mirror of https://github.com/fail2ban/fail2ban
rebase of the patches with the new upstream release
parent
5cbc262406
commit
592e59ad97
|
@ -8,27 +8,3 @@ Subject: [PATCH] BF: RF test for "being a root" to check if actually can read
|
||||||
fail2ban/tests/filtertestcase.py | 10 +++++++++-
|
fail2ban/tests/filtertestcase.py | 10 +++++++++-
|
||||||
1 file changed, 9 insertions(+), 1 deletion(-)
|
1 file changed, 9 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
diff --git a/fail2ban/tests/filtertestcase.py b/fail2ban/tests/filtertestcase.py
|
|
||||||
index b707beb5..40cf51f9 100644
|
|
||||||
--- a/fail2ban/tests/filtertestcase.py
|
|
||||||
+++ b/fail2ban/tests/filtertestcase.py
|
|
||||||
@@ -675,7 +675,15 @@ class LogFileMonitor(LogCaptureTestCase):
|
|
||||||
os.chmod(self.name, 0)
|
|
||||||
self.filter.getFailures(self.name)
|
|
||||||
failure_was_logged = self._is_logged('Unable to open %s' % self.name)
|
|
||||||
- is_root = getpass.getuser() == 'root'
|
|
||||||
+ # verify that we cannot access the file. Checking by name of user is not
|
|
||||||
+ # sufficient since could be a fakeroot or some other super-user
|
|
||||||
+ try:
|
|
||||||
+ with open(self.name) as f:
|
|
||||||
+ f.read()
|
|
||||||
+ is_root = True
|
|
||||||
+ except IOError:
|
|
||||||
+ is_root = False
|
|
||||||
+
|
|
||||||
# If ran as root, those restrictive permissions would not
|
|
||||||
# forbid log to be read.
|
|
||||||
self.assertTrue(failure_was_logged != is_root)
|
|
||||||
--
|
|
||||||
2.15.1
|
|
||||||
|
|
||||||
|
|
|
@ -10,25 +10,3 @@ and thus cannot test in a build directory which is out of source
|
||||||
fail2ban/tests/fail2banclienttestcase.py | 2 +-
|
fail2ban/tests/fail2banclienttestcase.py | 2 +-
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
diff --git a/fail2ban/tests/fail2banclienttestcase.py b/fail2ban/tests/fail2banclienttestcase.py
|
|
||||||
index 1e2d1b33..65653a8e 100644
|
|
||||||
--- a/fail2ban/tests/fail2banclienttestcase.py
|
|
||||||
+++ b/fail2ban/tests/fail2banclienttestcase.py
|
|
||||||
@@ -44,13 +44,13 @@ from ..server import server
|
|
||||||
from ..server.mytime import MyTime
|
|
||||||
from ..server.utils import Utils
|
|
||||||
from .utils import LogCaptureTestCase, logSys as DefLogSys, with_tmpdir, shutil, logging
