From 7ceeaf466ebf123d1de79f73dbef1d0e1f6ea86f Mon Sep 17 00:00:00 2001
From: Sergey Cherevko <sergey.cherevko@softline.com>
Date: Wed, 22 Nov 2023 12:04:50 +0300
Subject: [PATCH] import fail2ban-1.0.2-7.el9

---
 .fail2ban.metadata                            |   1 +
 .gitignore                                    |   3 +-
 ...7e1e93936f09e349e80d94254e5f43d0cc8a.patch |   0
 Makefile => SOURCES/Makefile                  |   0
 ...94c5229bd474f612b57b67d796252a4aab7a.patch |   0
 SOURCES/fail2ban-1.0.2.tar.gz.asc             |  11 +
 .../fail2ban-partof.patch                     |   0
 fail2ban.fc => SOURCES/fail2ban.fc            |   0
 fail2ban.if => SOURCES/fail2ban.if            |   0
 .../fail2ban.rpmlintrc                        |   0
 fail2ban.spec => SOURCES/fail2ban.spec        |   0
 fail2ban.te => SOURCES/fail2ban.te            |   0
 ...38559E26F671DF9E2C6D9E683BF1BEBD0A882C.asc |   0
 SPECS/fail2ban.spec                           | 856 ++++++++++++++++++
 sources                                       |   2 -
 15 files changed, 869 insertions(+), 4 deletions(-)
 create mode 100644 .fail2ban.metadata
 rename 432e7e1e93936f09e349e80d94254e5f43d0cc8a.patch => SOURCES/432e7e1e93936f09e349e80d94254e5f43d0cc8a.patch (100%)
 rename Makefile => SOURCES/Makefile (100%)
 rename ca2b94c5229bd474f612b57b67d796252a4aab7a.patch => SOURCES/ca2b94c5229bd474f612b57b67d796252a4aab7a.patch (100%)
 create mode 100644 SOURCES/fail2ban-1.0.2.tar.gz.asc
 rename fail2ban-partof.patch => SOURCES/fail2ban-partof.patch (100%)
 rename fail2ban.fc => SOURCES/fail2ban.fc (100%)
 rename fail2ban.if => SOURCES/fail2ban.if (100%)
 rename fail2ban.rpmlintrc => SOURCES/fail2ban.rpmlintrc (100%)
 rename fail2ban.spec => SOURCES/fail2ban.spec (100%)
 rename fail2ban.te => SOURCES/fail2ban.te (100%)
 rename gpgkey-8738559E26F671DF9E2C6D9E683BF1BEBD0A882C.asc => SOURCES/gpgkey-8738559E26F671DF9E2C6D9E683BF1BEBD0A882C.asc (100%)
 create mode 100644 SPECS/fail2ban.spec
 delete mode 100644 sources

diff --git a/.fail2ban.metadata b/.fail2ban.metadata
new file mode 100644
index 0000000..6c437ed
--- /dev/null
+++ b/.fail2ban.metadata
@@ -0,0 +1 @@
+8da05640142805588a9b9a90656036b773f545a4  SOURCES/fail2ban-1.0.2.tar.gz
diff --git a/.gitignore b/.gitignore
index e633b53..c3260f2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1 @@
-/fail2ban-*/
-/fail2ban-*.tar.gz*
+SOURCES/fail2ban-1.0.2.tar.gz
diff --git a/432e7e1e93936f09e349e80d94254e5f43d0cc8a.patch b/SOURCES/432e7e1e93936f09e349e80d94254e5f43d0cc8a.patch
similarity index 100%
rename from 432e7e1e93936f09e349e80d94254e5f43d0cc8a.patch
rename to SOURCES/432e7e1e93936f09e349e80d94254e5f43d0cc8a.patch
diff --git a/Makefile b/SOURCES/Makefile
similarity index 100%
rename from Makefile
rename to SOURCES/Makefile
diff --git a/ca2b94c5229bd474f612b57b67d796252a4aab7a.patch b/SOURCES/ca2b94c5229bd474f612b57b67d796252a4aab7a.patch
similarity index 100%
rename from ca2b94c5229bd474f612b57b67d796252a4aab7a.patch
rename to SOURCES/ca2b94c5229bd474f612b57b67d796252a4aab7a.patch
diff --git a/SOURCES/fail2ban-1.0.2.tar.gz.asc b/SOURCES/fail2ban-1.0.2.tar.gz.asc
new file mode 100644
index 0000000..d0e6fe9
--- /dev/null
+++ b/SOURCES/fail2ban-1.0.2.tar.gz.asc
@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCgAdFiEEhzhVnib2cd+eLG2eaDvxvr0KiCwFAmNr0KgACgkQaDvxvr0K
+iCyG4Af/eP5ZQvTiGjo/f1oOuBH8wOo7ARlFOcQIbdhXy10vk3bqDjYHVWzXh12Q
+EdfyJVMXFI3XnDQkdXulOjnhX6YK3qYruudl0oDE7jyIWbHETFUpY7y00uxjTD+A
+aBk4XqBym67BtBR/5dfnhXOBYZ9EXcbopvEQXq1Lm4jRSurSQCiVpMY44psW60Rb
+dt1fdIg/GTjhsYNWO2L6DCObV1qdJcdk8Zw7rvk9aHe7iZ+PZW7htG8erTzzV9LV
+Lq6Bcwz6tEFInTvDBZXIhBimYrquWp97qwEC3d1cNbv9pjN69czgLtRaq5EiVu4R
+e8+y9LLToHFjKeji436S6985hBQnEA==
+=jGOy
+-----END PGP SIGNATURE-----
