rebase of the patches with the new upstream release

debian
Sylvestre Ledru 2020-01-12 23:31:42 +01:00
parent 5cbc262406
commit 592e59ad97
8 changed files with 36 additions and 132 deletions

View File

@ -8,27 +8,3 @@ Subject: [PATCH] BF: RF test for "being a root" to check if actually can read
fail2ban/tests/filtertestcase.py | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/fail2ban/tests/filtertestcase.py b/fail2ban/tests/filtertestcase.py
index b707beb5..40cf51f9 100644
--- a/fail2ban/tests/filtertestcase.py
+++ b/fail2ban/tests/filtertestcase.py
@@ -675,7 +675,15 @@ class LogFileMonitor(LogCaptureTestCase):
os.chmod(self.name, 0)
self.filter.getFailures(self.name)
failure_was_logged = self._is_logged('Unable to open %s' % self.name)
- is_root = getpass.getuser() == 'root'
+ # verify that we cannot access the file. Checking by name of user is not
+ # sufficient since could be a fakeroot or some other super-user
+ try:
+ with open(self.name) as f:
+ f.read()
+ is_root = True
+ except IOError:
+ is_root = False
+
# If ran as root, those restrictive permissions would not
# forbid log to be read.
self.assertTrue(failure_was_logged != is_root)
--
2.15.1

View File

@ -10,25 +10,3 @@ and thus cannot test in a build directory which is out of source
fail2ban/tests/fail2banclienttestcase.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fail2ban/tests/fail2banclienttestcase.py b/fail2ban/tests/fail2banclienttestcase.py
index 1e2d1b33..65653a8e 100644
--- a/fail2ban/tests/fail2banclienttestcase.py
+++ b/fail2ban/tests/fail2banclienttestcase.py
@@ -44,13 +44,13 @@ from ..server import server
from ..server.mytime import MyTime
from ..server.utils import Utils
from .utils import LogCaptureTestCase, logSys as DefLogSys, with_tmpdir, shutil, logging
+from .utils import CONFIG_DIR as STOCK_CONF_DIR
from ..helpers import getLogger
# Gets the instance of the logger.
logSys = getLogger(__name__)
-STOCK_CONF_DIR = "config"
STOCK = exists(pjoin(STOCK_CONF_DIR, 'fail2ban.conf'))
CLIENT = "fail2ban-client"
--
2.15.1

View File

@ -10,19 +10,16 @@ so decided to make it more explicit
fail2ban/tests/fail2banclienttestcase.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fail2ban/tests/fail2banclienttestcase.py b/fail2ban/tests/fail2banclienttestcase.py
index 65653a8e..94790b04 100644
--- a/fail2ban/tests/fail2banclienttestcase.py
+++ b/fail2ban/tests/fail2banclienttestcase.py
@@ -153,6 +153,8 @@ def _start_params(tmp, use_stock=False, use_stock_cfg=None,
Index: fail2ban/fail2ban/tests/fail2banclienttestcase.py
===================================================================
--- fail2ban.orig/fail2ban/tests/fail2banclienttestcase.py
+++ fail2ban/fail2ban/tests/fail2banclienttestcase.py
@@ -173,6 +173,8 @@ def _start_params(tmp, use_stock=False,
"""Filters list of 'files' to contain only directories (under dir)"""
return [f for f in files if isdir(pjoin(dir, f))]
shutil.copytree(STOCK_CONF_DIR, cfg, ignore=ig_dirs)
+ assert use_stock_cfg is None, \
+ "We are about to overload use_stock_cfg from the one provided %s" % repr(use_stock_cfg)
use_stock_cfg = ('action.d', 'filter.d')
if use_stock_cfg is None: use_stock_cfg = ('action.d', 'filter.d')
# replace fail2ban params (database with memory):
r = re.compile(r'^dbfile\s*=')
--
2.15.1

View File

@ -9,38 +9,3 @@ as it happens on Debian systems
fail2ban/tests/filtertestcase.py | 21 ++++++++++++++++-----
1 file changed, 16 insertions(+), 5 deletions(-)
diff --git a/fail2ban/tests/filtertestcase.py b/fail2ban/tests/filtertestcase.py
index 1803974b..b707beb5 100644
--- a/fail2ban/tests/filtertestcase.py
+++ b/fail2ban/tests/filtertestcase.py
@@ -1173,11 +1173,22 @@ def get_monitor_failures_journal_testcase(Filter_): # pragma: systemd no cover
super(MonitorJournalFailures, self).tearDown()
def _getRuntimeJournal(self):
- # retrieve current system journal path
- tmp = Utils.executeCmd('find "$(systemd-path system-runtime-logs)" -name system.journal',
- timeout=10, shell=True, output=True);
- self.assertTrue(tmp)
- return str(tmp[1].decode('utf-8')).split('\n')[0]
+ """Retrieve current system journal path
+
+ If none found, None will be returned
+ """
+ # Depending on the system, it could be found under /run or /var/log (e.g. Debian)
+ # which are pointed by different systemd-path variables. We will
+ # check one at at time until the first hit
+ for systemd_var in 'system-runtime-logs', 'system-state-logs':
+ tmp = Utils.executeCmd(
+ 'find "$(systemd-path %s)" -name system.journal' % systemd_var,
+ timeout=10, shell=True, output=True
+ )
+ self.assertTrue(tmp)
+ out = str(tmp[1].decode('utf-8')).split('\n')[0]
+ if out:
+ return out
def testJournalFilesArg(self):
# retrieve current system journal path
--
2.15.1

