Hello community, here is the log from the commit of package fail2ban for openSUSE:Factory checked in at 2014-05-02 13:55:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/fail2ban (Old) and /work/SRC/openSUSE:Factory/.fail2ban.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "fail2ban" Changes: -------- --- /work/SRC/openSUSE:Factory/fail2ban/fail2ban.changes 2014-01-30 14:54:37.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.fail2ban.new/fail2ban.changes 2014-05-02 13:55:19.000000000 +0200 @@ -1,0 +2,7 @@ +Tue Feb 18 00:03:12 UTC 2014 - jengelh@inai.de + +- Add a new subpackage to install systemd drop-ins that couple + SuSEfirewall2 and fail2ban. Added sfw-fail2ban.conf, + f2b-restart.conf. + +------------------------------------------------------------------- New: ---- f2b-restart.conf sfw-fail2ban.conf ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ fail2ban.spec ++++++ --- /var/tmp/diff_new_pack.B7fkRS/_old 2014-05-02 13:55:20.000000000 +0200 +++ /var/tmp/diff_new_pack.B7fkRS/_new 2014-05-02 13:55:20.000000000 +0200 @@ -20,11 +20,10 @@ Version: 0.8.12 Release: 0 Url: http://www.fail2ban.org/ -BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildArch: noarch Summary: Bans IP addresses that make too many authentication failures License: GPL-2.0+ Group: Productivity/Networking/Security + Source0: https://github.com/%{name}/%{name}/releases/download/%{version}/%{name}-%{version}.tar.bz2 %if 0%{?suse_version} < 1230 # the init-script requires lsof @@ -33,12 +32,20 @@ %endif Source2: %{name}.sysconfig Source3: %{name}.logrotate -%if 0%{?suse_version} >= 1230 Source4: %{name}.service Source5: %{name}.tmpfiles -%endif +Source6: sfw-fail2ban.conf +Source7: f2b-restart.conf # PATCH-FIX-UPSTREAM fix-for-upstream-firewallcmd-ipset.conf.patch rh#1046816 Patch0: fix-for-upstream-firewallcmd-ipset.conf.patch +BuildRoot: %{_tmppath}/%{name}-%{version}-build +BuildArch: noarch +%if 0%{?suse_version} >= 1230 +%{?systemd_requires} +BuildRequires: systemd +%endif +BuildRequires: logrotate +BuildRequires: python-devel Requires: cron Requires: iptables Requires: logrotate @@ -49,12 +56,6 @@ %if 0%{?suse_version} >= 1220 Requires: python-gamin %endif -%if 0%{?suse_version} >= 1230 -%{?systemd_requires} -BuildRequires: systemd -%endif -BuildRequires: logrotate -BuildRequires: python-devel %description Fail2ban scans log files like /var/log/messages and bans IP addresses @@ -63,6 +64,18 @@ These rules can be defined by the user. Fail2Ban can read multiple log files such as sshd or Apache web server ones. +%package -n SuSEfirewall2-fail2ban +Summary: systemd files for integrating fail2ban into SuSEfirewall2 +Group: Productivity/Networking/Security +BuildArch: noarch +Requires: SuSEfirewall2 +Requires: fail2ban + +%description -n SuSEfirewall2-fail2ban +This package ships systemd files which will cause fail2ban to be ordered +in relation to SuSEfirewall2 such that the two can be run concurrently +within reason, i.e. SFW will always run first because it does a table flush. + %prep %setup %patch0 -p1 @@ -101,6 +114,12 @@ install -d -m755 $RPM_BUILD_ROOT/usr/lib/tmpfiles.d/ install -m644 %{SOURCE5} $RPM_BUILD_ROOT/usr/lib/tmpfiles.d/%{name}.conf %endif +%if "%_unitdir" != "" +install -Dm0644 "%_sourcedir/sfw-fail2ban.conf" \ + "%buildroot/%_unitdir/SuSEfirewall2.service.d/fail2ban.conf" +install -Dm0644 "%_sourcedir/f2b-restart.conf" \ + "%buildroot/%_unitdir/fail2ban.service.d/SuSEfirewall2.conf" +%endif %pre %if 0%{?suse_version} >= 1230 @@ -129,6 +148,14 @@ %insserv_cleanup %endif +%if "%_unitdir" != "" +%post -n SuSEfirewall2-fail2ban +%_bindir/systemctl daemon-reload >/dev/null 2>&1 || : + +%postun -n SuSEfirewall2-fail2ban +%_bindir/systemctl daemon-reload >/dev/null 2>&1 || : +%endif + %files %defattr(-, root, root) %dir %{_sysconfdir}/%{name} @@ -152,4 +179,11 @@ %doc %{_mandir}/man1/* %doc COPYING ChangeLog DEVELOP README.md TODO files/cacti +%if "%{?_unitdir}" != "" +%files -n SuSEfirewall2-fail2ban +%defattr(-,root,root) +%_unitdir/SuSEfirewall2.service.d +%_unitdir/fail2ban.service.d +%endif + %changelog ++++++ f2b-restart.conf ++++++ # When a restart is issued for SuSEfirewall2, fail2ban.service too must be # restarted, which is what this drop-in file does. [Unit] PartOf=SuSEfirewall2.service ++++++ sfw-fail2ban.conf ++++++ # This drop-in file extends SuSEfirewall2.service to also start # fail2ban.service, and to make sure that fail2ban is only (re)started after # SFW has completed. [Unit] Wants=fail2ban.service Before=fail2ban.service -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org