|
|
@ -1,32 +1,16 @@
|
|
|
|
Summary: Ban IPs that make too many password failures
|
|
|
|
Summary: Ban IPs that make too many password failures
|
|
|
|
Name: fail2ban
|
|
|
|
Name: fail2ban
|
|
|
|
Version: 0.8.8
|
|
|
|
Version: 0.8.10
|
|
|
|
Release: 4%{?dist}
|
|
|
|
Release: 1%{?dist}
|
|
|
|
License: GPLv2+
|
|
|
|
License: GPLv2+
|
|
|
|
Group: System Environment/Daemons
|
|
|
|
Group: System Environment/Daemons
|
|
|
|
URL: http://fail2ban.sourceforge.net/
|
|
|
|
URL: http://fail2ban.sourceforge.net/
|
|
|
|
Source0: https://github.com/downloads/%{name}/%{name}/%{name}_%{version}.orig.tar.gz
|
|
|
|
Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
|
|
|
|
Source1: fail2ban-logrotate
|
|
|
|
Source1: fail2ban-logrotate
|
|
|
|
Source2: fail2ban-tmpfiles.conf
|
|
|
|
|
|
|
|
%if 0%{?fedora} >= 19
|
|
|
|
|
|
|
|
Source3: fail2ban.service
|
|
|
|
|
|
|
|
%endif
|
|
|
|
|
|
|
|
Patch0: fail2ban-0.8.3-init.patch
|
|
|
|
Patch0: fail2ban-0.8.3-init.patch
|
|
|
|
Patch1: fail2ban-0.8.7.1-sshd.patch
|
|
|
|
Patch1: fail2ban-0.8.7.1-sshd.patch
|
|
|
|
# Do not use pam_unix failure messages to ban sshd
|
|
|
|
Patch6: fail2ban-log2syslog.patch
|
|
|
|
# https://github.com/fail2ban/fail2ban/issues/106
|
|
|
|
Patch8: fail2ban-notmp.patch
|
|
|
|
Patch2: fail2ban-0.8.8-sshd-pam.patch
|
|
|
|
|
|
|
|
# Upstream patch to fix module loading
|
|
|
|
|
|
|
|
# https://github.com/fail2ban/fail2ban/issues/112
|
|
|
|
|
|
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=892365
|
|
|
|
|
|
|
|
Patch3: fail2ban-import.patch
|
|
|
|
|
|
|
|
# Upstream patch to fix UTF-8 characters in hostnames
|
|
|
|
|
|
|
|
# https://github.com/fail2ban/fail2ban/issues/113
|
|
|
|
|
|
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=905097
|
|
|
|
|
|
|
|
Patch4: fail2ban-utf8.patch
|
|
|
|
|
|
|
|
Patch6: fail2ban-0.8.3-log2syslog.patch
|
|
|
|
|
|
|
|
Patch7: asyncserver.start_selinux.patch
|
|
|
|
|
|
|
|
Patch8: fail2ban-0.8.7.1-notmp.patch
|
|
|
|
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
|
|
|
BuildRequires: python-devel >= 2.3
|
|
|
|
BuildRequires: python-devel >= 2.3
|
|
|
|
# For testcases
|
|
|
|
# For testcases
|
|
|
@ -60,11 +44,7 @@ and shorewall respectively.