|
|
||||||
+from .utils import CONFIG_DIR as STOCK_CONF_DIR
|
|
||||||
|
|
||||||
from ..helpers import getLogger
|
|
||||||
|
|
||||||
# Gets the instance of the logger.
|
|
||||||
logSys = getLogger(__name__)
|
|
||||||
|
|
||||||
-STOCK_CONF_DIR = "config"
|
|
||||||
STOCK = exists(pjoin(STOCK_CONF_DIR, 'fail2ban.conf'))
|
|
||||||
|
|
||||||
CLIENT = "fail2ban-client"
|
|
||||||
--
|
|
||||||
2.15.1
|
|
||||||
|
|
||||||
|
|
|
@ -10,19 +10,16 @@ so decided to make it more explicit
|
||||||
fail2ban/tests/fail2banclienttestcase.py | 2 ++
|
fail2ban/tests/fail2banclienttestcase.py | 2 ++
|
||||||
1 file changed, 2 insertions(+)
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
diff --git a/fail2ban/tests/fail2banclienttestcase.py b/fail2ban/tests/fail2banclienttestcase.py
|
Index: fail2ban/fail2ban/tests/fail2banclienttestcase.py
|
||||||
index 65653a8e..94790b04 100644
|
===================================================================
|
||||||
--- a/fail2ban/tests/fail2banclienttestcase.py
|
--- fail2ban.orig/fail2ban/tests/fail2banclienttestcase.py
|
||||||
+++ b/fail2ban/tests/fail2banclienttestcase.py
|
+++ fail2ban/fail2ban/tests/fail2banclienttestcase.py
|
||||||
@@ -153,6 +153,8 @@ def _start_params(tmp, use_stock=False, use_stock_cfg=None,
|
@@ -173,6 +173,8 @@ def _start_params(tmp, use_stock=False,
|
||||||
"""Filters list of 'files' to contain only directories (under dir)"""
|
"""Filters list of 'files' to contain only directories (under dir)"""
|
||||||
return [f for f in files if isdir(pjoin(dir, f))]
|
return [f for f in files if isdir(pjoin(dir, f))]
|
||||||
shutil.copytree(STOCK_CONF_DIR, cfg, ignore=ig_dirs)
|
shutil.copytree(STOCK_CONF_DIR, cfg, ignore=ig_dirs)
|
||||||
+ assert use_stock_cfg is None, \
|
+ assert use_stock_cfg is None, \
|
||||||
+ "We are about to overload use_stock_cfg from the one provided %s" % repr(use_stock_cfg)
|
+ "We are about to overload use_stock_cfg from the one provided %s" % repr(use_stock_cfg)
|
||||||
use_stock_cfg = ('action.d', 'filter.d')
|
if use_stock_cfg is None: use_stock_cfg = ('action.d', 'filter.d')
|
||||||
# replace fail2ban params (database with memory):
|
# replace fail2ban params (database with memory):
|
||||||
r = re.compile(r'^dbfile\s*=')
|
r = re.compile(r'^dbfile\s*=')
|
||||||
--
|
|
||||||
2.15.1
|
|
||||||
|
|
||||||
|
|
|
@ -9,38 +9,3 @@ as it happens on Debian systems
|
||||||
fail2ban/tests/filtertestcase.py | 21 ++++++++++++++++-----
|
fail2ban/tests/filtertestcase.py | 21 ++++++++++++++++-----
|
||||||
1 file changed, 16 insertions(+), 5 deletions(-)
|
1 file changed, 16 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
diff --git a/fail2ban/tests/filtertestcase.py b/fail2ban/tests/filtertestcase.py
|
|
||||||
index 1803974b..b707beb5 100644
|
|
||||||
--- a/fail2ban/tests/filtertestcase.py
|
|
||||||
+++ b/fail2ban/tests/filtertestcase.py
|
|
||||||
@@ -1173,11 +1173,22 @@ def get_monitor_failures_journal_testcase(Filter_): # pragma: systemd no cover
|
|
||||||
super(MonitorJournalFailures, self).tearDown()
|
|
||||||
|
|
||||||
def _getRuntimeJournal(self):
|
|
||||||
- # retrieve current system journal path
|
|
||||||
- tmp = Utils.executeCmd('find "$(systemd-path system-runtime-logs)" -name system.journal',
|
|
||||||
- timeout=10, shell=True, output=True);
|
|
||||||
- self.assertTrue(tmp)
|
|
||||||
- return str(tmp[1].decode('utf-8')).split('\n')[0]
|
|
||||||
+ """Retrieve current system journal path
|
|
||||||
+
|
|
||||||
+ If none found, None will be returned
|
|
||||||
+ """
|
|
||||||
+ # Depending on the system, it could be found under /run or /var/log (e.g. Debian)
