Hello community, here is the log from the commit of package fail2ban for openSUSE:Factory checked in at 2015-07-02 22:51:05 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/fail2ban (Old) and /work/SRC/openSUSE:Factory/.fail2ban.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "fail2ban" Changes: -------- --- /work/SRC/openSUSE:Factory/fail2ban/fail2ban.changes 2015-04-15 16:24:15.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.fail2ban.new/fail2ban.changes 2015-07-03 00:03:49.000000000 +0200 @@ -1,0 +2,77 @@ +Thu Jul 2 06:38:00 UTC 2015 - jweberhofer@weberhofer.at + +- Note: fail2ban-issue_906-strptime.patch has been removed as it is already + integrated in the current version. + +------------------------------------------------------------------- +Mon Jun 8 13:27:00 UTC 2015 - jweberhofer@weberhofer.at + +- Removed "backend" setting from paths-opensuse.conf + +------------------------------------------------------------------- +Fri May 8 14:01:31 UTC 2015 - jweberhofer@weberhofer.at + +- Update to version 0.9.2 (requested in boo#917818) + + Read the full changelog in /usr/share/doc/packages/fail2ban/ChangeLog + + Here are some notes to be read when updating existing installations: + + The default log-backend for openssue 13.2+ is now systemd + + * jail.conf was heavily refactored and now is similar to how it looked on + Debian systems: + - default action could be configured once for all jails + - jails definitions only provide customizations (port, logpath) + - no need to specify 'filter' if name matches jail name + + * Added fail2ban persistent database + - default location at /var/lib/fail2ban/fail2ban.sqlite3 + - allows active bans to be reinstated on restart + - log files read from last position after restart + + * Added systemd journal backend + - Dependency on python-systemd + - New "journalmatch" option added to filter configs files + - New "systemd-journal" option added to fail2ban-regex + + * Support %z (Timezone offset) and %f (sub-seconds) support for datedetector. + Enhanced existing date/time have been updated patterns to support these. + ISO8601 now defaults to localtime unless specified otherwise. Some filters + have been change as required to capture these elements in the right + timezone correctly. + + * Log levels are now set by Syslog style strings e.g. DEBUG, ERROR. + + * Optionally can read log files starting from "head" or "tail". See "logpath" + option in jail.conf(5) man page. + + * Can now set log encoding for files per jail.Default uses systemd locale. + + * iptables-common.conf replaced iptables-blocktype.conf + (iptables-blocktype.local should still be read) and now also provides + defaults for the chain, port, protocol and name tags + +- Require whois + +- Whereever possible, path-definitions have been moved paths-opensuse.conf + which has been submittet upstream + +- Use default fail2ban.service including fail2ban-opensuse-service.patch + +- Use default suse-initd from upstream + +- Run test-cases during build + +- run fdupes + +- Tests have been moved to a seperate page + +- Added rpmlintrc file to ignore some hidden files in the test package + +- Must build arch-depended packages for SLES 11 + +- Removed two tests which can't run on the build server with openSUSE + before 13.3: fail2ban-exclude-dev-log-tests.patch + +------------------------------------------------------------------- Old: ---- 0.8.14.tar.gz fail2ban-issue_906-strptime.patch fail2ban.init fail2ban.service New: ---- fail2ban-0.9.2.tar.gz fail2ban-exclude-dev-log-tests.patch fail2ban-opensuse-service.patch fail2ban-rpmlintrc paths-opensuse.conf ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ fail2ban.spec ++++++ --- /var/tmp/diff_new_pack.ZsL03s/_old 2015-07-03 00:03:50.000000000 +0200 +++ /var/tmp/diff_new_pack.ZsL03s/_new 2015-07-03 00:03:50.000000000 +0200 @@ -17,44 +17,56 @@ Name: fail2ban -Version: 0.8.14 +Version: 0.9.2 Release: 0 -Url: http://www.fail2ban.org/ Summary: Bans IP addresses that make too many authentication failures License: GPL-2.0+ Group: Productivity/Networking/Security - -Source0: https://github.com/fail2ban/fail2ban/archive/%{version}.tar.gz -%if 0%{?suse_version} < 1230 -# the init-script requires lsof -Requires: lsof -Source1: %{name}.init -%endif +Url: http://www.fail2ban.org/ +Source0: https://github.com/fail2ban/fail2ban/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz Source2: %{name}.sysconfig Source3: %{name}.logrotate -Source4: %{name}.service Source5: %{name}.tmpfiles Source6: sfw-fail2ban.conf Source7: f2b-restart.conf +# Path definitions have been submitted to upstream +Source8: paths-opensuse.conf +# ignore some rpm-lint messages +Source200: %{name}-rpmlintrc # PATCH-FIX-OPENSUSE fail2ban-opensuse-locations.patch bnc#878028 jweberhofer@weberhofer.at -- update default locations for logfiles Patch100: fail2ban-opensuse-locations.patch -# PATCH-FIX-UPSTREAM fail2ban-issue_906-strptime.patch bnc#914075, gh#fail2ban/fail2ban#906 jweberhofer@weberhofer.at -- Fix strptime thread safety issue -Patch101: fail2ban-issue_906-strptime.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildArch: noarch -%if 0%{?suse_version} >= 1230 -%{?systemd_requires} -BuildRequires: systemd -%endif +# PATCH-FIX-OPENSUSE fail2ban-opensuse-service.patch jweberhofer@weberhofer.at -- openSUSE modifications to the service file +Patch101: fail2ban-opensuse-service.patch +BuildRequires: fdupes BuildRequires: logrotate BuildRequires: python-devel +# timezone package is required to run the tests +BuildRequires: timezone Requires: cron Requires: ed Requires: iptables Requires: logrotate Requires: python >= 2.5 +Requires: whois +BuildRoot: %{_tmppath}/%{name}-%{version}-build +%if 0%{?suse_version} < 1321 +# PATCH-FIX-OPENSUSE fail2ban-exclude-dev-log-tests.patch jweberhofer@weberhofer.at -- remove tests that can't work on opensuse < 13.3 +Patch102: fail2ban-exclude-dev-log-tests.patch +%endif +%if 0%{?suse_version} != 1110 +BuildArch: noarch +%endif +%if 0%{?suse_version} < 1230 +# the init-script requires lsof +Requires: lsof Requires: syslog -%if 0%{?suse_version} >= 1140 && 0%{?sles_version} == 0 +%else +BuildRequires: systemd +Requires: systemd +%{?systemd_requires} +%endif +%if 0%{?suse_version} >= 1140 && 0%{?suse_version} != 1010 && 0%{?suse_version} != 1110 && 0%{?suse_version} != 1315 +BuildRequires: python-pyinotify Requires: python-pyinotify %endif %if 0%{?suse_version} >= 1220 @@ -62,29 +74,35 @@ %endif %description -Fail2ban scans log files like /var/log/messages and bans IP addresses -that makes too many password failures. It updates firewall rules to -reject the IP address, can send e-mails, or set host.deny