You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
fail2ban/fail2ban.spec

111 lines
3.5 KiB

# Not defined in Fedora's buildsystem
%global _initdir %{_sysconfdir}/rc.d/init.d
Summary: Ban IPs that make too many password failures
Name: fail2ban
18 years ago
Version: 0.8.1
Release: 10%{?dist}
License: GPL
Group: System Environment/Daemons
URL: http://fail2ban.sourceforge.net/
Source0: http://prdownloads.sourceforge.net/%{name}/%{name}-%{version}.tar.bz2
Source1: fail2ban-logrotate
Patch0: fail2ban-0.8.0-init.patch
18 years ago
Patch1: fail2ban-0.8.1-sshd.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: python-devel >= 2.4
BuildArch: noarch
18 years ago
Requires: iptables, tcp_wrappers, shorewall, gamin-python
Requires(post): /sbin/chkconfig
Requires(preun): /sbin/chkconfig
Requires(preun): /sbin/service
%description
Fail2ban scans log files like /var/log/pwdfail or
/var/log/apache/error_log and bans IP that makes too many password
failures. It updates firewall rules to reject the IP address.
%prep
%setup -q
%patch0 -p1 -b .init
%patch1 -p1 -b .sshd
%build
python setup.py build
%install
rm -rf %{buildroot}
python setup.py install -O1 --root %{buildroot}
mkdir -p %{buildroot}%{_initdir}
install -p -m 755 files/redhat-initd %{buildroot}%{_initdir}/fail2ban
mkdir -p %{buildroot}%{_mandir}/man1
install -p -m 644 man/fail2ban*.1 %{buildroot}%{_mandir}/man1
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
install -p -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban
%clean
rm -rf %{buildroot}
%post
/sbin/chkconfig --add %{name}
%preun
if [ $1 = 0 ]; then
/sbin/service %{name} stop > /dev/null 2>&1
/sbin/chkconfig --del %{name}
fi
%files
%defattr(-,root,root,-)
%doc README TODO CHANGELOG COPYING
#doc config/fail2ban.conf*
%{_bindir}/fail2ban-server
%{_bindir}/fail2ban-client
%{_bindir}/fail2ban-regex
%{_datadir}/fail2ban
%{_initdir}/fail2ban
%{_mandir}/man1/fail2ban-*.1*
%dir %{_sysconfdir}/fail2ban
%dir %{_sysconfdir}/fail2ban/action.d
%dir %{_sysconfdir}/fail2ban/filter.d
%config(noreplace) %{_sysconfdir}/fail2ban/fail2ban.conf
%config(noreplace) %{_sysconfdir}/fail2ban/jail.conf
%config(noreplace) %{_sysconfdir}/fail2ban/action.d/*.conf
%config(noreplace) %{_sysconfdir}/fail2ban/filter.d/*.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/fail2ban
%changelog
18 years ago
* Wed Aug 15 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.1-10
- Update to 0.8.1.
- Remove patch fixing CVE-2007-4321 (upstream).
- Remove AllowUsers patch (upstream).
- Add dependency to gamin-python.
18 years ago
* Thu Jun 21 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-9
- Fix remote log injection (no CVE assignment yet).
* Sun Jun 3 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-8
- Also trigger on non-AllowUsers failures (Jonathan Underwood
<jonathan.underwood@gmail.com>).
* Wed May 23 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-7
- logrotate should restart fail2ban (Zing <zing@fastmail.fm>).
- send mail to root; logrotate (Jonathan Underwood
<jonathan.underwood@gmail.com>)
* Sat May 19 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-4
- Update to 0.8.0.
- enable ssh by default, fix log file for ssh scanning, adjust python
dependency (Jonathan Underwood <jonathan.underwood@gmail.com>)
* Sat Dec 30 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.6.2-3
- Remove forgotten condrestart.
* Fri Dec 29 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.6.2-2
- Move /usr/lib/fail2ban to %%{_datadir}/fail2ban.
- Don't default chkconfig to enabled.
- Add dependencies on service/chkconfig.
- Use example iptables/ssh config as default config.
* Mon Dec 25 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.6.2-1
- Initial build.