|
|
|
|
%setup -q
|
|
|
|
%setup -q
|
|
|
|
%patch0 -p1 -b .init
|
|
|
|
%patch0 -p1 -b .init
|
|
|
|
%patch1 -p1 -b .sshd
|
|
|
|
%patch1 -p1 -b .sshd
|
|
|
|
%patch2 -p1 -b .sshd-pam
|
|
|
|
|
|
|
|
%patch3 -p1 -b .import
|
|
|
|
|
|
|
|
%patch4 -p1 -b .utf8
|
|
|
|
|
|
|
|
%patch6 -p1 -b .log2syslog
|
|
|
|
%patch6 -p1 -b .log2syslog
|
|
|
|
%patch7 -p1 -b .fd_cloexec2
|
|
|
|
|
|
|
|
%patch8 -p1 -b .notmp
|
|
|
|
%patch8 -p1 -b .notmp
|
|
|
|
|
|
|
|
|
|
|
|
%build
|
|
|
|
%build
|
|
|
@ -75,7 +55,7 @@ rm -rf %{buildroot}
|
|
|
|
python setup.py install -O1 --root %{buildroot}
|
|
|
|
python setup.py install -O1 --root %{buildroot}
|
|
|
|
%if 0%{?fedora} >= 19
|
|
|
|
%if 0%{?fedora} >= 19
|
|
|
|
mkdir -p %{buildroot}%{_unitdir}
|
|
|
|
mkdir -p %{buildroot}%{_unitdir}
|
|
|
|
cp -p %SOURCE3 %{buildroot}%{_unitdir}/
|
|
|
|
cp -p files/fail2ban.service %{buildroot}%{_unitdir}/
|
|
|
|
%else
|
|
|
|
%else
|
|
|
|
mkdir -p %{buildroot}%{_initddir}
|
|
|
|
mkdir -p %{buildroot}%{_initddir}
|
|
|
|
install -p -m 755 files/redhat-initd %{buildroot}%{_initddir}/fail2ban
|
|
|
|
install -p -m 755 files/redhat-initd %{buildroot}%{_initddir}/fail2ban
|
|
|
@ -87,7 +67,9 @@ install -p -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban
|
|
|
|
install -d -m 0755 %{buildroot}%{_localstatedir}/run/fail2ban/
|
|
|
|
install -d -m 0755 %{buildroot}%{_localstatedir}/run/fail2ban/
|
|
|
|
install -d -m 0755 %{buildroot}%{_localstatedir}/lib/fail2ban/
|
|
|
|
install -d -m 0755 %{buildroot}%{_localstatedir}/lib/fail2ban/
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d
|
|
|
|
mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d
|
|
|
|
install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/tmpfiles.d/fail2ban.conf
|
|
|
|
install -p -m 0644 files/fail2ban-tmpfiles.conf %{buildroot}%{_sysconfdir}/tmpfiles.d/fail2ban.conf
|
|
|
|
|
|
|
|
# Remove installed doc, use doc macro instead
|
|
|
|
|
|
|
|
rm -r %{buildroot}%{_docdir}/%{name}
|
|
|
|
|
|
|
|
|
|
|
|
# Testcases need network access
|
|
|
|
# Testcases need network access
|
|
|
|
#%check
|
|
|
|
#%check
|
|
|
@ -120,7 +102,7 @@ fi
|
|
|
|
|
|
|
|
|
|
|
|
%files
|
|
|
|
%files
|
|
|
|
%defattr(-,root,root,-)
|
|
|
|
%defattr(-,root,root,-)
|
|
|
|
%doc README TODO ChangeLog COPYING
|
|
|
|
%doc README.md TODO ChangeLog COPYING doc/*.txt
|
|
|
|
#doc config/fail2ban.conf*
|
|
|
|
#doc config/fail2ban.conf*
|
|
|
|
%{_bindir}/fail2ban-server
|
|
|
|
%{_bindir}/fail2ban-server
|
|
|
|
%{_bindir}/fail2ban-client
|
|
|
|
%{_bindir}/fail2ban-client
|
|
|
@ -131,7 +113,7 @@ fi
|
|
|
|
%else
|
|
|
|
%else
|
|
|
|
%{_initddir}/fail2ban
|
|
|
|
%{_initddir}/fail2ban
|
|
|
|
%endif
|
|
|
|
%endif
|
|
|
|
%{_mandir}/man1/fail2ban-*.1*
|
|
|
|
%{_mandir}/man1/fail2ban*.1*
|
|
|
|
%dir %{_sysconfdir}/fail2ban
|
|
|
|
%dir %{_sysconfdir}/fail2ban
|
|
|
|
%dir %{_sysconfdir}/fail2ban/action.d
|
|
|
|
%dir %{_sysconfdir}/fail2ban/action.d
|
|
|
|
%dir %{_sysconfdir}/fail2ban/filter.d
|
|
|
|
%dir %{_sysconfdir}/fail2ban/filter.d
|
|
|
@ -145,6 +127,11 @@ fi
|
|
|
|
%dir %{_localstatedir}/lib/fail2ban/
|
|
|
|
%dir %{_localstatedir}/lib/fail2ban/
|
|
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
|
|
%changelog
|
|
|
|
|
|
|
|
* Wed Jun 12 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.10-1
|
|
|
|
|
|
|
|
- Update to 0.8.10 security release
|
|
|
|
|
|
|
|
- Use upstream provided systemd files
|
|
|
|
|
|
|
|
- Drop upstreamed patches, rebase log2syslog and notmp patches
|
|
|
|
|
|
|
|
|
|
|
|
* Fri Mar 15 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.8-4
|
|
|
|
* Fri Mar 15 2013 Orion Poplawski <orion@cora.nwra.com> - 0.8.8-4
|
|
|
|
- Use systemd init for Fedora 19+ (bug #883158)
|
|
|
|
- Use systemd init for Fedora 19+ (bug #883158)
|
|
|
|
|
|
|
|
|
|
|
|