|
|
||||||
+ # which are pointed by different systemd-path variables. We will
|
|
||||||
+ # check one at at time until the first hit
|
|
||||||
+ for systemd_var in 'system-runtime-logs', 'system-state-logs':
|
|
||||||
+ tmp = Utils.executeCmd(
|
|
||||||
+ 'find "$(systemd-path %s)" -name system.journal' % systemd_var,
|
|
||||||
+ timeout=10, shell=True, output=True
|
|
||||||
+ )
|
|
||||||
+ self.assertTrue(tmp)
|
|
||||||
+ out = str(tmp[1].decode('utf-8')).split('\n')[0]
|
|
||||||
+ if out:
|
|
||||||
+ return out
|
|
||||||
|
|
||||||
def testJournalFilesArg(self):
|
|
||||||
# retrieve current system journal path
|
|
||||||
--
|
|
||||||
2.15.1
|
|
||||||
|
|
||||||
|
|
|
@ -12,23 +12,3 @@ changed files etc
|
||||||
setup.py | 6 ++++--
|
setup.py | 6 ++++--
|
||||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
diff --git a/setup.py b/setup.py
|
|
||||||
index 8da29268..850f748f 100755
|
|
||||||
--- a/setup.py
|
|
||||||
+++ b/setup.py
|
|
||||||
@@ -208,8 +208,10 @@ setup(
|
|
||||||
license = "GPL",
|
|
||||||
platforms = "Posix",
|
|
||||||
cmdclass = {
|
|
||||||
- 'build_py': build_py, 'build_scripts': build_scripts,
|
|
||||||
- 'install_scripts': install_scripts_f2b, 'install': install_command_f2b
|
|
||||||
+ 'build_py': build_py_2to3 if _2to3 else build_py,
|
|
||||||
+ 'build_scripts': build_scripts_2to3 if _2to3 else build_scripts,
|
|
||||||
+ 'install_scripts': install_scripts_f2b,
|
|
||||||
+ 'install': install_command_f2b
|
|
||||||
},
|
|
||||||
scripts = [
|
|
||||||
'bin/fail2ban-client',
|
|
||||||
--
|
|
||||||
2.15.1
|
|
||||||
|
|
||||||
|
|
|
@ -1,11 +1,13 @@
|
||||||
--- a/files/debian-initd
|
Index: fail2ban/files/debian-initd
|
||||||
+++ b/files/debian-initd
|
===================================================================
|
||||||
@@ -28,7 +28,7 @@ NAME=fail2ban
|
--- fail2ban.orig/files/debian-initd
|
||||||
|
+++ fail2ban/files/debian-initd
|
||||||
|
@@ -28,7 +28,7 @@ NAME="fail2ban"
|
||||||
|
|
||||||
# fail2ban-client is not a daemon itself but starts a daemon and
|
# fail2ban-client is not a daemon itself but starts a daemon and
|
||||||
# loads its with configuration
|
# loads its with configuration
|
||||||
-DAEMON=/usr/local/bin/$NAME-client
|
-DAEMON="/usr/local/bin/$NAME-client"
|
||||||
+DAEMON=/usr/bin/$NAME-client
|
+DAEMON="/usr/bin/$NAME-client"
|
||||||
SCRIPTNAME=/etc/init.d/$NAME
|
SCRIPTNAME="/etc/init.d/$NAME"
|
||||||
|
|
||||||
# Ad-hoc way to parse out socket file name
|
# Ad-hoc way to parse out socket file name
|
||||||
|
|
|
@ -2,25 +2,29 @@ From: Yaroslav Halchenko <debian@onerussian.com>
|
||||||
Date: Fri, 8 Feb 2008 00:40:57 -0500
|
Date: Fri, 8 Feb 2008 00:40:57 -0500
|
||||||
Subject: tune ups in upstream manpages to direct users to use reportbug
|
Subject: tune ups in upstream manpages to direct users to use reportbug
|
||||||
|
|
||||||
--- a/man/fail2ban-client.1
|
Index: fail2ban/man/fail2ban-client.1
|
||||||
+++ b/man/fail2ban-client.1
|
===================================================================
|
||||||
@@ -437,7 +437,7 @@ the action <ACT> for <JAIL>
|
--- fail2ban.orig/man/fail2ban-client.1
|
||||||
|
+++ fail2ban/man/fail2ban-client.1
|
||||||
|
@@ -470,7 +470,7 @@ the action <ACT> for <JAIL>
|
||||||
.SH FILES
|
.SH FILES
|
||||||
\fI/etc/fail2ban/*\fR
|
\fI/etc/fail2ban/*\fR
|
||||||
.SH "REPORTING BUGS"
|
.SH "REPORTING BUGS"
|
||||||
-Report bugs to https://github.com/fail2ban/fail2ban/issues
|
-Report bugs to https://github.com/fail2ban/fail2ban/issues
|
||||||
+Report bugs via Debian bug tracking system \fIhttp://www.debian.org/Bugs/\fR .
