parent
8cebd782b2
commit
bc2d2aa593
@ -1,21 +0,0 @@
|
|||||||
commit 1470e3c01d49841335e11ed7ca7898516d1b8be8
|
|
||||||
Author: Steven Hiscocks <steven@hiscocks.me.uk>
|
|
||||||
Date: Wed Mar 19 19:09:07 2014 +0000
|
|
||||||
|
|
||||||
BF: fail2ban.conf reader expected "int" type for `loglevel`
|
|
||||||
|
|
||||||
Closes #657
|
|
||||||
|
|
||||||
diff --git a/fail2ban/client/fail2banreader.py b/fail2ban/client/fail2banreader.py
|
|
||||||
index f17ff92..251c698 100644
|
|
||||||
--- a/fail2ban/client/fail2banreader.py
|
|
||||||
+++ b/fail2ban/client/fail2banreader.py
|
|
||||||
@@ -45,7 +45,7 @@ class Fail2banReader(ConfigReader):
|
|
||||||
return ConfigReader.getOptions(self, "Definition", opts)
|
|
||||||
|
|
||||||
def getOptions(self):
|
|
||||||
- opts = [["int", "loglevel", "INFO" ],
|
|
||||||
+ opts = [["string", "loglevel", "INFO" ],
|
|
||||||
["string", "logtarget", "STDERR"],
|
|
||||||
["string", "dbfile", "/var/lib/fail2ban/fail2ban.sqlite3"],
|
|
||||||
["int", "dbpurgeage", 86400]]
|
|
@ -1,53 +0,0 @@
|
|||||||
diff -up fail2ban-0.9/config/jail.conf.logpath fail2ban-0.9/config/jail.conf
|
|
||||||
--- fail2ban-0.9/config/jail.conf.logpath 2014-08-08 13:29:40.101582649 -0600
|
|
||||||
+++ fail2ban-0.9/config/jail.conf 2014-08-08 13:33:56.376307236 -0600
|
|
||||||
@@ -370,7 +370,7 @@ logpath = /var/log/tomcat*/catalina.out
|
|
||||||
[webmin-auth]
|
|
||||||
|
|
||||||
port = 10000
|
|
||||||
-logpath = /var/log/auth.log
|
|
||||||
+logpath = %(syslog_authpriv)s
|
|
||||||
|
|
||||||
|
|
||||||
#
|
|
||||||
@@ -423,7 +423,7 @@ maxretry = 6
|
|
||||||
|
|
||||||
[vsftpd]
|
|
||||||
# or overwrite it in jails.local to be
|
|
||||||
-# logpath = /var/log/auth.log
|
|
||||||
+# logpath = %(syslog_authpriv)s
|
|
||||||
# if you want to rely on PAM failed login attempts
|
|
||||||
# vsftpd's failregex should match both of those formats
|
|
||||||
port = ftp,ftp-data,ftps,ftps-data
|
|
||||||
@@ -533,7 +533,7 @@ logpath = %(postfix_log)s
|
|
||||||
[perdition]
|
|
||||||
|
|
||||||
port = imap3,imaps,pop3,pop3s
|
|
||||||
-logpath = /var/log/maillog
|
|
||||||
+logpath = %(syslog_mail)s
|
|
||||||
|
|
||||||
|
|
||||||
[squirrelmail]
|
|
||||||
@@ -657,13 +657,13 @@ maxretry = 5
|
|
||||||
[pam-generic]
|
|
||||||
# pam-generic filter can be customized to monitor specific subset of 'tty's
|
|
||||||
banaction = iptables-allports
|
|
||||||
-logpath = /var/log/auth.log
|
|
||||||
+logpath = %(syslog_authpriv)s
|
|
||||||
|
|
||||||
|
|
||||||
[xinetd-fail]
|
|
||||||
|
|
||||||
banaction = iptables-multiport-log
|
|
||||||
-logpath = /var/log/daemon.log
|
|
||||||
+logpath = %(syslog_daemon)s
|
|
||||||
maxretry = 2
|
|
||||||
|
|
||||||
|
|
||||||
@@ -693,5 +693,5 @@ action = %(banaction)s[name=%(__name__)
|
|
||||||
[nagios]
|
|
||||||
|
|
||||||
enabled = false
|
|
||||||
-logpath = /var/log/messages ; nrpe.cfg may define a different log_facility
|
|
||||||
+logpath = %(syslog_daemon)s ; nrpe.cfg may define a different log_facility
|
|
||||||
maxretry = 1
|
|
@ -1,20 +0,0 @@
|
|||||||
commit 175c5934620adb600fe4435732a3887855320669
|
|
||||||
Author: Steven Hiscocks <steven@hiscocks.me.uk>
|
|
||||||
Date: Wed Mar 19 19:30:48 2014 +0000
|
|
||||||
|
|
||||||
TST: Skip badips.py test is no network option set
|
|
||||||
|
|
||||||
diff --git a/fail2ban/tests/utils.py b/fail2ban/tests/utils.py
|
|
||||||
index 456a829..85c1d92 100644
|
|
||||||
--- a/fail2ban/tests/utils.py
|
|
||||||
+++ b/fail2ban/tests/utils.py
