diff --git a/.gitignore b/.gitignore index 2d214e7..c3b808e 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,6 @@ fail2ban-0.8.4.tar.bz2 /fail2ban_0.8.8.orig.tar.gz /fail2ban-0.8.10.tar.gz /fail2ban-0.8.11.tar.gz +/fail2ban-0.9-d529151.tar.xz +/fail2ban-0.9-1f1a561.tar.xz +/fail2ban-0.9.tar.gz diff --git a/fail2ban-0.8.11-singlejail.patch b/fail2ban-0.8.11-singlejail.patch deleted file mode 100644 index 9419c83..0000000 --- a/fail2ban-0.8.11-singlejail.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up fail2ban-0.8.11/config/action.d/firewall-cmd-direct-new.conf.singlejail fail2ban-0.8.11/config/action.d/firewall-cmd-direct-new.conf ---- fail2ban-0.8.11/config/action.d/firewall-cmd-direct-new.conf.singlejail 2013-12-03 16:17:48.282238194 +0100 -+++ fail2ban-0.8.11/config/action.d/firewall-cmd-direct-new.conf 2013-12-03 16:17:57.421402502 +0100 -@@ -20,7 +20,7 @@ actionstop = firewall-cmd --direct --rem - firewall-cmd --direct --remove-rules ipv4 filter fail2ban- - firewall-cmd --direct --remove-chain ipv4 filter fail2ban- - --actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -q 'fail2ban-[ \t]' -+actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -Eq 'fail2ban-$|fail2ban- ' - - actionban = firewall-cmd --direct --add-rule ipv4 filter fail2ban- 0 -s -j - diff --git a/fail2ban-0.8.3-init.patch b/fail2ban-0.8.3-init.patch deleted file mode 100644 index c40256a..0000000 --- a/fail2ban-0.8.3-init.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -up fail2ban-0.8.11/files/redhat-initd.init fail2ban-0.8.11/files/redhat-initd ---- fail2ban-0.8.11/files/redhat-initd.init 2013-11-25 18:07:00.191938851 +0100 -+++ fail2ban-0.8.11/files/redhat-initd 2013-11-25 18:07:49.576801893 +0100 -@@ -1,6 +1,6 @@ - #!/bin/bash - # --# chkconfig: 345 92 08 -+# chkconfig: - 92 08 - # processname: fail2ban-server - # config: /etc/fail2ban/fail2ban.conf - # pidfile: /var/run/fail2ban/fail2ban.pid diff --git a/fail2ban-0.8.7.1-sshd.patch b/fail2ban-0.8.7.1-sshd.patch deleted file mode 100644 index 1d7fe5f..0000000 --- a/fail2ban-0.8.7.1-sshd.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff -up fail2ban-0.8.11/config/jail.conf.sshd fail2ban-0.8.11/config/jail.conf ---- fail2ban-0.8.11/config/jail.conf.sshd 2013-11-25 18:08:08.034123038 +0100 -+++ fail2ban-0.8.11/config/jail.conf 2013-11-25 18:16:28.107917373 +0100 -@@ -71,11 +71,11 @@ usedns = warn - - [ssh-iptables] - --enabled = false -+enabled = true - filter = sshd - action = iptables[name=SSH, port=ssh, protocol=tcp] -- sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"] --logpath = /var/log/sshd.log -+ sendmail-whois[name=SSH, dest=root, sender=fail2ban@example.com, sendername="Fail2Ban"] -+logpath = /var/log/secure - maxretry = 5 - - [proftpd-iptables] diff --git a/fail2ban-import.patch b/fail2ban-import.patch deleted file mode 100644 index c4a2836..0000000 --- a/fail2ban-import.patch +++ /dev/null @@ -1,75 +0,0 @@ -commit d561a4c2bbc336db70d5923cf630813bc51dc3ee -Author: Yaroslav Halchenko -Date: Mon Jan 28 09:54:08 2013 -0500 - - BF: do not rely on scripts being under /usr -- might differ eg on Fedora -- rely on import of common.version (Closes gh-112) - - This is also not ideal, since if there happens to be some systemwide common.version -- we are doomed - - but otherwise, we cannot keep extending comparison check to /bin, /sbin whatelse - -diff --git a/fail2ban-client b/fail2ban-client -index 1d8eb15..13d018e 100755 ---- a/fail2ban-client -+++ b/fail2ban-client -@@ -27,12 +27,13 @@ import getopt, time, shlex, socket - - # Inserts our own modules path first in the list - # fix for bug #343821 --if os.path.abspath(__file__).startswith('/usr/'): -- # makes sense to use system-wide library iff -client is also under /usr/ -+try: -+ from common.version