Add patches / updates for various fixes:

* Add patch for Python 3.11 compatibilitys, fixes RHBZ#2034205.
* Comment out a few lines in the selinux files that broke building on
  EPEL and don't seem to be needed. Fixes RHBZ#2029193.
* Work around 2to3 being removed from Python setuptools.
i9ce
Richard Shaw 3 years ago
parent 268050b7f4
commit 3f49a1709f

@ -0,0 +1,21 @@
Index: fail2ban-0.11.2/fail2ban/tests/actiontestcase.py
===================================================================
--- fail2ban-0.11.2.orig/fail2ban/tests/actiontestcase.py
+++ fail2ban-0.11.2/fail2ban/tests/actiontestcase.py
@@ -244,14 +244,14 @@ class CommandActionTest(LogCaptureTestCa
setattr(self.__action, 'ab', "<ac>")
setattr(self.__action, 'x?family=inet6', "")
# produce self-referencing properties except:
- self.assertRaisesRegexp(ValueError, r"properties contain self referencing definitions",
+ self.assertRaisesRegex(ValueError, r"properties contain self referencing definitions",
lambda: self.__action.replaceTag("<a><b>",
self.__action._properties, conditional="family=inet4")
)
# remore self-referencing in props:
delattr(self.__action, 'ac')
# produce self-referencing query except:
- self.assertRaisesRegexp(ValueError, r"possible self referencing definitions in query",
+ self.assertRaisesRegex(ValueError, r"possible self referencing definitions in query",
lambda: self.__action.replaceTag("<x"*30+">"*30,
self.__action._properties, conditional="family=inet6")
)

@ -23,6 +23,10 @@ Patch1: https://github.com/fail2ban/fail2ban/commit/f259dac74721c00f0184bf452771
Patch2: https://github.com/fail2ban/fail2ban/compare/ea26509594a3220b012071604d73bb42d0ecae2c...py-3-10-alpha-5.patch
# CVE-2021-32749 https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm
Patch3: https://github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844.patch
# https://github.com/fail2ban/fail2ban/issues/2882
#Patch4: https://github.com/fail2ban/fail2ban/commit/ebf5784b8cd4b7c52d0f328b780833b8594f5567.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2034205
Patch5: fail2ban-python311.patch
BuildArch: noarch
@ -217,6 +221,10 @@ find -type f -exec sed -i -e '1s,^#!/usr/bin/python *,#!/usr/bin/python%{python3
# SELinux sources
cp -p %SOURCE1 %SOURCE2 %SOURCE3 .
# 2to3 has been removed from setuptools and we already use the binary in
# %%prep.
sed -i "/use_2to3/d" setup.py
%build
%if 0%{?rhel} && 0%{?rhel} < 8
@ -263,8 +271,8 @@ cat > %{buildroot}%{_sysconfdir}/%{name}/jail.d/00-firewalld.conf <<EOF
# the firewalld actions as the default actions. You can remove this package
# (along with the empty fail2ban meta-package) if you do not use firewalld
[DEFAULT]
banaction = firewallcmd-rich-rules[actiontype=<multiport>]
banaction_allports = firewallcmd-rich-rules[actiontype=<allports>]
banaction = firewallcmd-rich-rules
banaction_allports = firewallcmd-rich-rules
EOF
# systemd journal configuration

@ -45,7 +45,7 @@ allow fail2ban_t self:netlink_netfilter_socket create_socket_perms;
read_files_pattern(fail2ban_t, fail2ban_t, fail2ban_t)
allow fail2ban_t fail2ban_log_t:file watch;
#allow fail2ban_t fail2ban_log_t:file watch;
append_files_pattern(fail2ban_t, fail2ban_log_t, fail2ban_log_t)
create_files_pattern(fail2ban_t, fail2ban_log_t, fail2ban_log_t)
setattr_files_pattern(fail2ban_t, fail2ban_log_t, fail2ban_log_t)
@ -100,10 +100,10 @@ logging_read_syslog_pid(fail2ban_t)
logging_dontaudit_search_audit_logs(fail2ban_t)
logging_mmap_generic_logs(fail2ban_t)
logging_mmap_journal(fail2ban_t)
logging_watch_audit_log_files(fail2ban_t)
logging_watch_audit_log_dirs(fail2ban_t)
logging_watch_generic_log_dirs(fail2ban_t)
logging_watch_journal_dir(fail2ban_t)
#logging_watch_audit_log_files(fail2ban_t)
#logging_watch_audit_log_dirs(fail2ban_t)
#logging_watch_generic_log_dirs(fail2ban_t)
#logging_watch_journal_dir(fail2ban_t)
mta_send_mail(fail2ban_t)

Loading…
Cancel
Save