|
|
||||||
@@ -209,6 +209,9 @@ def gatherTests(regexps=None, no_network=False):
|
|
||||||
for file_ in os.listdir(
|
|
||||||
os.path.abspath(os.path.dirname(action_d.__file__))):
|
|
||||||
if file_.startswith("test_") and file_.endswith(".py"):
|
|
||||||
+ if no_network and file_ in ['test_badips.py']: #pragma: no cover
|
|
||||||
+ # Test required network
|
|
||||||
+ continue
|
|
||||||
tests.addTest(testloader.loadTestsFromName(
|
|
||||||
"%s.%s" % (action_d.__name__, os.path.splitext(file_)[0])))
|
|
||||||
|
|
@ -1,23 +0,0 @@
|
|||||||
commit 75325da09091f3ae800a2efbcde1a016617e5f1a
|
|
||||||
Author: Steven Hiscocks <steven@hiscocks.me.uk>
|
|
||||||
Date: Wed Mar 19 19:21:23 2014 +0000
|
|
||||||
|
|
||||||
TST: Skip SYSLOG log target test if '/dev/log' not present
|
|
||||||
|
|
||||||
diff --git a/fail2ban/tests/servertestcase.py b/fail2ban/tests/servertestcase.py
|
|
||||||
index 231aecd..c4163db 100644
|
|
||||||
--- a/fail2ban/tests/servertestcase.py
|
|
||||||
+++ b/fail2ban/tests/servertestcase.py
|
|
||||||
@@ -678,6 +678,12 @@ class TransmitterLogging(TransmitterBase):
|
|
||||||
|
|
||||||
self.setGetTest("logtarget", "STDOUT")
|
|
||||||
self.setGetTest("logtarget", "STDERR")
|
|
||||||
+
|
|
||||||
+ def testLogTargetSYSLOG(self):
|
|
||||||
+ if not os.path.exists("/dev/log") and sys.version_info >= (2, 7):
|
|
||||||
+ raise unittest.SkipTest("'/dev/log' not present")
|
|
||||||
+ elif not os.path.exists("/dev/log"):
|
|
||||||
+ return
|
|
||||||
self.setGetTest("logtarget", "SYSLOG")
|
|
||||||
|
|
||||||
def testLogLevel(self):
|
|
@ -1,41 +0,0 @@
|
|||||||
commit b2a1032f5738575f1c368360ba93fc7da5991225
|
|
||||||
Author: Yaroslav Halchenko <debian@onerussian.com>
|
|
||||||
Date: Tue Aug 12 11:31:42 2014 -0400
|
|
||||||
|
|
||||||
ENH/BF(TST): making permissions restrictive is not sufficient -- really remove file to test
|
|
||||||
|
|
||||||
diff --git a/fail2ban/tests/filtertestcase.py b/fail2ban/tests/filtertestcase.py
|
|
||||||
index c02e861..1fa3116 100644
|
|
||||||
--- a/fail2ban/tests/filtertestcase.py
|
|
||||||
+++ b/fail2ban/tests/filtertestcase.py
|
|
||||||
@@ -24,6 +24,7 @@ __license__ = "GPL"
|
|
||||||
|
|
||||||
from __builtin__ import open as fopen
|
|
||||||
import unittest
|
|
||||||
+import getpass
|
|
||||||
import os
|
|
||||||
import sys
|
|
||||||
import time
|
|
||||||
@@ -349,10 +350,20 @@ class LogFileMonitor(LogCaptureTestCase):
|
|
||||||
# shorter wait time for not modified status
|
|
||||||
return not self.isModified(0.4)
|
|
||||||
|
|
||||||
- def testNoLogFile(self):
|
|
||||||
+ def testUnaccessibleLogFile(self):
|
|
||||||
os.chmod(self.name, 0)
|
|
||||||
self.filter.getFailures(self.name)
|
|
||||||
- self.assertTrue(self._is_logged('Unable to open %s' % self.name))
|
|
||||||
+ failure_was_logged = self._is_logged('Unable to open %s' % self.name)
|
|
||||||
+ is_root = getpass.getuser() == 'root'
|
|
||||||
+ # If ran as root, those restrictive permissions would not
|
|
||||||
+ # forbid log to be read.
|
|
||||||
+ self.assertTrue(failure_was_logged != is_root)
|
|
||||||
+
|
|
||||||
+ def testNoLogFile(self):
|
|
||||||
+ _killfile(self.file, self.name)
|
|
||||||
+ self.filter.getFailures(self.name)
|
|
||||||
+ failure_was_logged = self._is_logged('Unable to open %s' % self.name)
|
|
||||||
+ self.assertTrue(failure_was_logged)
|
|
||||||
|
|
||||||
def testRemovingFailRegex(self):
|
|
||||||
self.filter.delFailRegex(0)
|
|
Loading…
Reference in new issue