entries. -These rules can be defined by the user. Fail2Ban can read multiple log -files such as sshd or Apache web server ones. +Fail2ban scans log files like %{_localstatedir}/log/messages and bans IP +addresses that makes too many password failures. It updates firewall rules to +reject the IP address, can send e-mails, or set host.deny entries. These rules +can be defined by the user. Fail2Ban can read multiple log files such as sshd +or Apache web server ones. + +%package tests +Summary: Test-cases for fail2ban +Group: System/Monitoring + +%description tests +This package contains fail2ban's testcases %package -n SuSEfirewall2-fail2ban Summary: Files for integrating fail2ban into SuSEfirewall2 via systemd Group: Productivity/Networking/Security -BuildArch: noarch -Recommends: packageand(SuSEfirewall2:fail2ban) Requires: SuSEfirewall2 Requires: fail2ban +Recommends: packageand(SuSEfirewall2:fail2ban) %description -n SuSEfirewall2-fail2ban -This package ships systemd files which will cause fail2ban to be ordered -in relation to SuSEfirewall2 such that the two can be run concurrently -within reason, i.e. SFW will always run first because it does a table flush. +This package ships systemd files which will cause fail2ban to be ordered in +relation to SuSEfirewall2 such that the two can be run concurrently within +reason, i.e. SFW will always run first because it does a table flush. %package -n nagios-plugins-fail2ban +%define nagios_plugindir %{_libexecdir}/nagios/plugins Summary: Check fail2ban server and how many IPs are currently banned Group: System/Monitoring -%define nagios_plugindir %{_prefix}/lib/nagios/plugins %description -n nagios-plugins-fail2ban This plugin checks if the fail2ban server is running and how many IPs are @@ -96,54 +114,91 @@ Just have to run the following command: $ ./check_fail2ban --help - %prep -%setup +%setup -q +install -m644 %{SOURCE8} config/paths-opensuse.conf + +# Use openSUSE paths +sed -i -e 's/^before = paths-.*/before = paths-opensuse.conf/' config/jail.conf + %patch100 -p1 %patch101 -p1 +%if 0%{?suse_version} < 1321 +%patch102 -p1 +%endif + +rm config/paths-debian.conf \ + config/paths-fedora.conf \ + config/paths-freebsd.conf \ + config/paths-osx.conf # correct doc-path -sed -i -e 's|%{_prefix}/share/doc/fail2ban|%{_docdir}/%{name}|' setup.py +sed -i -e 's|%{_datadir}/doc/fail2ban|%{_docdir}/%{name}|' setup.py %build -export CFLAGS="$RPM_OPT_FLAGS" +export CFLAGS="%{optflags}" python setup.py build -gzip man/*.1 +gzip man/*.{1,5} %install python setup.py install \ - --root=$RPM_BUILD_ROOT \ + --root=%{buildroot} \ --prefix=%{_prefix} -install -d -m755 $RPM_BUILD_ROOT/%{_mandir}/man1 -for i in fail2ban-client fail2ban-regex fail2ban-server; do - install -m644 man/${i}.1.gz $RPM_BUILD_ROOT/%{_mandir}/man1 -done -install -d -m755 $RPM_BUILD_ROOT/%{_initrddir} -install -d -m755 $RPM_BUILD_ROOT/%{_sbindir} -%if 0%{?suse_version} < 1230 -install -m755 %{SOURCE1} $RPM_BUILD_ROOT/%{_initrddir}/%{name} -ln -sf %{_initrddir}/%{name} ${RPM_BUILD_ROOT}%{_sbindir}/rc%{name} -%endif -install -d -m755 $RPM_BUILD_ROOT/var/adm/fillup-templates -install -m 644 %{SOURCE2} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.