diff --git a/fail2ban-partof.patch b/SOURCES/fail2ban-partof.patch
similarity index 100%
rename from fail2ban-partof.patch
rename to SOURCES/fail2ban-partof.patch
diff --git a/fail2ban.fc b/SOURCES/fail2ban.fc
similarity index 100%
rename from fail2ban.fc
rename to SOURCES/fail2ban.fc
diff --git a/fail2ban.if b/SOURCES/fail2ban.if
similarity index 100%
rename from fail2ban.if
rename to SOURCES/fail2ban.if
diff --git a/fail2ban.rpmlintrc b/SOURCES/fail2ban.rpmlintrc
similarity index 100%
rename from fail2ban.rpmlintrc
rename to SOURCES/fail2ban.rpmlintrc
diff --git a/fail2ban.spec b/SOURCES/fail2ban.spec
similarity index 100%
rename from fail2ban.spec
rename to SOURCES/fail2ban.spec
diff --git a/fail2ban.te b/SOURCES/fail2ban.te
similarity index 100%
rename from fail2ban.te
rename to SOURCES/fail2ban.te
diff --git a/gpgkey-8738559E26F671DF9E2C6D9E683BF1BEBD0A882C.asc b/SOURCES/gpgkey-8738559E26F671DF9E2C6D9E683BF1BEBD0A882C.asc
similarity index 100%
rename from gpgkey-8738559E26F671DF9E2C6D9E683BF1BEBD0A882C.asc
rename to SOURCES/gpgkey-8738559E26F671DF9E2C6D9E683BF1BEBD0A882C.asc
diff --git a/SPECS/fail2ban.spec b/SPECS/fail2ban.spec
new file mode 100644
index 0000000..653f9f2
--- /dev/null
+++ b/SPECS/fail2ban.spec
@@ -0,0 +1,856 @@
+%if 0%{?rhel} >= 9
+%bcond_with     shorewall
+%else
+%bcond_without  shorewall
+%endif
+
+Name: fail2ban
+Version: 1.0.2
+Release: 7%{?dist}
+Summary: Daemon to ban hosts that cause multiple authentication errors
+
+License: GPLv2+
+URL: http://fail2ban.sourceforge.net/
+Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
+Source1: https://github.com/%{name}/%{name}/releases/download/%{version}/%{name}-%{version}.tar.gz.asc
+# Releases are signed by Serg G. Brester (sebres) <info AT sebres.de>.  The
+# fingerprint can be found in a signature file:
+#   gpg --list-packets fail2ban-1.0.2.tar.gz.asc | grep 'issuer fpr'
+#
+# The following commands can be used to fetch the signing key via fingerprint
+# and extract it:
+#   fpr=8738559E26F671DF9E2C6D9E683BF1BEBD0A882C
+#   gpg --receive-keys $fpr
+#   gpg -a --export-options export-minimal --export $fpr >gpgkey-$fpr.asc
+Source2: gpgkey-8738559E26F671DF9E2C6D9E683BF1BEBD0A882C.asc
+# SELinux policy
+Source3: fail2ban.fc
+Source4: fail2ban.if
+Source5: fail2ban.te
+Source6: Makefile
+
+# Give up being PartOf iptables and ipset for now
+# https://bugzilla.redhat.com/show_bug.cgi?id=1379141
+# https://bugzilla.redhat.com/show_bug.cgi?id=1573185
+Patch0: fail2ban-partof.patch
+# Patch for dovecot jail eating 100% CPU
+#Patch2: https://github.com/fail2ban/fail2ban/commit/ca2b94c5229bd474f612b57b67d796252a4aab7a.patch
+# Remove warning about allowipv6 from startup
+Patch2: https://github.com/fail2ban/fail2ban/commit/432e7e1e93936f09e349e80d94254e5f43d0cc8a.patch
+
+
+BuildArch: noarch
+
+%if 0%{?rhel} && 0%{?rhel} < 8
+BuildRequires: python-devel
+BuildRequires: python-setuptools
+# For testcases
+BuildRequires: python-inotify
+%else
+BuildRequires: python3-devel
+BuildRequires: python3-setuptools
+BuildRequires: /usr/bin/2to3
+# For testcases
+BuildRequires: python3-inotify
+%endif
+BuildRequires: sqlite
+BuildRequires: systemd
+BuildRequires: selinux-policy-devel
+BuildRequires: make
+BuildRequires: bash-completion
+BuildRequires: gnupg2
+
+# Default components
+Requires: %{name}-firewalld = %{version}-%{release}
+Requires: %{name}-sendmail = %{version}-%{release}
+Requires: %{name}-server = %{version}-%{release}
+
+
+%description
+Fail2Ban scans log files and bans IP addresses that makes too many password
+failures. It updates firewall rules to reject the IP address. These rules can
+be defined by the user. Fail2Ban can read multiple log files such as sshd or
+Apache web server ones.