import version -+except ImportError, e: - sys.path.insert(1, "/usr/share/fail2ban") -+ from common.version import version - --# Now we can import our modules --from common.version import version -+# Now we can import the rest of modules - from common.protocol import printFormatted - from client.csocket import CSocket - from client.configurator import Configurator -diff --git a/fail2ban-regex b/fail2ban-regex -index a42ed96..f9bc72c 100755 ---- a/fail2ban-regex -+++ b/fail2ban-regex -@@ -26,13 +26,14 @@ import getopt, sys, time, logging, os - - # Inserts our own modules path first in the list - # fix for bug #343821 --if os.path.abspath(__file__).startswith('/usr/'): -- # makes sense to use system-wide library iff -regex is also under /usr/ -- sys.path.insert(1, "/usr/share/fail2ban") -+try: -+ from common.version import version -+except ImportError, e: -+ sys.path.insert(1, "/usr/share/fail2ban") -+ from common.version import version - - from client.configparserinc import SafeConfigParserWithIncludes - from ConfigParser import NoOptionError, NoSectionError, MissingSectionHeaderError --from common.version import version - from server.filter import Filter - from server.failregex import RegexException - -diff --git a/fail2ban-server b/fail2ban-server -index bd86e6c..0f3410c 100755 ---- a/fail2ban-server -+++ b/fail2ban-server -@@ -26,11 +26,12 @@ import getopt, sys, logging, os - - # Inserts our own modules path first in the list - # fix for bug #343821 --if os.path.abspath(__file__).startswith('/usr/'): -- # makes sense to use system-wide library iff -server is also under /usr/ -+try: -+ from common.version import version -+except ImportError, e: - sys.path.insert(1, "/usr/share/fail2ban") -+ from common.version import version - --from common.version import version - from server.server import Server - - # Gets the instance of the logger. diff --git a/fail2ban-log2syslog.patch b/fail2ban-log2syslog.patch deleted file mode 100644 index 3646a8a..0000000 --- a/fail2ban-log2syslog.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up fail2ban-0.8.11/config/fail2ban.conf.log2syslog fail2ban-0.8.11/config/fail2ban.conf ---- fail2ban-0.8.11/config/fail2ban.conf.log2syslog 2013-11-25 18:23:28.627391472 +0100 -+++ fail2ban-0.8.11/config/fail2ban.conf 2013-11-25 18:24:57.633978793 +0100 -@@ -30,7 +30,7 @@ loglevel = 3 - # (e.g. /etc/logrotate.d/fail2ban on Debian systems) - # Values: [ STDOUT | STDERR | SYSLOG | FILE ] Default: STDERR - # --logtarget = /var/log/fail2ban.log -+logtarget = SYSLOG - - # Option: socket - # Notes.: Set the socket file. This is used to communicate with the daemon. Do diff --git a/fail2ban-loglevel.patch b/fail2ban-loglevel.patch new file mode 100644 index 0000000..f41fb87 --- /dev/null +++ b/fail2ban-loglevel.patch @@ -0,0 +1,21 @@ +commit 1470e3c01d49841335e11ed7ca7898516d1b8be8 +Author: Steven Hiscocks +Date: Wed Mar 19 19:09:07 2014 +0000 + + BF: fail2ban.conf reader expected "int" type for `loglevel` + + Closes #657 + +diff --git a/fail2ban/client/fail2banreader.py b/fail2ban/client/fail2banreader.py +index f17ff92..251c698 100644 +--- a/fail2ban/client/fail2banreader.py ++++ b/fail2ban/client/fail2banreader.py +@@ -45,7 +45,7 @@ class Fail2banReader(ConfigReader): + return ConfigReader.getOptions(self, "Definition", opts) + + def getOptions(self): +- opts = [["int", "loglevel", "INFO" ], ++ opts = [["string", "loglevel", "INFO" ], + ["string", "logtarget", "STDERR"], + ["string", "dbfile", "/var/lib/fail2ban/fail2ban.sqlite3"], + ["int", "dbpurgeage", 86400]] diff --git a/fail2ban-logrotate b/fail2ban-logrotate deleted file mode 100644 index 4d7a6c9..0000000 --- a/fail2ban-logrotate +++ /dev/null @@ -1,9 +0,0 @@ -/var/log/fail2ban.log { - missingok - notifempty - size 30k - create 0600 root root - postrotate - /usr/bin/fail2ban-client set logtarget SYSLOG 2> /dev/null || true - endscript -} diff --git a/fail2ban-tests-nonet.patch b/fail2ban-tests-nonet.patch new file mode 100644 index 0000000..57e1c1c --- /dev/null +++ b/fail2ban-tests-nonet.patch @@ -0,0 +1,20 @@ +commit 175c5934620adb600fe4435732a3887855320669 +Author: Steven Hiscocks +Date: Wed Mar 19 19:30:48 2014 +0000 + + TST: Skip badips.py test is no network option set + +diff --git a/fail2ban/tests/utils.py b/fail2ban/tests/utils.py +index 456a829..85c1d92 100644 +--- a/fail2ban/tests/utils.py ++++ b/fail2ban/tests/utils.py +@@ -209,6 +209,9 @@ def gatherTests(regexps=None, no_network=False): + for file_ in os.listdir( + os.path.abspath(os.path.dirname(action_d.__file__))): + if file_.startswith("test_") and file_.endswith(".py"): ++ if no_network and file_ in ['test_badips.py']: #pragma: no cover ++ # Test required network ++ continue + tests.addTest(testloader.loadTestsFromName( + "%s.%s" % (action_d.__name__, os.path.splitext(file_)[0]))) + diff --git a/fail2ban-tests-syslog.patch b/fail2ban-tests-syslog.patch new file mode 100644 index 0000000..0541367 --- /dev/null +++ b/fail2ban-tests-syslog.patch @@ -0,0 +1,23 @@ +commit 75325da09091f3ae800a2efbcde1a016617e5f1a +Author: Steven Hiscocks +Date: Wed Mar 19 19:21:23 2014 +0000 + + TST: Skip SYSLOG log target test if '/dev/log' not present + +diff --git a/fail2ban/tests/servertestcase.py b/fail2ban/tests/servertestcase.py +index 231aecd..c4163db 100644 +--- a/fail2ban/tests/servertestcase.py ++++ b/fail2ban/tests/servertestcase.py +@@ -678,6 +678,12 @@ class TransmitterLogging(TransmitterBase): + + self.setGetTest("logtarget", "STDOUT") + self.setGetTest("logtarget", "STDERR") ++ ++ def testLogTargetSYSLOG(self): ++ if not os.path.exists("/dev/log") and sys.version_info >= (2, 7): ++ raise unittest.SkipTest("'/dev/log' not present") ++ elif not os.path.exists("/dev/log"): ++ return + self.setGetTest("logtarget", "SYSLOG") + + def testLogLevel(self): diff --git a/fail2ban-utf8.patch b/fail2ban-utf8.patch deleted file mode 100644 index d0013e7..0000000 --- a/fail2ban-utf8.patch +++ /dev/null @@ -1,18 +0,0 @@ -commit f8983872ad4297ddb3017f4818edd08892dd2129 -Author: Yaroslav Halchenko -Date: Fri Feb 1 16:07:00 2013 -0500 - - BF: return str(host) to avoid spurious characters in the logs (Close gh-113) - - thanks to opoplawski@github - -diff --git a/server/failregex.py b/server/failregex.py -index 8ce9597..b194d47 100644 ---- a/server/failregex.py -+++ b/server/failregex.py -@@ -130,4 +130,4 @@ class FailRegex(Regex): - s = self._matchCache.string - r = self._matchCache.re - raise RegexException("No 'host' found in '%s' using '%s'" % (s, r)) -- return host -+ return str(host) diff --git a/fail2ban.spec b/fail2ban.spec index 8769761..37b3d73 100644 --- a/fail2ban.spec +++ b/fail2ban.spec @@ -1,28 +1,53 @@ -Summary: Ban IPs that make too many password failures +Summary: Daemon to ban hosts that cause multiple authentication errors Name: fail2ban -Version: 0.8.11 -Release: 2%{?dist} +Version: 0.9 +Release: 7%{?dist} License: GPLv2+ -Group: System Environment/Daemons URL: http://fail2ban.sourceforge.net/ Source0: https://github.com/%{name}/%{name}/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz -Source1: fail2ban-logrotate -Patch0: fail2ban-0.8.3-init.patch -Patch1: fail2ban-0.8.7.1-sshd.patch -Patch6: fail2ban-log2syslog.patch -Patch7: 0001-BF-apache-filters-using-error-log-weren-t-matched-wh.patch -Patch8: fail2ban-0.8.11-singlejail.