View File

@ -12,23 +12,3 @@ changed files etc
setup.py | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/setup.py b/setup.py
index 8da29268..850f748f 100755
--- a/setup.py
+++ b/setup.py
@@ -208,8 +208,10 @@ setup(
license = "GPL",
platforms = "Posix",
cmdclass = {
- 'build_py': build_py, 'build_scripts': build_scripts,
- 'install_scripts': install_scripts_f2b, 'install': install_command_f2b
+ 'build_py': build_py_2to3 if _2to3 else build_py,
+ 'build_scripts': build_scripts_2to3 if _2to3 else build_scripts,
+ 'install_scripts': install_scripts_f2b,
+ 'install': install_command_f2b
},
scripts = [
'bin/fail2ban-client',
--
2.15.1

View File

@ -1,11 +1,13 @@
--- a/files/debian-initd
+++ b/files/debian-initd
@@ -28,7 +28,7 @@ NAME=fail2ban
Index: fail2ban/files/debian-initd
===================================================================
--- fail2ban.orig/files/debian-initd
+++ fail2ban/files/debian-initd
@@ -28,7 +28,7 @@ NAME="fail2ban"
# fail2ban-client is not a daemon itself but starts a daemon and
# loads its with configuration
-DAEMON=/usr/local/bin/$NAME-client
+DAEMON=/usr/bin/$NAME-client
SCRIPTNAME=/etc/init.d/$NAME
-DAEMON="/usr/local/bin/$NAME-client"
+DAEMON="/usr/bin/$NAME-client"
SCRIPTNAME="/etc/init.d/$NAME"
# Ad-hoc way to parse out socket file name

View File

@ -2,25 +2,29 @@ From: Yaroslav Halchenko <debian@onerussian.com>
Date: Fri, 8 Feb 2008 00:40:57 -0500
Subject: tune ups in upstream manpages to direct users to use reportbug
--- a/man/fail2ban-client.1
+++ b/man/fail2ban-client.1
@@ -437,7 +437,7 @@ the action <ACT> for <JAIL>
Index: fail2ban/man/fail2ban-client.1
===================================================================
--- fail2ban.orig/man/fail2ban-client.1
+++ fail2ban/man/fail2ban-client.1
@@ -470,7 +470,7 @@ the action <ACT> for <JAIL>
.SH FILES
\fI/etc/fail2ban/*\fR
.SH "REPORTING BUGS"
-Report bugs to https://github.com/fail2ban/fail2ban/issues
+Report bugs via Debian bug tracking system \fIhttp://www.debian.org/Bugs/\fR .
.SH COPYRIGHT
Copyright \(co 2004\-2008 Cyril Jaquier, 2008\- Fail2Ban Contributors
.br
--- a/man/fail2ban-server.1
+++ b/man/fail2ban-server.1
.SH "SEE ALSO"
.br
fail2ban-server(1)
Index: fail2ban/man/fail2ban-server.1
===================================================================
--- fail2ban.orig/man/fail2ban-server.1
+++ fail2ban/man/fail2ban-server.1
@@ -69,7 +69,7 @@ display this help message
\fB\-V\fR, \fB\-\-version\fR
print the version
print the version (\fB\-V\fR returns machine\-readable short format)
.SH "REPORTING BUGS"
-Report bugs to https://github.com/fail2ban/fail2ban/issues
+Report bugs via Debian bug tracking system \fIhttp://www.debian.org/Bugs/\fR .
.SH COPYRIGHT
Copyright \(co 2004\-2008 Cyril Jaquier, 2008\- Fail2Ban Contributors
.br
.SH "SEE ALSO"
.br
fail2ban-client(1)

View File

@ -15,13 +15,15 @@ Origin: Fedora, Debian
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871993
Last-Update: 2018-04-04
--- a/files/fail2ban.service.in
+++ b/files/fail2ban.service.in
Index: fail2ban/files/fail2ban.service.in
===================================================================
--- fail2ban.orig/files/fail2ban.service.in
+++ fail2ban/files/fail2ban.service.in
@@ -2,7 +2,7 @@
Description=Fail2Ban Service
Documentation=man:fail2ban(1)
After=network.target iptables.service firewalld.service ip6tables.service ipset.service
-PartOf=iptables.service firewalld.service ip6tables.service ipset.service
After=network.target iptables.service firewalld.service ip6tables.service ipset.service nftables.service
-PartOf=iptables.service firewalld.service ip6tables.service ipset.service nftables.service
+PartOf=firewalld.service
[Service]