+
+Fail2Ban is able to reduce the rate of incorrect authentications attempts
+however it cannot eliminate the risk that weak authentication presents.
+Configure services to use only two factor or public/private authentication
+mechanisms if you really want to protect services.
+
+This is a meta-package that will install the default configuration.  Other
+sub-packages are available to install support for other actions and
+configurations.
+
+
+%package selinux
+Summary: SELinux policies for Fail2Ban
+%{?selinux_requires}
+%global modulename fail2ban
+%global selinuxtype targeted
+
+%description selinux
+SELinux policies for Fail2Ban.
+
+
+%package server
+Summary: Core server component for Fail2Ban
+%if 0%{?rhel} && 0%{?rhel} < 8
+Requires: systemd-python
+Requires: ipset
+Requires: iptables
+%else
+Requires: python3-systemd
+Requires: nftables
+%endif
+Requires(post): systemd
+Requires(preun): systemd
+Requires(postun): systemd
+%if 0%{?fedora} || 0%{?rhel} >= 8
+Requires: (%{name}-selinux if selinux-policy-%{selinuxtype})
+%else
+Requires: %{name}-selinux
+%endif
+
+%description server
+This package contains the core server components for Fail2Ban with minimal
+dependencies.  You can install this directly if you want to have a small
+installation and know what you are doing.
+
+
+%package all
+Summary: Install all Fail2Ban packages and dependencies
+Requires: %{name}-firewalld = %{version}-%{release}
+Requires: %{name}-hostsdeny = %{version}-%{release}
+Requires: %{name}-mail = %{version}-%{release}
+Requires: %{name}-sendmail = %{version}-%{release}
+Requires: %{name}-server = %{version}-%{release}
+%if %{with shorewall}
+Requires: %{name}-shorewall = %{version}-%{release}
+%endif
+Requires: perl-interpreter
+%if 0%{?rhel} && 0%{?rhel} < 8
+Requires: python-inotify
+# No python3 support for gamin so epel only
+Requires: gamin-python
+%else
+Requires: python3-inotify
+%endif
+Requires: /usr/bin/whois
+
+%description all
+This package installs all of the Fail2Ban packages and dependencies.
+
+
+%package firewalld
+Summary: Firewalld support for Fail2Ban
+Requires: %{name}-server = %{version}-%{release}
+Requires: firewalld
+
+%description firewalld
+This package enables support for manipulating firewalld rules.  This is the
+default firewall service in Fedora.
+
+
+%package hostsdeny
+Summary: Hostsdeny (tcp_wrappers) support for Fail2Ban
+Requires: %{name}-server = %{version}-%{release}
+Requires: ed
+Requires: tcp_wrappers
+
+%description hostsdeny
+This package enables support for manipulating tcp_wrapper's /etc/hosts.deny
+files.
+
+
+%package tests
+Summary: Fail2Ban testcases
+Requires: %{name}-server = %{version}-%{release}
+
+%description tests
+This package contains Fail2Ban's testscases and scripts.
+
+
+%package mail
+Summary: Mail actions for Fail2Ban
+Requires: %{name}-server = %{version}-%{release}
+Requires: /usr/bin/mail
+
+%description mail
+This package installs Fail2Ban's mail actions.  These are an alternative
+to the default sendmail actions.
+
+
+%package sendmail
+Summary: Sendmail actions for Fail2Ban
+Requires: %{name}-server = %{version}-%{release}
+Requires: /usr/sbin/sendmail
+
+%description sendmail
+This package installs Fail2Ban's sendmail actions.  This is the default
+mail actions for Fail2Ban.
+
+
+%if %{with shorewall}
+%package shorewall
+Summary: Shorewall support for Fail2Ban
+Requires: %{name}-server = %{version}-%{release}
+Requires: shorewall
+Conflicts: %{name}-shorewall-lite
+
+%description shorewall
+This package enables support for manipulating shorewall rules.
+
+
+%package shorewall-lite
+Summary: Shorewall lite support for Fail2Ban
+Requires: %{name}-server = %{version}-%{release}
+Requires: shorewall-lite
+Conflicts: %{name}-shorewall
+
+%description shorewall-lite
+This package enables support for manipulating shorewall rules.
+%endif
+
+
+%package systemd
+Summary: Systemd journal configuration for Fail2Ban
+Requires: %{name}-server = %{version}-%{release}
+
+%description systemd
+This package configures Fail2Ban to use the systemd journal for its log input
+by default.
+
+
+%prep
+%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
+%autosetup -p1
+
+# Use Fedora paths
+sed -i -e 's/^before = paths-.*/before = paths-fedora.conf/' config/jail.conf
+%if 0%{?fedora} || 0%{?rhel} >= 8
+2to3 --write --nobackups .