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root -BuildRequires: python-devel >= 2.3 +# Upstream patch to fix setting loglevel +# https://github.com/fail2ban/fail2ban/issues/657 +Patch0: fail2ban-loglevel.patch +# Upstream patch to skip tests with no-network +# https://github.com/fail2ban/fail2ban/issues/110 +Patch1: fail2ban-tests-nonet.patch +# Upstream patch to skip syslog tests without /dev/log +# https://github.com/fail2ban/fail2ban/issues/110 +Patch2: fail2ban-tests-syslog.patch + +BuildRequires: python2-devel # For testcases BuildRequires: python-inotify BuildArch: noarch -Requires: ed -Requires: iptables -Requires: gamin-python -Requires: python-inotify -%if 0%{?fedora} >= 19 +%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7 BuildRequires: systemd +%endif +# Default components +Requires: %{name}-firewalld = %{version}-%{release} +Requires: %{name}-sendmail = %{version}-%{release} +Requires: %{name}-server = %{version}-%{release} +Requires: %{name}-systemd = %{version}-%{release} + +%description +Fail2Ban scans log files and bans IP addresses that makes too many password +failures. It updates firewall rules to reject the IP address. These rules can +be defined by the user. Fail2Ban can read multiple log files such as sshd or +Apache web server ones. + +Fail2Ban is able to reduce the rate of incorrect authentications attempts +however it cannot eliminate the risk that weak authentication presents. +Configure services to use only two factor or public/private authentication +mechanisms if you really want to protect services. + +This is a meta-package that will install the default configuration. Other +sub-packages are available to install support for other actions and +configurations. + + +%package server +Summary: Core server component for Fail2Ban +%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7 +Requires: systemd-python Requires(post): systemd Requires(preun): systemd Requires(postun): systemd @@ -32,64 +57,159 @@ Requires(post): /sbin/chkconfig Requires(preun): /sbin/chkconfig Requires(preun): /sbin/service %endif +Requires: ipset +Requires: iptables -%description -Fail2ban scans log files like /var/log/pwdfail or -/var/log/apache/error_log and bans IP that makes too many password -failures. It updates firewall rules to reject the IP address. +%description server +This package contains the core server components for Fail2Ban with minimal +dependencies. You can install this directly if you want to have a small +installation and know what you are doing. + + +%package all +Summary: Install all Fail2Ban packages and dependencies +Requires: %{name}-firewalld = %{version}-%{release} +Requires: %{name}-hostsdeny = %{version}-%{release} +Requires: %{name}-mail = %{version}-%{release} +Requires: %{name}-sendmail = %{version}-%{release} +Requires: %{name}-server = %{version}-%{release} +Requires: %{name}-shorewall = %{version}-%{release} +Requires: %{name}-systemd = %{version}-%{release} +Requires: gamin-python +Requires: perl +Requires: python-inotify +Requires: /usr/bin/whois + +%description all +This package installs all of the Fail2Ban packages and dependencies. + + +%package firewalld +Summary: Firewalld support for Fail2Ban +Requires: %{name}-server = %{version}-%{release} +Requires: firewalld + +%description firewalld +This package enables support for manipulating firewalld rules. This is the +default firewall service in Fedora. + + +%package hostsdeny +Summary: Hostsdeny (tcp_wrappers) support for Fail2Ban +Requires: %{name}-server = %{version}-%{release} +Requires: ed +Requires: tcp_wrappers + +%description hostsdeny +This package enables support for manipulating tcp_wrapper's /etc/hosts.deny +files. + + +%package mail +Summary: Mail actions for Fail2Ban +Requires: %{name}-server = %{version}-%{release} +Requires: mailx + +%description mail +This package installs Fail2Ban's mail actions. These are an alternative +to the default sendmail actions. + + +%package sendmail +Summary: Sendmail actions for Fail2Ban +Requires: %{name}-server = %{version}-%{release} +Requires: /usr/sbin/sendmail -To use the hostsdeny and shorewall actions you must install tcp_wrappers -and shorewall respectively. +%description sendmail +This package installs Fail2Ban's sendmail actions. This is the default +mail actions for Fail2Ban. + + +%package shorewall +Summary: Shorewall support for Fail2Ban +Requires: %{name}-server = %{version}-%{release} +Requires: shorewall + +%description shorewall +This package enables support for manipulating shoreall rules. + + +%package systemd +Summary: Systemd journal configuration for Fail2Ban +Requires: %{name}-server = %{version}-%{release} + +%description systemd +This package configures Fail2Ban to use the systemd journal for its log input +by default. %prep %setup -q -%patch0 -p1 -b .init -%patch1 -p1 -b .sshd -%patch6 -p1 -b .log2syslog -%patch7 -p1 -b .apache-authfix -%patch8 -p1 -b .singlejail +%patch0 -p1 -b .loglevel +%patch1 -p1 -b .tests-nonet +%patch2 -p1 -b .tests-syslog +# Use Fedora paths +sed -i -e 's/^before = paths-.*/before = paths-fedora.conf/' config/jail.conf +# Start after firewalld (https://bugzilla.redhat.com/show_bug.cgi?id=1067147) +sed -i -e '/^After=/s/$/ firewalld.service/' files/fail2ban.service %build python setup.py build %install -rm -rf %{buildroot} python setup.py install -O1 --root %{buildroot} -%if 0%{?fedora} >= 19 +%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7 mkdir -p %{buildroot}%{_unitdir} cp -p files/fail2ban.service %{buildroot}%{_unitdir}/ %else mkdir -p %{buildroot}%{_initddir} install -p -m 755 files/redhat-initd %{buildroot}%{_initddir}/fail2ban %endif -mkdir -p %{buildroot}%{_mandir}/man1 -install -p -m 644 man/fail2ban*.1 %{buildroot}%{_mandir}/man1 +mkdir -p %{buildroot}%{_mandir}/man{1,5} +install -p -m 644 man/*.1 %{buildroot}%{_mandir}/man1 +install -p -m 644 man/*.5 %{buildroot}%{_mandir}/man5 mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d -install -p -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban +install -p -m 644 files/fail2ban-logrotate %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban install -d -m 0755 %{buildroot}%{_localstatedir}/run/fail2ban/ install -d -m 0755 %{buildroot}%{_localstatedir}/lib/fail2ban/ mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d install -p -m 0644 files/fail2ban-tmpfiles.conf %{buildroot}%{_sysconfdir}/tmpfiles.d/fail2ban.conf +# Remove non-Linux actions +rm %{buildroot}%{_sysconfdir}/%{name}/action.d/*ipfw.conf +rm %{buildroot}%{_sysconfdir}/%{name}/action.d/{ipfilter,pf,ufw}.conf +rm %{buildroot}%{_sysconfdir}/%{name}/action.d/osx-*.conf +# firewalld configuration +cat > %{buildroot}%{_sysconfdir}/%{name}/jail.d/00-firewalld.conf < %{buildroot}%{_sysconfdir}/%{name}/jail.d/00-systemd.conf <= 19 +%post server +%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7 %systemd_post fail2ban.service %else /sbin/chkconfig --add %{name} %endif -%preun -%if 0%{?fedora} >= 19 +%preun server +%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7 %systemd_preun fail2ban.service %else if [ $1 = 0 ]; then @@ -98,54 +218,103 @@ if [ $1 = 0 ]; then fi %endif -%if 0%{?fedora} >= 19 -%postun +%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7 +%postun server %systemd_postun_with_restart fail2ban.service %endif %files -%defattr(-,root,root,-) + +%files server %doc README.md TODO ChangeLog COPYING doc/*.txt -#doc config/fail2ban.conf* %{_bindir}/fail2ban-server %{_bindir}/fail2ban-client %{_bindir}/fail2ban-regex -%{_datadir}/fail2ban -%if 0%{?fedora} >= 19 +%{_bindir}/fail2ban-testcases +%{python_sitelib}/* +%if 0%{?fedora} >= 19 || 0%{?rhel} >= 7 %{_unitdir}/fail2ban.service %else %{_initddir}/fail2ban %endif %{_mandir}/man1/fail2ban*.1* -%dir %{_sysconfdir}/fail2ban -%dir %{_sysconfdir}/fail2ban/action.d -%dir %{_sysconfdir}/fail2ban/filter.d -%config(noreplace) %{_sysconfdir}/fail2ban/fail2ban.conf -%config(noreplace) %{_sysconfdir}/fail2ban/jail.conf -%config(noreplace) %{_sysconfdir}/fail2ban/action.d/*.conf -%config(noreplace) %{_sysconfdir}/fail2ban/filter.d/*.conf +%{_mandir}/man5/*.5* +%config(noreplace) %{_sysconfdir}/fail2ban +%exclude %{_sysconfdir}/fail2ban/action.d/complain.conf +%exclude %{_sysconfdir}/fail2ban/action.d/hostsdeny.conf +%exclude %{_sysconfdir}/fail2ban/action.d/mail-*.conf +%exclude %{_sysconfdir}/fail2ban/action.d/sendmail-*.conf +%exclude %{_sysconfdir}/fail2ban/action.d/shorewall.conf +%exclude %{_sysconfdir}/fail2ban/jail.d/*.conf %config(noreplace) %{_sysconfdir}/logrotate.d/fail2ban -%dir %{_localstatedir}/run/fail2ban/ %config(noreplace) %{_sysconfdir}/tmpfiles.d/fail2ban.conf %dir %{_localstatedir}/lib/fail2ban/ +%dir %{_localstatedir}/run/fail2ban/ + +%files all + +%files firewalld +%config(noreplace) %{_sysconfdir}/fail2ban/jail.d/00-firewalld.conf + +%files hostsdeny +%config(noreplace) %{_sysconfdir}/fail2ban/action.d/hostsdeny.conf + +%files mail +%config(noreplace) %{_sysconfdir}/fail2ban/action.d/complain.conf +%config(noreplace) %{_sysconfdir}/fail2ban/action.d/mail-*.conf + +%files sendmail +%config(noreplace) %{_sysconfdir}/fail2ban/action.d/sendmail-*.conf + +%files shorewall +%config(noreplace) %{_sysconfdir}/fail2ban/action.d/shorewall.conf + +%files systemd +%config(noreplace) %{_sysconfdir}/fail2ban/jail.d/00-systemd.conf + %changelog -* Tue Dec 03 2013 Adam Tkac - 0.8.11-2 -- include post-release patch for apache-auth filter -- fix firewalld support (#979622, comment 18) - -* Mon Nov 25 2013 Adam Tkac - 0.8.11-1 -- update to 0.8.11 (#1034355) -- drop part of the fail2ban-0.8.3-init.patch (merged) -- fail2ban-hostsdeny.patch has been merged -- fail2ban-mailx.patch has been merged -- fail2ban-notmp.patch has been merged - -* Wed Aug 28 2013 Orion Poplawski - 0.8.10-3 -- Add upstream patch to fix mailx argument ordering (bug #998020) - -* Fri Aug 16 2013 Orion Poplawski - 0.8.10-2 -- Add upstream patch to fix hostsdeny permission issue +* Mon Jul 21 2014 Orion Poplawski - 0.9-7 +- Use systemd for EL7 + +* Sat Jun 07 2014 Fedora Release Engineering - 0.9-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Thu Mar 20 2014 Orion Poplawski - 0.9-5 +- Require mailx for /usr/bin/mail + +* Thu Mar 20 2014 Orion Poplawski - 0.9-4 +- Need empty %%files to produce main and -all package + +* Wed Mar 19 2014 Orion Poplawski - 0.9-3 +- Split into sub-packages for different components +- Enable journal filter by default (bug #985567) +- Enable firewalld action by default (bug #1046816) +- Add upstream patch to fix setting loglevel in fail2ban.conf +- Add upstream patches to fix tests in mock, run tests + +* Tue Mar 18 2014 Orion Poplawski - 0.9-2 +- Use Fedora paths +- Start after firewalld (bug #1067147) + +* Mon Mar 17 2014 Orion Poplawski - 0.9-1 +- Update to 0.9 + +* Tue Sep 24 2013 Orion Poplawski - 0.9-0.3.git1f1a561 +- Update to current 0.9 git branch +- Rebase init patch, drop jail.d and notmp patch applied upstream + +* Fri Aug 9 2013 Orion Poplawski - 0.9-0.2.gitd529151 +- Ship jail.conf(5) man page +- Ship empty /etc/fail2ban/jail.d directory + +* Thu Aug 8 2013 Orion Poplawski - 0.9-0.1.gitd529151 +- Update to 0.9 git branch +- Rebase patches +- Require systemd-python for journal support + +* Sat Aug 03 2013 Fedora Release Engineering - 0.8.10-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Jun 12 2013 Orion Poplawski - 0.8.10-1 - Update to 0.8.10 security release diff --git a/sources b/sources index 0836756..78e6b89 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -2182a21c7efd885f373ffc941d11914d fail2ban-0.8.11.tar.gz +02de1ff774f3c16d23450a3ad1c43137 fail2ban-0.9.tar.gz