|
+Report bugs via Debian bug tracking system \fIhttp://www.debian.org/Bugs/\fR .
|
||||||
.SH COPYRIGHT
|
.SH "SEE ALSO"
|
||||||
Copyright \(co 2004\-2008 Cyril Jaquier, 2008\- Fail2Ban Contributors
|
.br
|
||||||
.br
|
fail2ban-server(1)
|
||||||
--- a/man/fail2ban-server.1
|
Index: fail2ban/man/fail2ban-server.1
|
||||||
+++ b/man/fail2ban-server.1
|
===================================================================
|
||||||
|
--- fail2ban.orig/man/fail2ban-server.1
|
||||||
|
+++ fail2ban/man/fail2ban-server.1
|
||||||
@@ -69,7 +69,7 @@ display this help message
|
@@ -69,7 +69,7 @@ display this help message
|
||||||
\fB\-V\fR, \fB\-\-version\fR
|
\fB\-V\fR, \fB\-\-version\fR
|
||||||
print the version
|
print the version (\fB\-V\fR returns machine\-readable short format)
|
||||||
.SH "REPORTING BUGS"
|
.SH "REPORTING BUGS"
|
||||||
-Report bugs to https://github.com/fail2ban/fail2ban/issues
|
-Report bugs to https://github.com/fail2ban/fail2ban/issues
|
||||||
+Report bugs via Debian bug tracking system \fIhttp://www.debian.org/Bugs/\fR .
|
+Report bugs via Debian bug tracking system \fIhttp://www.debian.org/Bugs/\fR .
|
||||||
.SH COPYRIGHT
|
.SH "SEE ALSO"
|
||||||
Copyright \(co 2004\-2008 Cyril Jaquier, 2008\- Fail2Ban Contributors
|
.br
|
||||||
.br
|
fail2ban-client(1)
|
||||||
|
|
|
@ -15,13 +15,15 @@ Origin: Fedora, Debian
|
||||||
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871993
|
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871993
|
||||||
Last-Update: 2018-04-04
|
Last-Update: 2018-04-04
|
||||||
|
|
||||||
--- a/files/fail2ban.service.in
|
Index: fail2ban/files/fail2ban.service.in
|
||||||
+++ b/files/fail2ban.service.in
|
===================================================================
|
||||||
|
--- fail2ban.orig/files/fail2ban.service.in
|
||||||
|
+++ fail2ban/files/fail2ban.service.in
|
||||||
@@ -2,7 +2,7 @@
|
@@ -2,7 +2,7 @@
|
||||||
Description=Fail2Ban Service
|
Description=Fail2Ban Service
|
||||||
Documentation=man:fail2ban(1)
|
Documentation=man:fail2ban(1)
|
||||||
After=network.target iptables.service firewalld.service ip6tables.service ipset.service
|
After=network.target iptables.service firewalld.service ip6tables.service ipset.service nftables.service
|
||||||
-PartOf=iptables.service firewalld.service ip6tables.service ipset.service
|
-PartOf=iptables.service firewalld.service ip6tables.service ipset.service nftables.service
|
||||||
+PartOf=firewalld.service
|
+PartOf=firewalld.service
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
|
|
Loading…
Reference in New Issue