+find -type f -exec sed -i -e '1s,^#!/usr/bin/python *,#!/usr/bin/python%{python3_version},' {} +
+%endif
+
+# SELinux sources
+cp -p %SOURCE3 %SOURCE4 %SOURCE5 .
+
+# 2to3 has been removed from setuptools and we already use the binary in
+# %%prep.
+sed -i "/use_2to3/d" setup.py
+
+
+%build
+%if 0%{?rhel} && 0%{?rhel} < 8
+%py2_build
+%else
+%py3_build
+%endif
+make -f %SOURCE6
+
+
+%install
+%if 0%{?rhel} && 0%{?rhel} < 8
+%py2_install
+# Make symbolic link relative
+ln -fs python2 %{buildroot}%{_bindir}/fail2ban-python
+%else
+%py3_install
+ln -fs python3 %{buildroot}%{_bindir}/fail2ban-python
+%endif
+
+mkdir -p %{buildroot}%{_unitdir}
+cp -p build/fail2ban.service %{buildroot}%{_unitdir}/
+mkdir -p %{buildroot}%{_mandir}/man{1,5}
+install -p -m 644 man/*.1 %{buildroot}%{_mandir}/man1
+install -p -m 644 man/*.5 %{buildroot}%{_mandir}/man5
+mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
+install -p -m 644 files/fail2ban-logrotate %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban
+install -d -m 0755 %{buildroot}/run/fail2ban/
+install -m 0600 /dev/null %{buildroot}/run/fail2ban/fail2ban.pid
+install -d -m 0755 %{buildroot}%{_localstatedir}/lib/fail2ban/
+mkdir -p %{buildroot}%{_tmpfilesdir}
+install -p -m 0644 files/fail2ban-tmpfiles.conf %{buildroot}%{_tmpfilesdir}/fail2ban.conf
+
+# Remove non-Linux actions
+rm %{buildroot}%{_sysconfdir}/%{name}/action.d/*ipfw.conf
+rm %{buildroot}%{_sysconfdir}/%{name}/action.d/{ipfilter,pf,ufw}.conf
+rm %{buildroot}%{_sysconfdir}/%{name}/action.d/osx-*.conf
+
+# Remove config files for other distros
+rm -f %{buildroot}%{_sysconfdir}/fail2ban/paths-{arch,debian,freebsd,opensuse,osx}.conf
+
+# firewalld configuration
+cat > %{buildroot}%{_sysconfdir}/%{name}/jail.d/00-firewalld.conf <<EOF
+# This file is part of the fail2ban-firewalld package to configure the use of
+# the firewalld actions as the default actions.  You can remove this package
+# (along with the empty fail2ban meta-package) if you do not use firewalld
+[DEFAULT]
+banaction = firewallcmd-rich-rules
+banaction_allports = firewallcmd-rich-rules
+EOF
+
+# systemd journal configuration
+cat > %{buildroot}%{_sysconfdir}/%{name}/jail.d/00-systemd.conf <<EOF
+# This file is part of the fail2ban-systemd package to configure the use of
+# the systemd journal as the default backend.  You can remove this package
+# (along with the empty fail2ban meta-package) if you do not want to use the
+# journal backend
+[DEFAULT]
+backend=systemd
+EOF
+
+# Remove installed doc, use doc macro instead
+rm -r %{buildroot}%{_docdir}/%{name}
+
+# SELinux
+# install policy modules
+install -d %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}
+install -m 0644 %{modulename}.pp.bz2 %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}
+
+#BASH completion
+COMPLETIONDIR=%{buildroot}$(pkg-config --variable=completionsdir bash-completion)
+%__mkdir_p $COMPLETIONDIR
+%__install -p -m 644 files/bash-completion $COMPLETIONDIR/fail2ban
+
+
+%check
+%if 0%{?rhel} && 0%{?rhel} < 8
+%python2 bin/fail2ban-testcases --verbosity=2 --no-network
+%else
+%python3 bin/fail2ban-testcases --verbosity=2 --no-network
+%endif
+
+
+%pre selinux
+%selinux_relabel_pre -s %{selinuxtype}
+
+%post selinux
+%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{modulename}.pp.bz2
+
+%postun selinux
+if [ $1 -eq 0 ]; then
+    %selinux_modules_uninstall -s %{selinuxtype} %{modulename}
+fi
+
+%posttrans selinux
+%selinux_relabel_post -s %{selinuxtype}
+
+%post server
+%systemd_post fail2ban.service
+
+%preun server
+%systemd_preun fail2ban.service
+
+%postun server
+%systemd_postun_with_restart fail2ban.service
+
+
+%files
+
+%files selinux
