From owner-freebsd-ports-bugs@FreeBSD.ORG Fri Jul 5 16:10:01 2013 Return-Path: Delivered-To: freebsd-ports-bugs@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id E2265D18 for ; Fri, 5 Jul 2013 16:10:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id C0FB715E3 for ; Fri, 5 Jul 2013 16:10:01 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r65GA19b005464 for ; Fri, 5 Jul 2013 16:10:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r65GA1hc005463; Fri, 5 Jul 2013 16:10:01 GMT (envelope-from gnats) Resent-Date: Fri, 5 Jul 2013 16:10:01 GMT Resent-Message-Id: <201307051610.r65GA1hc005463@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Nick Hilliard Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 64E4C958 for ; Fri, 5 Jul 2013 16:01:15 +0000 (UTC) (envelope-from nick@pancake.netability.ie) Received: from pancake.netability.ie (unknown [IPv6:2001:1bb8:2004:155::2]) by mx1.freebsd.org (Postfix) with ESMTP id C0A1A1456 for ; Fri, 5 Jul 2013 16:01:14 +0000 (UTC) Received: from pancake.netability.ie (localhost [127.0.0.1]) by pancake.netability.ie (8.14.5/8.14.5) with ESMTP id r65G196Q076927; Fri, 5 Jul 2013 17:01:09 +0100 (IST) (envelope-from nick@pancake.netability.ie) Received: (from nick@localhost) by pancake.netability.ie (8.14.5/8.14.5/Submit) id r65G19V8076926; Fri, 5 Jul 2013 17:01:09 +0100 (IST) (envelope-from nick) Message-Id: <201307051601.r65G19V8076926@pancake.netability.ie> Date: Fri, 5 Jul 2013 17:01:09 +0100 (IST) From: Nick Hilliard To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.113 Subject: ports/180327: bug fix: bugfixes for security/py-fail2ban port X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Nick Hilliard List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jul 2013 16:10:01 -0000 >Number: 180327 >Category: ports >Synopsis: bug fix: bugfixes for security/py-fail2ban port >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Fri Jul 05 16:10:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Nick Hilliard >Release: FreeBSD 9.0-RELEASE amd64 >Organization: Network Ability Ltd >Environment: System: FreeBSD 9.0-RELEASE >Description: this patch fixes two bugs: - installation / removal stomps all over existing configuration files, which means that upgrading destroys existing configs. - default to /var/log/auth.log instead of /var/log/sshd.log in jail.conf. auth.log exists by default on all freebsd installations; sshd.log doesn't. >How-To-Repeat: >Fix: diff -bNur py-fail2ban.orig/Makefile py-fail2ban/Makefile --- py-fail2ban.orig/Makefile 2013-07-05 12:13:41.000000000 +0100 +++ py-fail2ban/Makefile 2013-07-05 16:37:47.000000000 +0100 @@ -3,6 +3,7 @@ PORTNAME= fail2ban PORTVERSION= 0.8.9 +PORTREVISION= 1 CATEGORIES= security python MASTER_SITES= https://github.com/${PORTNAME}/${PORTNAME}/tarball/${PORTVERSION}/ PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} @@ -38,12 +39,17 @@ ${WRKSRC}/client/configreader.py \ ${WRKSRC}/fail2ban-client +CONFFILES= fail2ban.conf jail.conf + .include post-patch: @${ECHO_CMD} ${FILES} | ${XARGS} ${REINPLACE_CMD} -e 's,/etc/fail2ban,${ETCDIR},g' @${REINPLACE_CMD} -e 's,/bin/grep,grep,g' \ ${WRKSRC}/config/action.d/sendmail-whois-lines.conf +.for f in ${CONFFILES} + @${INSTALL_DATA} ${WRKSRC}/config/${f} ${WRKSRC}/config/${f}.dist +.endfor post-install: .if ${PORT_OPTIONS:MDOCS} diff -bNur py-fail2ban.orig/files/patch-jail.conf py-fail2ban/files/patch-jail.conf --- py-fail2ban.orig/files/patch-jail.conf 1970-01-01 01:00:00.000000000 +0100 +++ py-fail2ban/files/patch-jail.conf 2013-07-05 12:17:46.000000000 +0100 @@ -0,0 +1,11 @@ +--- config/jail.conf.orig 2013-07-05 12:16:39.000000000 +0100 ++++ config/jail.conf 2013-07-05 12:17:20.000000000 +0100 +@@ -400,7 +400,7 @@ + enabled=false + filter = sshd + action = pf +-logpath = /var/log/sshd.log ++logpath = /var/log/auth.log + maxretry=5 + + diff -bNur py-fail2ban.orig/files/patch-setup.py py-fail2ban/files/patch-setup.py --- py-fail2ban.orig/files/patch-setup.py 2013-07-05 12:13:41.000000000 +0100 +++ py-fail2ban/files/patch-setup.py 2013-07-05 16:34:24.000000000 +0100 @@ -1,5 +1,14 @@ ---- setup.py.orig 2013-06-10 03:40:55.000000000 -0400 -+++ setup.py 2013-06-10 03:41:17.000000000 -0400 +--- setup.py.orig 2013-05-13 16:24:07.000000000 +0100 ++++ setup.py 2013-07-05 16:32:15.000000000 +0100 +@@ -57,7 +57,7 @@ + ], + data_files = [ + ('/etc/fail2ban', +- glob("config/*.conf") ++ glob("config/*.conf.dist") + ), + ('/etc/fail2ban/filter.d', + glob("config/filter.d/*.conf") @@ -67,9 +67,6 @@ ), ('/var/run/fail2ban', @@ -10,3 +19,4 @@ ) ] ) + diff -bNur py-fail2ban.orig/pkg-plist py-fail2ban/pkg-plist --- py-fail2ban.orig/pkg-plist 2013-07-05 12:13:41.000000000 +0100 +++ py-fail2ban/pkg-plist 2013-07-05 16:27:14.000000000 +0100 @@ -26,7 +26,7 @@ %%ETCDIR%%/action.d/sendmail-whois.conf %%ETCDIR%%/action.d/sendmail.conf %%ETCDIR%%/action.d/shorewall.conf -%%ETCDIR%%/fail2ban.conf +%%ETCDIR%%/fail2ban.conf.dist %%ETCDIR%%/filter.d/apache-auth.conf %%ETCDIR%%/filter.d/apache-badbots.conf %%ETCDIR%%/filter.d/apache-nohome.conf @@ -66,7 +66,7 @@ %%ETCDIR%%/filter.d/webmin-auth.conf %%ETCDIR%%/filter.d/wuftpd.conf %%ETCDIR%%/filter.d/xinetd-fail.conf -%%ETCDIR%%/jail.conf +%%ETCDIR%%/jail.conf.dist %%PYTHON_SITELIBDIR%%/client/__init__.py %%PYTHON_SITELIBDIR%%/client/__init__.pyc %%PYTHON_SITELIBDIR%%/client/actionreader.py >Release-Note: >Audit-Trail: >Unformatted: