From 625535d32aa615aeca780768857a555e5e6855d5 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Fri, 16 Aug 2013 09:12:13 -0600 Subject: [PATCH] Add upstream patch to fix hostsdeny permission issue --- fail2ban-hostsdeny.patch | 19 +++++++++++++++++++ fail2ban.spec | 11 ++++++++++- 2 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 fail2ban-hostsdeny.patch diff --git a/fail2ban-hostsdeny.patch b/fail2ban-hostsdeny.patch new file mode 100644 index 0000000..73a771f --- /dev/null +++ b/fail2ban-hostsdeny.patch @@ -0,0 +1,19 @@ +commit aebd24ec5485dacc5146728fa22387340b51099e +Author: Daniel Black +Date: Tue Jul 2 20:09:27 2013 +1000 + + BF: replace with ed so its cross platform, fixes permission problem gh-266, and Yaroslav doesn't revert to perl + +diff --git a/config/action.d/hostsdeny.conf b/config/action.d/hostsdeny.conf +index 50a4545..36e3494 100644 +--- a/config/action.d/hostsdeny.conf ++++ b/config/action.d/hostsdeny.conf +@@ -39,7 +39,7 @@ actionban = IP= && + # Tags: See jail.conf(5) man page + # Values: CMD + # +-actionunban = IP= && sed /ALL:\ $IP/d > .new && mv .new ++actionunban = echo "/ALL: $/
d
w
q" | ed + + [Init] + diff --git a/fail2ban.spec b/fail2ban.spec index 40164e5..da3978f 100644 --- a/fail2ban.spec +++ b/fail2ban.spec @@ -1,7 +1,7 @@ Summary: Ban IPs that make too many password failures Name: fail2ban Version: 0.8.10 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Group: System Environment/Daemons URL: http://fail2ban.sourceforge.net/ @@ -9,6 +9,10 @@ Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-% Source1: fail2ban-logrotate Patch0: fail2ban-0.8.3-init.patch Patch1: fail2ban-0.8.7.1-sshd.patch +# Upstream patch to fix hostsdeny permission issue +# https://github.com/fail2ban/fail2ban/issues/266 +# https://bugzilla.redhat.com/show_bug.cgi?id=997863 +Patch2: fail2ban-hostsdeny.patch Patch6: fail2ban-log2syslog.patch Patch8: fail2ban-notmp.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root @@ -16,6 +20,7 @@ BuildRequires: python-devel >= 2.3 # For testcases BuildRequires: python-inotify BuildArch: noarch +Requires: ed Requires: iptables Requires: gamin-python Requires: python-inotify @@ -44,6 +49,7 @@ and shorewall respectively. %setup -q %patch0 -p1 -b .init %patch1 -p1 -b .sshd +%patch2 -p1 -b .hostsdeny %patch6 -p1 -b .log2syslog %patch8 -p1 -b .notmp @@ -127,6 +133,9 @@ fi %dir %{_localstatedir}/lib/fail2ban/ %changelog +* Fri Aug 16 2013 Orion Poplawski - 0.8.10-2 +- Add upstream patch to fix hostsdeny permission issue + * Wed Jun 12 2013 Orion Poplawski - 0.8.10-1 - Update to 0.8.10 security release - Use upstream provided systemd files