+%{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2
+%ghost %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{name}
+%license COPYING
+
+%files server
+%doc README.md TODO ChangeLog COPYING doc/*.txt
+%{_bindir}/fail2ban-client
+%{_bindir}/fail2ban-python
+%{_bindir}/fail2ban-regex
+%{_bindir}/fail2ban-server
+%if 0%{?rhel} && 0%{?rhel} < 8
+%{python2_sitelib}/*
+%exclude %{python2_sitelib}/fail2ban/tests
+%else
+%{python3_sitelib}/*
+%exclude %{python3_sitelib}/fail2ban/tests
+%endif
+%{_unitdir}/fail2ban.service
+%{_datadir}/bash-completion/
+%{_mandir}/man1/fail2ban.1*
+%{_mandir}/man1/fail2ban-client.1*
+%{_mandir}/man1/fail2ban-python.1*
+%{_mandir}/man1/fail2ban-regex.1*
+%{_mandir}/man1/fail2ban-server.1*
+%{_mandir}/man5/*.5*
+%config(noreplace) %{_sysconfdir}/fail2ban/
+%exclude %{_sysconfdir}/fail2ban/action.d/complain.conf
+%exclude %{_sysconfdir}/fail2ban/action.d/hostsdeny.conf
+%exclude %{_sysconfdir}/fail2ban/action.d/mail.conf
+%exclude %{_sysconfdir}/fail2ban/action.d/mail-buffered.conf
+%exclude %{_sysconfdir}/fail2ban/action.d/mail-whois.conf
+%exclude %{_sysconfdir}/fail2ban/action.d/mail-whois-lines.conf
+%exclude %{_sysconfdir}/fail2ban/action.d/sendmail-*.conf
+%exclude %{_sysconfdir}/fail2ban/action.d/shorewall.conf
+%exclude %{_sysconfdir}/fail2ban/jail.d/*.conf
+%config(noreplace) %{_sysconfdir}/logrotate.d/fail2ban
+%{_tmpfilesdir}/fail2ban.conf
+%dir %{_localstatedir}/lib/fail2ban/
+%dir /run/%{name}/
+%ghost %verify(not size mtime md5) /run/%{name}/%{name}.pid
+
+%files all
+
+%files firewalld
+%config(noreplace) %{_sysconfdir}/fail2ban/jail.d/00-firewalld.conf
+
+%files hostsdeny
+%config(noreplace) %{_sysconfdir}/fail2ban/action.d/hostsdeny.conf
+
+%files tests
+%{_bindir}/fail2ban-testcases
+%{_mandir}/man1/fail2ban-testcases.1*
+%if 0%{?rhel} && 0%{?rhel} < 8
+%{python2_sitelib}/fail2ban/tests
+%else
+%{python3_sitelib}/fail2ban/tests
+%endif
+
+%files mail
+%config(noreplace) %{_sysconfdir}/fail2ban/action.d/complain.conf
+%config(noreplace) %{_sysconfdir}/fail2ban/action.d/mail.conf
+%config(noreplace) %{_sysconfdir}/fail2ban/action.d/mail-buffered.conf
+%config(noreplace) %{_sysconfdir}/fail2ban/action.d/mail-whois.conf
+%config(noreplace) %{_sysconfdir}/fail2ban/action.d/mail-whois-lines.conf
+
+%files sendmail
+%config(noreplace) %{_sysconfdir}/fail2ban/action.d/sendmail-*.conf
+
+%if %{with shorewall}
+%files shorewall
+%config(noreplace) %{_sysconfdir}/fail2ban/action.d/shorewall.conf
+
+%files shorewall-lite
+%config(noreplace) %{_sysconfdir}/fail2ban/action.d/shorewall.conf
+%endif
+
+%files systemd
+%config(noreplace) %{_sysconfdir}/fail2ban/jail.d/00-systemd.conf
+
+
+%changelog
+* Wed Nov 22 2023 Sergey Cherevko <s.cherevko@msvsphere-os.ru> - 1.0.2-7
+- Rebuilt for MSVSphere 9.3
+
+* Mon Jun 26 2023 Todd Zullinger <tmz@pobox.com> - 1.0.2-7
+- exclude shorewall subpackage on epel9 (rhbz#2217649)
+
+* Wed Jun 14 2023 Python Maint <python-maint@redhat.com> - 1.0.2-6
+- Rebuilt for Python 3.12
+
+* Tue Apr 04 2023 Orion Poplawski <orion@nwra.com> - 1.0.2-5
+- Drop downstream python3.11 patch, upstream went with a different fix
+
+* Sun Apr 02 2023 Todd Zullinger <tmz@pobox.com> - 1.0.2-4
+- verify upstream source signature
+
+* Thu Mar 30 2023 Orion Poplawski <orion@nwra.com> - 1.0.2-3
+- Add upstream patch to remove warning about allowipv6 (bz#2160781)
+
+* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Sat Dec 17 2022 Richard Shaw <hobbes1069@gmail.com> - 1.0.2-1
+- Update to 1.0.2.
+
+* Wed Nov 02 2022 Richard Shaw <hobbes1069@gmail.com> - 1.0.1-2
+- Add patch for dovecot eating 100% CPU.
+
+* Sun Oct 02 2022 Richard Shaw <hobbes1069@gmail.com> - 1.0.1-1
+- Update to 1.0.1.