%{name} -install -d -m755 $RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d -install -m 644 %{SOURCE3} $RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d/fail2ban +install -d -m 755 %{buildroot}%{_mandir}/man{1,5} +install -p -m 644 man/fail2ban-*.1.gz %{buildroot}%{_mandir}/man1 +install -p -m 644 man/jail.conf.5.gz %{buildroot}%{_mandir}/man5 + +install -d -m 755 %{buildroot}%{_initrddir} +install -d -m 755 %{buildroot}%{_sbindir} %if 0%{?suse_version} >= 1230 -install -d -m755 $RPM_BUILD_ROOT/%{_unitdir} -install -m644 %{SOURCE4} $RPM_BUILD_ROOT/%{_unitdir}/%{name}.service -install -d -m755 $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d/ -install -m644 %{SOURCE5} $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d/%{name}.conf +install -d -m 755 %{buildroot}%{_unitdir} +install -p -m 644 files/%{name}.service %{buildroot}%{_unitdir}/%{name}.service + +install -d -m 755 %{buildroot}%{_libexecdir}/tmpfiles.d/ +install -p -m 644 %{SOURCE5} %{buildroot}%{_libexecdir}/tmpfiles.d/%{name}.conf + +sed -i -e 's/^backend = auto/backend = systemd/' %{buildroot}%{_sysconfdir}/%{name}/paths-opensuse.conf +%else + +install -m 755 files/suse-initd %{buildroot}%{_initddir}/%{name} +ln -sf %{_initddir}/%{name} %{buildroot}%{_sbindir}/rc%{name} +install -d -m 755 %{buildroot}%{_localstatedir}/run/%{name} %endif + +install -d -m 0755 %{buildroot}%{_localstatedir}/lib/fail2ban/ + +install -d -m 755 %{buildroot}%{_localstatedir}/adm/fillup-templates +install -p -m 644 %{SOURCE2} %{buildroot}%{_localstatedir}/adm/fillup-templates/sysconfig.%{name} + +install -d -m 755 %{buildroot}%{_sysconfdir}/logrotate.d +install -p -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/fail2ban + %if 0%{?_unitdir:1} -install -Dm0644 "%_sourcedir/sfw-fail2ban.conf" \ - "%buildroot/%_unitdir/SuSEfirewall2.service.d/fail2ban.conf" -install -Dm0644 "%_sourcedir/f2b-restart.conf" \ - "%buildroot/%_unitdir/fail2ban.service.d/SuSEfirewall2.conf" +install -Dm 0644 "%{_sourcedir}/sfw-fail2ban.conf" \ + "%{buildroot}%{_unitdir}/SuSEfirewall2.service.d/fail2ban.conf" +install -D -m 0644 "%{_sourcedir}/f2b-restart.conf" \ + "%{buildroot}%{_unitdir}/fail2ban.service.d/SuSEfirewall2.conf" +%endif +install -D -m 755 files/nagios/check_fail2ban %{buildroot}%{nagios_plugindir}/check_fail2ban + +# install docs using the macro +rm -r %{buildroot}%{_docdir}/%{name} + +# remove duplicates +%fdupes -s %{buildroot}%{python_sitelib} + +%check +#stat /dev/log +#python -c "import platform; print(platform.system())" +# tests require python-pyinotify to be installed, so don't run them on older versions +%if 0%{?suse_version} >= 1140 && 0%{?suse_version} != 1010 && 0%{?suse_version} != 1110 && 0%{?suse_version} != 1315 +# Need a UTF-8 locale to work +export LANG=en_US.UTF-8 +./fail2ban-testcases-all --no-network %endif -install -Dm755 files/nagios/check_fail2ban %{buildroot}/%{nagios_plugindir}/check_fail2ban %pre %if 0%{?suse_version} >= 1230 @@ -151,9 +206,9 @@ %endif %post -%{fillup_only} +%fillup_only %if 0%{?suse_version} >= 1230 -systemd-tmpfiles --create %{_prefix}/lib/tmpfiles.d/%{name}.conf +systemd-tmpfiles --create %{_libexecdir}/tmpfiles.d/%{name}.conf %service_add_post %{name}.service %endif @@ -174,46 +229,52 @@ %if 0%{?