From 4d17e58ace7e3b8cf1037521e5ed0ff4a4924025 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Tue, 10 Jan 2017 13:33:16 -0700 Subject: [PATCH] Add upstream patch to fix fail2ban-regex with journal --- ...f1c4346597dcc4fd27151d220ea4a7806fdd.patch | 102 ++++++++++++++++++ fail2ban.spec | 9 +- 2 files changed, 110 insertions(+), 1 deletion(-) create mode 100644 2009f1c4346597dcc4fd27151d220ea4a7806fdd.patch diff --git a/2009f1c4346597dcc4fd27151d220ea4a7806fdd.patch b/2009f1c4346597dcc4fd27151d220ea4a7806fdd.patch new file mode 100644 index 0000000..73023fe --- /dev/null +++ b/2009f1c4346597dcc4fd27151d220ea4a7806fdd.patch @@ -0,0 +1,102 @@ +From 2009f1c4346597dcc4fd27151d220ea4a7806fdd Mon Sep 17 00:00:00 2001 +From: sebres +Date: Tue, 10 Jan 2017 10:59:53 +0100 +Subject: [PATCH] fail2ban-regex: fix for systemd-journal (see gh-1657) + +--- + fail2ban/client/fail2banregex.py | 31 ++++++++++++++----------------- + fail2ban/server/filtersystemd.py | 8 ++++++++ + 2 files changed, 22 insertions(+), 17 deletions(-) + +diff --git a/fail2ban/client/fail2banregex.py b/fail2ban/client/fail2banregex.py +index 71f5095..13fa35d 100755 +--- a/fail2ban/client/fail2banregex.py ++++ b/fail2ban/client/fail2banregex.py +@@ -43,12 +43,12 @@ + from ConfigParser import NoOptionError, NoSectionError, MissingSectionHeaderError + + try: +- from systemd import journal + from ..server.filtersystemd import FilterSystemd + except ImportError: +- journal = None ++ FilterSystemd = None + + from ..version import version ++from .jailreader import JailReader + from .filterreader import FilterReader + from ..server.filter import Filter, FileContainer + from ..server.failregex import RegexException +@@ -82,7 +82,7 @@ def pprint_list(l, header=None): + s = '' + output( s + "| " + "\n| ".join(l) + '\n`-' ) + +-def journal_lines_gen(myjournal): ++def journal_lines_gen(flt, myjournal): # pragma: no cover + while True: + try: + entry = myjournal.get_next() +@@ -90,7 +90,7 @@ def journal_lines_gen(myjournal): + continue + if not entry: + break +- yield FilterSystemd.formatJournalEntry(entry) ++ yield flt.formatJournalEntry(entry) + + def get_opt_parser(): + # use module docstring for help output +@@ -513,25 +513,22 @@ def start(self, opts, args): + except IOError as e: + output( e ) + return False +- elif cmd_log == "systemd-journal": # pragma: no cover +- if not journal: ++ elif cmd_log.startswith("systemd-journal"): # pragma: no cover ++ if not FilterSystemd: + output( "Error: systemd library not found. Exiting..." ) + return False +- myjournal = journal.Reader(converters={'__CURSOR': lambda x: x}) ++ output( "Use systemd journal" ) ++ output( "Use encoding : %s" % self.encoding ) ++ backend, beArgs = JailReader.extractOptions(cmd_log) ++ flt = FilterSystemd(None, **beArgs) ++ flt.setLogEncoding(self.encoding) ++ myjournal = flt.getJournalReader() + journalmatch = self._journalmatch + self.setDatePattern(None) + if journalmatch: +- try: +- for element in journalmatch: +- if element == "+": +- myjournal.add_disjunction() +- else: +- myjournal.add_match(element) +- except ValueError: +- output( "Error: Invalid journalmatch: %s" % shortstr(" ".join(journalmatch)) ) +- return False ++ flt.addJournalMatch(journalmatch) + output( "Use journal match : %s" % " ".join(journalmatch) ) +- test_lines = journal_lines_gen(myjournal) ++ test_lines = journal_lines_gen(flt, myjournal) + else: + output( "Use single line : %s" % shortstr(cmd_log) ) + test_lines = [ cmd_log ] +diff --git a/fail2ban/server/filtersystemd.py b/fail2ban/server/filtersystemd.py +index 3023155..908112a 100644 +--- a/fail2ban/server/filtersystemd.py ++++ b/fail2ban/server/filtersystemd.py +@@ -175,6 +175,14 @@ def uni_decode(self, x): + return v + + ## ++ # Get journal reader ++ # ++ # @return journal reader ++ ++ def getJournalReader(self): ++ return self.__journal ++ ++ ## + # Format journal log entry into syslog style + # + # @param entry systemd journal entry dict diff --git a/fail2ban.spec b/fail2ban.spec index f2c4ab7..217157e 100644 --- a/fail2ban.spec +++ b/fail2ban.spec @@ -1,11 +1,14 @@ Summary: Daemon to ban hosts that cause multiple authentication errors Name: fail2ban Version: 0.9.6 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ URL: http://fail2ban.sourceforge.net/ Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz #Source0: https://github.com/sebres/%{name}/archive/f2b-perfom-prepare-716-cs.tar.gz#/%{name}-test.tar.gz +# fail2ban-regex: fix for systemd-journal +# https://github.com/fail2ban/fail2ban/issues/1657 +Patch0: https://github.com/fail2ban/fail2ban/commit/2009f1c4346597dcc4fd27151d220ea4a7806fdd.patch # Give up being PartOf iptables for now # https://bugzilla.redhat.com/show_bug.cgi?id=1379141 Patch2: fail2ban-partof.patch @@ -157,6 +160,7 @@ by default. %prep %setup -q +%patch0 -p1 -b .journal %patch2 -p1 -b .partof %patch3 -p1 -b .sendmail # Use Fedora paths @@ -297,6 +301,9 @@ fi %changelog +* Tue Jan 10 2017 Orion Poplawski - 0.9.6-2 +- Add upstream patch to fix fail2ban-regex with journal + * Fri Jan 6 2017 Orion Poplawski - 0.9.6-1 - Update to 0.9.6 - Fix sendmail-auth filter (bug #1329919)