \ + --no-network \ + --ignore databasetestcase.DatabaseTest.testRepairDb \ + --verbosity=4 || die "Tests failed with ${EPYTHON}" + + # Workaround for bug #790251 + rm -rf fail2ban.egg-info || die +} + +python_install_all() { + distutils-r1_python_install_all + + rm -rf "${ED}"/usr/share/doc/${PN} "${ED}"/run || die + + newconfd files/fail2ban-openrc.conf ${PN} + + # These two are placed in the ${BUILD_DIR} after being "built" + # in install_scripts(). + newinitd "${BUILD_DIR}/fail2ban-openrc.init" "${PN}" + systemd_dounit "${BUILD_DIR}/${PN}.service" + + dotmpfiles files/${PN}-tmpfiles.conf + + doman man/*.{1,5} + + # Use INSTALL_MASK if you do not want to touch /etc/logrotate.d. + # See http://thread.gmane.org/gmane.linux.gentoo.devel/35675 + insinto /etc/logrotate.d + newins files/${PN}-logrotate ${PN} + + keepdir /var/lib/${PN} + + newbashcomp files/bash-completion ${PN}-client + bashcomp_alias ${PN}-client ${PN}-server ${PN}-regex +} + +pkg_preinst() { + has_version "<${CATEGORY}/${PN}-0.7" + previous_less_than_0_7=$? +} + +pkg_postinst() { + tmpfiles_process ${PN}-tmpfiles.conf + + if [[ ${previous_less_than_0_7} == 0 ]] ; then + elog + elog "Configuration files are now in /etc/fail2ban/" + elog "You probably have to manually update your configuration" + elog "files before restarting Fail2Ban!" + elog + elog "Fail2Ban is not installed under /usr/lib anymore. The" + elog "new location is under /usr/share." + elog + elog "You are upgrading from version 0.6.x, please see:" + elog "http://www.fail2ban.org/wiki/index.php/HOWTO_Upgrade_from_0.6_to_0.8" + fi + + if ! has_version dev-python/pyinotify ; then + elog "For most jail.conf configurations, it is recommended you install" + elog "dev-python/pyinotify to control how log file modifications are detected" + fi + + if ! has_version dev-lang/python[sqlite] ; then + elog "If you want to use ${PN}'s persistent database, then reinstall" + elog "dev-lang/python with USE=sqlite. If you do not use the" + elog "persistent database feature, then you should set" + elog "dbfile = :memory: in fail2ban.conf accordingly." + fi +} diff --git a/net-analyzer/fail2ban/files/fail2ban-1.1.0-openssh-9.8.patch b/net-analyzer/fail2ban/files/fail2ban-1.1.0-openssh-9.8.patch new file mode 100644 index 000000000000..6b7800ca3f0a --- /dev/null +++ b/net-analyzer/fail2ban/files/fail2ban-1.1.0-openssh-9.8.patch @@ -0,0 +1,75 @@ +https://bugs.gentoo.org/935392 +https://github.com/fail2ban/fail2ban/commit/6fce23e7baa484c7d1f9b0c9a11986f3916c41dd +https://github.com/fail2ban/fail2ban/commit/2fed408c05ac5206b490368d94599869bd6a056d +https://github.com/fail2ban/fail2ban/commit/50ff131a0fd8f54fdeb14b48353f842ee8ae8c1a + +From 6fce23e7baa484c7d1f9b0c9a11986f3916c41dd Mon Sep 17 00:00:00 2001 +From: "Sergey G. Brester" +Date: Mon, 10 Jun 2024 01:40:59 +0200 +Subject: [PATCH] `filterd./sshd.conf`: fixed journalmatch (sshd.service seems + to be renamed to ssh.service) + +closes gh-3747 +--- + config/filter.d/sshd.conf | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/config/filter.d/sshd.conf b/config/filter.d/sshd.conf +index a954774c62..1c8a02deb5 100644 +--- a/config/filter.d/sshd.conf ++++ b/config/filter.d/sshd.conf +@@ -126,7 +126,7 @@ ignoreregex = + + maxlines = 1 + +-journalmatch = _SYSTEMD_UNIT=sshd.service + _COMM=sshd ++journalmatch = _SYSTEMD_UNIT=ssh.service + _COMM=sshd + + # DEV Notes: + # + +From 2fed408c05ac5206b490368d94599869bd6a056d Mon Sep 17 00:00:00 2001 +From: Fabian Dellwing +Date: Tue, 2 Jul 2024 07:54:15 +0200 +Subject: [PATCH] Adjust sshd filter for OpenSSH 9.8 new daemon name + +--- + config/filter.d/sshd.conf | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/config/filter.d/sshd.conf b/config/filter.d/sshd.conf +index 1c8a02deb5..a1fd749aed 100644 +--- a/config/filter.d/sshd.conf ++++ b/config/filter.d/sshd.conf +@@ -16,7 +16,7 @@ before = common.conf + + [DEFAULT] + +-_daemon = sshd ++_daemon = (?:sshd(?:-session)?) + + # optional prefix (logged from several ssh versions) like "error: ", "error: PAM: " or "fatal: " + __pref = (?:(?:error|fatal): (?:PAM: )?)? + +From 50ff131a0fd8f54fdeb14b48353f842ee8ae8c1a Mon Sep 17 00:00:00 2001 +From: "Sergey G. Brester" +Date: Wed, 3 Jul 2024 19:35:28 +0200 +Subject: [PATCH] filter.d/sshd.conf: ungroup (unneeded for _daemon) + +--- + config/filter.d/sshd.conf | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/config/filter.d/sshd.conf b/config/filter.d/sshd.conf +index a1fd749aed..3a84b1ba52 100644 +--- a/config/filter.d/sshd.conf ++++ b/config/filter.d/sshd.conf +@@ -16,7 +16,7 @@ before = common.conf + + [DEFAULT] + +-_daemon = (?:sshd(?:-session)?) ++_daemon = sshd(?:-session)? + + # optional prefix (logged from several ssh versions) like "error: ", "error: PAM: " or "fatal: " + __pref = (?:(?:error|fatal): (?:PAM: )?)? -- cgit v1.2.3