+
+* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.11.2-14
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Wed Jun 15 2022 Python Maint <python-maint@redhat.com> - 0.11.2-13
+- Rebuilt for Python 3.11
+
+* Wed May 18 2022 Orion Poplawski <orion@nwra.com> - 0.11.2-12
+- Fix SELinux policy to allow watch on var_log_t (bz#2083923)
+
+* Fri Jan 28 2022 Orion Poplawski <orion@nwra.com> - 0.11.2-11
+- Require /usr/bin/mail instead of mailx
+
+* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.11.2-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Sun Sep 26 2021 Mikel Olasagasti Uranga <mikel@olasagasti.info> - 0.11.2-9
+- Fix CVE-2021-32749 RHBZ#1983223
+
+* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.11.2-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Mon Jun 07 2021 Python Maint <python-maint@redhat.com> - 0.11.2-7
+- Rebuilt for Python 3.10
+
+* Sun Jun 06 2021 Richard Shaw <hobbes1069@gmail.com> - 0.11.2-6
+- Update selinux policy for Fedora 34+
+
+* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 0.11.2-5
+- Rebuilt for Python 3.10
+
+* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.11.2-4
+- Rebuilt for updated systemd-rpm-macros
+  See https://pagure.io/fesco/issue/2583.
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.11.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Wed Jan 06 2021 Richard Shaw <hobbes1069@gmail.com> - 0.11.2-2
+- Add patch to deal with a new century in tests (2021).
+
+* Tue Nov 24 2020 Richard Shaw <hobbes1069@gmail.com> - 0.11.2-1
+- Update to 0.11.2.
+
+* Fri Aug 28 2020 Richard Shaw <hobbes1069@gmail.com> - 0.11.1-10.2
+- Create shorewall-lite subpackage package which conflicts with shorewall
+  subpackage. Fixes RHBZ#1872759.
+
+* Tue Jul 28 2020 Richard Shaw <hobbes1069@gmail.com> - 0.11.1-9.2
+- Fix python2 requires for EPEL 7.
+
+* Mon Jul 27 2020 Richard Shaw <hobbes1069@gmail.com> - 0.11.1-9
+- Add conditonals back for EL 7 as it's being brought up to date.
+- Add patch to deal with nftables not accepting ":" as a port separator.
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.11.1-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 0.11.1-7
+- Rebuilt for Python 3.9
+
+* Thu Apr 16 2020 Richard Shaw <hobbes1069@gmail.com> - 0.11.1-6
+- Change default firewalld backend from ipset to rich-rules as ipset causes
+  firewalld to use legacy iptables. Fixes RHBZ#1823746.
+- Remove conditionals for EL versions less than 7.
+
+* Thu Mar 19 2020 Richard Shaw <hobbes1069@gmail.com> - 0.11.1-5
+- Update for Python 3.9.
+
+* Wed Feb 26 2020 Orion Poplawski <orion@nwra.com> - 0.11.1-4
+- Add SELinux policy
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.11.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Tue Jan 21 2020 Orion Poplawski <orion@nwra.com> - 0.11.1-2
+- Move action.d/mail-whois-common.conf into fail2ban-server
+
+* Tue Jan 14 2020 Orion Poplawski <orion@nwra.com> - 0.11.1-1
+- Update to 0.11.1
+
+* Tue Jan 14 2020 Orion Poplawski <orion@nwra.com> - 0.10.5-1
+- Update to 0.10.5
+
+* Thu Nov 21 2019 Orion Poplawski <orion@nwra.com> - 0.10.4-8
+- Define banaction_allports for firewalld, update banaction (bz#1775175)
+- Update sendmail-reject with TLSMTA & MSA port IDs (bz#1722625)
+
+* Thu Oct 31 2019 Orion Poplawski <orion@nwra.com> - 0.10.4-7
+- Remove config files for other distros (bz#1533113)
+
+* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 0.10.4-6
+- Rebuilt for Python 3.8.0rc1 (#1748018)
+
+* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 0.10.4-5
+- Rebuilt for Python 3.8
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.4-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.4-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Sun Nov 18 2018 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.10.4-2
+- Drop explicit locale setting
+  See https://fedoraproject.org/wiki/Changes/Remove_glibc-langpacks-all_from_buildroot
+
+* Fri Oct 5 2018 Orion Poplawski <orion@nwra.com> - 0.10.4-1
+- Update to 0.10.4
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.3.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Tue Jun 19 2018 Orion Poplawski <orion@nwra.com> - 0.10.3.1-2
+- Remove PartOf ipset.service (bug #1573185)
+
+* Tue Jun 19 2018 Orion Poplawski <orion@nwra.com> - 0.10.3.1-1
+- Update to 0.10.3.1
+
+* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 0.10.2-2
+- Rebuilt for Python 3.7
+
+* Wed Mar 28 2018 Orion Poplawski <orion@nwra.com> - 0.10.2-1
+- Update to 0.10.2
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.1-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Sat Dec 30 2017 Orion Poplawski <orion@nwra.com> - 0.10.1-3
+- Add upstream patch to fix ipset issue (bug #1525134)
+
+* Sat Dec 30 2017 Orion Poplawski <orion@nwra.com> - 0.10.1-2
+- Add upstream patch to fix buildroot issue
+
+* Tue Nov 14 2017 Orion Poplawski <orion@cora.nwra.com> - 0.10.1-1
+- Update to 0.10.1
+
+* Wed Sep 20 2017 Orion Poplawski <orion@cora.nwra.com> - 0.10.0-1
+- Update to 0.10.0
+
+* Wed Aug 16 2017 Orion Poplawski <orion@cora.nwra.com> - 0.9.7-4
+- Use BR /usr/bin/2to3
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.7-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Thu Jul 13 2017 Petr Pisar <ppisar@redhat.com> - 0.9.7-2
+- perl dependency renamed to perl-interpreter
+  <https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules>
+
+* Wed Jul 12 2017 Orion Poplawski <orion@cora.nwra.com> - 0.9.7-1
+- Update to 0.9.7
+
+* Wed Feb 15 2017 Orion Poplawski <orion@cora.nwra.com> - 0.9.6-4
+- Properly handle /run/fail2ban (bug #1422500)
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.6-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Tue Jan 10 2017 Orion Poplawski <orion@cora.nwra.com> - 0.9.6-2