_unitdir:1} %post -n SuSEfirewall2-fail2ban -%_bindir/systemctl daemon-reload >/dev/null 2>&1 || : +%{_bindir}/systemctl daemon-reload >/dev/null 2>&1 || : %postun -n SuSEfirewall2-fail2ban -%_bindir/systemctl daemon-reload >/dev/null 2>&1 || : +%{_bindir}/systemctl daemon-reload >/dev/null 2>&1 || : %endif %files %defattr(-, root, root) -%dir %{_sysconfdir}/%{name} -%dir %{_sysconfdir}/%{name}/action.d -%dir %{_sysconfdir}/%{name}/filter.d -%config(noreplace) %{_sysconfdir}/%{name}/*.conf -%config(noreplace) %{_sysconfdir}/%{name}/action.d/*.conf -%config(noreplace) %{_sysconfdir}/%{name}/filter.d/*.conf +%config(noreplace) %{_sysconfdir}/%{name} %config %{_sysconfdir}/logrotate.d/fail2ban +%dir %{_localstatedir}/lib/fail2ban/ %if 0%{?suse_version} >= 1230 %{_unitdir}/%{name}.service -%{_prefix}/lib/tmpfiles.d/%{name}.conf +%{_libexecdir}/tmpfiles.d/%{name}.conf %else -%{_initrddir}/%{name} +%{_initddir}/%{name} %{_sbindir}/rc%{name} -%dir %ghost /var/run/%{name} +%dir %ghost %{_localstatedir}/run/%{name} %endif -%{_bindir}/%{name}* -%{_datadir}/%{name} -/var/adm/fillup-templates/sysconfig.%{name} -%doc %{_mandir}/man1/* -%doc COPYING ChangeLog DEVELOP README.md TODO files/cacti +%{_bindir}/fail2ban-server +%{_bindir}/fail2ban-client +%{_bindir}/fail2ban-regex +%{python_sitelib}/%{name} +%exclude %{python_sitelib}/%{name}/tests +%{python_sitelib}/%{name}-* +%{_localstatedir}/adm/fillup-templates/sysconfig.%{name} +%{_mandir}/man1/* +%{_mandir}/man5/* +%doc README.md TODO ChangeLog COPYING doc/*.txt %if 0%{?_unitdir:1} %files -n SuSEfirewall2-fail2ban %defattr(-,root,root) -%_unitdir/SuSEfirewall2.service.d -%_unitdir/fail2ban.service.d +%{_unitdir}/SuSEfirewall2.service.d +%{_unitdir}/fail2ban.service.d %endif +%files tests +%defattr(-,root,root) +%{_bindir}/fail2ban-testcases +%{python_sitelib}/%{name}/tests + %files -n nagios-plugins-fail2ban %defattr(-,root,root) %doc files/nagios/README COPYING -%dir %{_prefix}/lib/nagios +%dir %{_libexecdir}/nagios %dir %{nagios_plugindir} %{nagios_plugindir}/check_fail2ban ++++++ fail2ban-exclude-dev-log-tests.patch ++++++ diff -ur fail2ban-0.9.2-orig/fail2ban/tests/servertestcase.py fail2ban-0.9.2/fail2ban/tests/servertestcase.py --- fail2ban-0.9.2-orig/fail2ban/tests/servertestcase.py 2015-04-29 05:52:48.000000000 +0200 +++ fail2ban-0.9.2/fail2ban/tests/servertestcase.py 2015-05-08 15:57:57.021437562 +0200 @@ -778,32 +778,32 @@ self.setGetTest("logtarget", "STDOUT") self.setGetTest("logtarget", "STDERR") - def testLogTargetSYSLOG(self): - if not os.path.exists("/dev/log") and sys.version_info >= (2, 7): - raise unittest.SkipTest("'/dev/log' not present") - elif not os.path.exists("/dev/log"): - return - self.assertTrue(self.server.getSyslogSocket(), "auto") - self.setGetTest("logtarget", "SYSLOG") - self.assertTrue(self.server.getSyslogSocket(), "/dev/log") +# def testLogTargetSYSLOG(self): +# if not os.path.exists("/dev/log") and sys.version_info >= (2, 7): +# raise unittest.SkipTest("'/dev/log' not present") +# elif not os.path.exists("/dev/log"): +# return +# self.assertTrue(self.server.getSyslogSocket(), "auto") +# self.setGetTest("logtarget", "SYSLOG") +# self.assertTrue(self.server.getSyslogSocket(), "/dev/log") def testSyslogSocket(self): self.setGetTest("syslogsocket", "/dev/log/NEW/PATH") - def testSyslogSocketNOK(self): - self.setGetTest("syslogsocket", "/this/path/should/not/exist") - self.setGetTestNOK("logtarget", "SYSLOG") - # set back for other tests - self.setGetTest("syslogsocket", "/dev/log") - self.setGetTest("logtarget", "SYSLOG", - **{True: {}, # should work on Linux - False: dict( # expect to fail otherwise - outCode=1, - outValue=Exception('Failed to change log target'), - repr_=True # Exceptions are not comparable apparently - ) - }[platform.system() in ('Linux',) and os.path.exists('/dev/log')] - ) +# def testSyslogSocketNOK(self): +# self.setGetTest("syslogsocket", "/this/path/should/not/exist") +# self.setGetTestNOK("logtarget", "SYSLOG") +# # set back for other tests +# self.setGetTest("syslogsocket", "/dev/log") +# self.setGetTest("logtarget", "SYSLOG", +# **{True: {}, # should work on Linux +# False: dict( # expect to fail otherwise +# outCode=1, +# outValue=Exception('Failed to change log target'), +# repr_=True # Exceptions are not comparable apparently +# ) +# }[platform.system() in ('Linux',) and os.path.exists('/dev/log')] +# ) def testLogLevel(self): self.setGetTest("loglevel", "HEAVYDEBUG") ++++++ fail2ban-opensuse-locations.patch ++++++ --- /var/tmp/diff_new_pack.ZsL03s/_old 2015-07-03 00:03:50.000000000 +0200 +++ /var/tmp/diff_new_pack.ZsL03s/_new 2015-07-03 00:03:50.000000000 +0200 @@ -1,256 +1,30 @@ -diff -ur fail2ban-0.8.14.orig/config/jail.conf fail2ban-0.8.14/config/jail.conf ---- fail2ban-0.8.14.orig/config/jail.conf 2014-08-19 22:23:33.000000000 +0200 -+++ fail2ban-0.8.14/config/jail.conf 2014-08-20 17:39:21.428256837 +0200 -@@ -80,7 +80,7 @@ - enabled = false - filter = pam-generic - action = iptables-allports[name=pam,protocol=all] --logpath = /var/log/secure -+logpath = /var/log/messages +diff -ur fail2ban-0.9.2-orig/config/jail.conf fail2ban-0.9.2/config/jail.conf +--- fail2ban-0.9.2-orig/config/jail.conf 2015-04-29 05:52:48.000000000 +0200 ++++ fail2ban-0.9.2/config/jail.conf 2015-05-08 17:03:32.377375630 +0200 +@@ -344,7 +344,7 @@ + [roundcube-auth] + + port = http,https +-logpath = /var/log/roundcube/userlogins ++logpath = /srv/www/roundcubemail/logs/errors + + + [openwebmail] +@@ -617,7 +617,7 @@ + # filter = named-refused + # port = domain,953 + # protocol = udp +-# logpath = /var/log/named/security.log ++# logpath = /var/lib/named/log/security.log + + # IMPORTANT: see filter.d/named-refused for instructions to enable logging + # This jail blocks TCP traffic for DNS requests. +@@ -625,7 +625,7 @@ + [named-refused] - - [xinetd-fail] -@@ -97,7 +97,7 @@ - filter = sshd - action = iptables[name=SSH, port=ssh, protocol=tcp] - sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"] --logpath = /var/log/sshd.log -+logpath = /var/log/messages - maxretry = 5 - - -@@ -106,7 +106,7 @@ - enabled = false - filter = sshd-ddos - action = iptables[name=SSHDDOS, port=ssh, protocol=tcp] --logpath = /var/log/sshd.log -+logpath = /var/log/messages - maxretry = 2 - - -@@ -135,7 +135,7 @@ - filter = gssftpd - action = iptables[name=GSSFTPd, port=ftp, protocol=tcp] - sendmail-whois[name=GSSFTPd, dest=you@example.com] --logpath = /var/log/daemon.log -+logpath = /var/log/messages - maxretry = 6 - - -@@ -144,7 +144,7 @@ - enabled = false - filter = pure-ftpd - action = iptables[name=pureftpd, port=ftp, protocol=tcp] --logpath = /var/log/pureftpd.log -+logpath = /var/log/messages - maxretry = 6 - - -@@ -153,7 +153,7 @@ - enabled = false - filter = wuftpd - action = iptables[name=wuftpd, port=ftp, protocol=tcp] --logpath = /var/log/daemon.log -+logpath = /var/log/messages - maxretry = 6 - - -@@ -162,7 +162,7 @@ - enabled = false - filter = sendmail-auth - action = iptables-multiport[name=sendmail-auth, port="submission,465,smtp", protocol=tcp] --logpath = /var/log/mail.log -+logpath = /var/log/mail - - - [sendmail-reject] -@@ -170,7 +170,7 @@ - enabled = false - filter = sendmail-reject - action = iptables-multiport[name=sendmail-auth, port="submission,465,smtp", protocol=tcp] --logpath = /var/log/mail.log -+logpath = /var/log/mail - - - # This jail forces the backend to "polling". -@@ -181,7 +181,7 @@ - backend = polling - action = iptables[name=sasl, port=smtp, protocol=tcp] - sendmail-whois[name=sasl, dest=you@example.com] --logpath = /var/log/mail.log -+logpath = /var/log/mail - - - # ASSP SMTP Proxy Jail -@@ -202,7 +202,7 @@ - action = hostsdeny[daemon_list=sshd] - sendmail-whois[name=SSH, dest=you@example.com] - ignoreregex = for myuser from --logpath = /var/log/sshd.log -+logpath = /var/log/messages - - - # Here we use blackhole routes for not requiring any additional kernel support -@@ -212,7 +212,7 @@ - enabled = false - filter = sshd - action = route --logpath = /var/log/sshd.log -+logpath = /var/log/messages - maxretry = 5 - - -@@ -226,7 +226,7 @@ - enabled = false - filter = sshd - action = iptables-ipset-proto4[name=SSH, port=ssh, protocol=tcp] --logpath = /var/log/sshd.log -+logpath = /var/log/messages - maxretry = 5 - - -@@ -235,7 +235,7 @@ - enabled = false - filter = sshd - action = iptables-ipset-proto6[name=SSH, port=ssh, protocol=tcp, bantime=600] --logpath = /var/log/sshd.log -+logpath = /var/log/messages - maxretry = 5 - - -@@ -329,7 +329,7 @@ - enabled = false - filter = cyrus-imap - action = iptables-multiport[name=cyrus-imap,port="143,993"] --logpath = /var/log/mail*log -+logpath = /var/log/mail - - - [courierlogin] -@@ -337,7 +337,7 @@ - enabled = false - filter = courierlogin - action = iptables-multiport[name=courierlogin,port="25,110,143,465,587,993,995"] --logpath = /var/log/mail*log -+logpath = /var/log/mail - - - [couriersmtp] -@@ -345,7 +345,7 @@ - enabled = false - filter = couriersmtp - action = iptables-multiport[name=couriersmtp,port="25,465,587"] --logpath = /var/log/mail*log -+logpath = /var/log/mail - - - [qmail-rbl] -@@ -361,7 +361,7 @@ - enabled = false - filter = sieve - action = iptables-multiport[name=sieve,port="25,465,587"] --logpath = /var/log/mail*log -+logpath = /var/log/mail - - - # Do not ban anybody. Just report information about the remote host. -@@ -396,7 +396,8 @@ - filter = apache-badbots - action = iptables-multiport[name=BadBots, port="http,https"] - sendmail-buffered[name=BadBots, lines=5, dest=you@example.com] --logpath = /var/www/*/logs/access_log -+logpath = /var/log/apache/access_log -+ /var/log/apache2/*/access_log - bantime = 172800 - maxretry = 1 - -@@ -466,7 +467,7 @@ - enabled = false - action = iptables-multiport[name=php-url-open, port="http,https"] - filter = php-url-fopen --logpath = /var/www/*/logs/access_log -+logpath = /var/log/apache/access_log - maxretry = 1 - - -@@ -500,7 +501,7 @@ - filter = sshd - action = ipfw[localhost=192.168.0.1] - sendmail-whois[name="SSH,IPFW", dest=you@example.com] --logpath = /var/log/auth.log -+logpath = /var/log/messages - ignoreip = 168.192.0.1 - - -@@ -531,7 +532,7 @@ - filter = named-refused - action = iptables-multiport[name=Named, port="domain,953", protocol=tcp] - sendmail-whois[name=Named, dest=you@example.com] + port = domain,953 -logpath = /var/log/named/security.log +logpath = /var/lib/named/log/security.log - ignoreip = 168.192.0.1 - - -@@ -601,7 +602,7 @@ - filter = mysqld-auth - action = iptables[name=mysql, port=3306, protocol=tcp] - sendmail-whois[name=MySQL, dest=root, sender=fail2ban@example.com] --logpath = /var/log/mysqld.log -+logpath = /var/log/mysql/mysqld.log - maxretry = 5 - - -@@ -610,7 +611,7 @@ - enabled = false - filter = mysqld-auth - action = iptables[name=mysql, port=3306, protocol=tcp] --logpath = /var/log/daemon.log -+logpath = /var/log/mysql/mysqld.log - maxretry = 5 - - -@@ -637,7 +638,7 @@ - enabled = false - filter = sshd - action = pf --logpath = /var/log/sshd.log -+logpath = /var/log/messages - maxretry = 5 - - -@@ -723,7 +724,7 @@ - enabled = false - filter = dovecot - action = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,465,sieve", protocol=tcp] --logpath = /var/log/mail.log -+logpath = /var/log/mail - - - [dovecot-auth] -@@ -731,7 +732,7 @@ - enabled = false - filter = dovecot - action = iptables-multiport[name=dovecot-auth, port="pop3,pop3s,imap,imaps,submission,465,sieve", protocol=tcp] --logpath = /var/log/secure -+logpath = /var/log/mail - - - [solid-pop3d] -@@ -739,7 +740,7 @@ - enabled = false - filter = solid-pop3d - action = iptables-multiport[name=solid-pop3, port="pop3,pop3s", protocol=tcp] --logpath = /var/log/mail.log -+logpath = /var/log/mail - - - [selinux-ssh] -@@ -761,7 +762,7 @@ - action = iptables[name=SSH, port=ssh, protocol=tcp] - sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"] - blocklist_de[email="fail2ban@example.com", apikey="xxxxxx", service=%(filter)s] --logpath = /var/log/sshd.log -+logpath = /var/log/messages - maxretry = 20 + [nsd] ++++++ fail2ban-opensuse-service.patch ++++++ diff -ur fail2ban-0.9.2-orig/files/fail2ban.service fail2ban-0.9.2/files/fail2ban.service --- fail2ban-0.9.2-orig/files/fail2ban.service 2015-04-29 05:52:48.000000000 +0200 +++ fail2ban-0.9.2/files/fail2ban.service 2015-05-07 10:52:04.187045581 +0200 @@ -1,11 +1,12 @@ [Unit] Description=Fail2Ban Service Documentation=man:fail2ban(1) -After=network.target iptables.service firewalld.service +After=network.target SuSEfirewall2.service [Service] Type=forking -ExecStart=/usr/bin/fail2ban-client -x start +EnvironmentFile=-/etc/sysconfig/fail2ban +ExecStart=/usr/bin/fail2ban-client -x $FAIL2BAN_OPTIONS start ExecStop=/usr/bin/fail2ban-client stop ExecReload=/usr/bin/fail2ban-client reload PIDFile=/var/run/fail2ban/fail2ban.pid ++++++ fail2ban-rpmlintrc ++++++ addFilter("W: htaccess-file .*tests.*") addFilter("W: hidden-file-or-dir .*tests.*") addFilter("W: no-manual-page-for-binary fail2ban-testcases") ++++++ paths-opensuse.conf ++++++ # openSUSE log-file locations [INCLUDES] before = paths-common.conf after = paths-overrides.local [DEFAULT] syslog_local0 = /var/log/messages syslog_mail = /var/log/mail syslog_mail_warn = %(syslog_mail)s syslog_authpriv = %(syslog_local0)s syslog_user = %(syslog_local0)s syslog_ftp = %(syslog_local0)s syslog_daemon = %(syslog_local0)s apache_error_log = /var/log/apache2/*error_log apache_access_log = /var/log/apache2/*access_log pureftpd_log = %(syslog_local0)s exim_main_log = /var/log/exim/main.log mysql_log = /var/log/mysql/mysqld.log solidpop3d_log = %(syslog_mail)s