+- Add upstream patch to fix fail2ban-regex with journal
+
+* Fri Jan 6 2017 Orion Poplawski <orion@cora.nwra.com> - 0.9.6-1
+- Update to 0.9.6
+- Fix sendmail-auth filter (bug #1329919)
+
+* Mon Dec 19 2016 Miro Hrončok <mhroncok@redhat.com> - 0.9.5-5
+- Rebuild for Python 3.6
+
+* Fri Oct 7 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.5-4
+- %%ghost /run/fail2ban
+- Fix typo in shorewall description
+- Move tests to -tests sub-package
+
+* Mon Oct 3 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.5-3
+- Add journalmatch entries for sendmail (bug #1329919)
+
+* Mon Oct 3 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.5-2
+- Give up being PartOf iptables to allow firewalld restarts to work
+  (bug #1379141)
+
+* Mon Oct 3 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.5-1
+- Add patch to fix failing test
+
+* Sun Sep 25 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.5-1
+- Update to 0.9.5
+- Drop mysql patch applied upstream
+
+* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.4-6
+- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
+
+* Tue Apr 5 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.4-5
+- Fix python3 usage (bug #1324113)
+
+* Sun Mar 27 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.4-4
+- Use %%{_tmpfilesdir} for systemd tmpfile config
+
+* Wed Mar 9 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.4-3
+- No longer need to add After=firewalld.service (bug #1301910)
+
+* Wed Mar 9 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.4-2
+- Fix mariadb/mysql log handling
+
+* Wed Mar 9 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.4-1
+- Update to 0.9.4
+- Use mariadb log path by default
+
+* Tue Feb 23 2016 Orion Poplawski <orion@cora.nwra.com> - 0.9.3-3
+- Use python3 (bug #1282498)
+
+* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Sat Sep 12 2015 Orion Poplawski <orion@cora.nwra.com> - 0.9.3-1
+- Update to 0.9.3
+- Cleanup spec, use new python macros
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Thu Apr 30 2015 Orion Poplawski <orion@cora.nwra.com> - 0.9.2-1
+- Update to 0.9.2
+
+* Mon Mar 16 2015 Orion Poplawski <orion@cora.nwra.com> - 0.9.1-4
+- Do not load user paths for fail2ban-{client,server} (bug #1202151)
+
+* Sun Feb 22 2015 Orion Poplawski <orion@cora.nwra.com> - 0.9.1-3
+- Do not use systemd by default
+
+* Fri Nov 28 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9.1-2
+- Fix php-url-fopen logpath (bug #1169026)
+
+* Tue Oct 28 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9.1-1
+- Update to 0.9.1
+
+* Fri Aug 15 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-8
+- Add patch to fix tests
+
+* Fri Aug 8 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-8
+- Fix log paths for some jails (bug #1128152)
+
+* Mon Jul 21 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-7
+- Use systemd for EL7
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Thu Mar 20 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-5
+- Require mailx for /usr/bin/mail
+
+* Thu Mar 20 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-4
+- Need empty %%files to produce main and -all package
+
+* Wed Mar 19 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-3
+- Split into sub-packages for different components
+- Enable journal filter by default (bug #985567)
+- Enable firewalld action by default (bug #1046816)
+- Add upstream patch to fix setting loglevel in fail2ban.conf
+- Add upstream patches to fix tests in mock, run tests
+
+* Tue Mar 18 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-2
+- Use Fedora paths
+- Start after firewalld (bug #1067147)
+
+* Mon Mar 17 2014 Orion Poplawski <orion@cora.nwra.com> - 0.9-1
+- Update to 0.9
+
+* Tue Sep 24 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.3.git1f1a561
+- Update to current 0.9 git branch
+- Rebase init patch, drop jail.d and notmp patch applied upstream
+
+* Fri Aug 9 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.2.gitd529151
+- Ship jail.conf(5) man page
+- Ship empty /etc/fail2ban/jail.d directory
+
+* Thu Aug 8 2013 Orion Poplawski <orion@cora.nwra.com> - 0.9-0.1.gitd529151
+- Update to 0.9 git branch
+- Rebase patches
+- Require systemd-python for journal support
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.10-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Wed Jun 12 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.10-1
+- Update to 0.8.10 security release
+- Use upstream provided systemd files
+- Drop upstreamed patches, rebase log2syslog and notmp patches
+
+* Fri Mar 15 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.8-4
+- Use systemd init for Fedora 19+ (bug #883158)
+
+* Thu Feb 14 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.8-3
+- Add patch from upstream to fix module imports (Bug #892365)
+- Add patch from upstream to UTF-8 characters in syslog (Bug #905097)
+- Drop Requires: tcp_wrappers and shorewall (Bug #781341)
+
+* Fri Jan 18 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.8-2
+- Add patch to prevent sshd blocks of successful logins for systems that use
+  sssd or ldap
+
+* Mon Dec 17 2012 Orion Poplawski <orion@cora.nwra.com> - 0.8.8-1
+- Update to 0.8.8 (CVE-2012-5642 Bug #887914)
+
+* Thu Oct 11 2012 Orion Poplawski <orion@cora.nwra.com> - 0.8.7.1-1
+- Update to 0.8.7.1
+- Drop fd_cloexec, pyinotify, and examplemail patches fixed upstream
+- Rebase sshd and notmp patches
+- Use _initddir macro
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.4-29
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.4-28
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Sat Apr  9 2011 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.4-27
+- Move tmp files to /var/lib (suggested by Phil Anderson).
+- Enable inotify support (by Jonathan Underwood).
+- Fixes RH bugs #669966, #669965, #551895, #552947, #658849, #656584.
+
+* Sun Feb 14 2010 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.4-24
+- Patch by Jonathan G. Underwood <jonathan.underwood@gmail.com> to
+  cloexec another fd leak.
+
+* Fri Sep 11 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.4-23
+- update to 0.8.4.
+
+* Wed Sep  2 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.3-22
+- Update to a newer svn snapshot to fix python 2.6 issue.
+
+* Thu Aug 27 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.3-21
+- Log to syslog (RH bug #491983). Also deals with RH bug #515116.
+- Check inodes of log files (RH bug #503852).
+
+* Sat Feb 14 2009 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.3-18
+- Fix CVE-2009-0362 (Fedora bugs #485461, #485464, #485465, #485466).
+
+* Mon Dec 01 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 0.8.3-17
+- Rebuild for Python 2.6
+
+* Sun Aug 24 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.3-16
+- Update to 0.8.3.
+
+* Wed May 21 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.8.2-15
+- fix license tag
+
+* Thu Mar 27 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.2-14
+- Close on exec fixes by Jonathan Underwood.
+
+* Sun Mar 16 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.2-13
+- Add %%{_localstatedir}/run/fail2ban (David Rees).
+
+* Fri Mar 14 2008 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.2-12
+- Update to 0.8.2.
+
+* Thu Jan 31 2008 Jonathan G. Underwood <jonathan.underwood@gmail.com> - 0.8.1-11
+- Move socket file from /tmp to /var/run to prevent SElinux from stopping
+  fail2ban from starting (BZ #429281)
+- Change logic in init file to start with -x to remove the socket file in case
+  of unclean shutdown
+
+* Wed Aug 15 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.1-10
+- Update to 0.8.1.
+- Remove patch fixing CVE-2007-4321 (upstream).
+- Remove AllowUsers patch (upstream).
+- Add dependency to gamin-python.
+
+* Thu Jun 21 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-9
+- Fix remote log injection (no CVE assignment yet).
+
+* Sun Jun  3 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-8
+- Also trigger on non-AllowUsers failures (Jonathan Underwood
+  <jonathan.underwood@gmail.com>).
+
+* Wed May 23 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-7
+- logrotate should restart fail2ban (Zing <zing@fastmail.fm>).
+- send mail to root; logrotate (Jonathan Underwood
+  <jonathan.underwood@gmail.com>)
+
+* Sat May 19 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-4
+- Update to 0.8.0.
+- enable ssh by default, fix log file for ssh scanning, adjust python
+  dependency (Jonathan Underwood <jonathan.underwood@gmail.com>)
+
+* Sat Dec 30 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.6.2-3
+- Remove forgotten condrestart.
+
+* Fri Dec 29 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.6.2-2
+- Move /usr/lib/fail2ban to %%{_datadir}/fail2ban.
+- Don't default chkconfig to enabled.
+- Add dependencies on service/chkconfig.
+- Use example iptables/ssh config as default config.
+
+* Mon Dec 25 2006 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.6.2-1
+- Initial build.
diff --git a/sources b/sources
deleted file mode 100644
index 0300c30..0000000
--- a/sources
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA512 (fail2ban-1.0.2.tar.gz) = 688a84361b5794e1658f53d2d200ce752fe1e3320ddb1742c32c4b4b82a79ace16ae464e7ea3eeb94a0e862bcac73c2d3a0e61dd7b28e179a4c857f950d74dbb
-SHA512 (fail2ban-1.0.2.tar.gz.asc) = 1c0af7e454d52879788d9728010a68159a94668d93799da5533999e8c821db87f651b3606347af16fd92a4540a7a343dc682f72bb3bab14e3666f848883d8644