rebase of the patches with the new upstream release

2020-01-12 23:31:42 +01:00 · 2020-01-12 23:31:42 +01:00 · 592e59ad97
parent 5cbc262406
commit 592e59ad97
8 changed files with 36 additions and 132 deletions
--- a/debian/patches/0001-BF-RF-test-for-being-a-root-to-check-if-actually-can.patch
+++ b/debian/patches/0001-BF-RF-test-for-being-a-root-to-check-if-actually-can.patch
@ -8,27 +8,3 @@ Subject: [PATCH] BF: RF test for "being a root" to check if actually can read
 fail2ban/tests/filtertestcase.py | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

-diff --git a/fail2ban/tests/filtertestcase.py b/fail2ban/tests/filtertestcase.py
-index b707beb5..40cf51f9 100644
--- a/fail2ban/tests/filtertestcase.py
-+++ b/fail2ban/tests/filtertestcase.py
-@@ -675,7 +675,15 @@ class LogFileMonitor(LogCaptureTestCase):
- 		os.chmod(self.name, 0)
- 		self.filter.getFailures(self.name)
- 		failure_was_logged = self._is_logged('Unable to open %s' % self.name)
-		is_root = getpass.getuser() == 'root'
-+		# verify that we cannot access the file. Checking by name of user is not
-+		# sufficient since could be a fakeroot or some other super-user
-+		try:
-+			with open(self.name) as f:
-+				f.read()
-+			is_root = True
-+		except IOError:
-+			is_root = False
-+
- 		# If ran as root, those restrictive permissions would not
- 		# forbid log to be read.
- 		self.assertTrue(failure_was_logged != is_root)
-- 
-2.15.1
-
--- a/debian/patches/0001-BF-use-tests.utils.CONFIG_DIR-instead-of-hardcoded-c.patch
+++ b/debian/patches/0001-BF-use-tests.utils.CONFIG_DIR-instead-of-hardcoded-c.patch
@ -10,25 +10,3 @@ and thus cannot test in a build directory which is out of source
 fail2ban/tests/fail2banclienttestcase.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-diff --git a/fail2ban/tests/fail2banclienttestcase.py b/fail2ban/tests/fail2banclienttestcase.py
-index 1e2d1b33..65653a8e 100644
--- a/fail2ban/tests/fail2banclienttestcase.py
-+++ b/fail2ban/tests/fail2banclienttestcase.py
-@@ -44,13 +44,13 @@ from ..server import server
- from ..server.mytime import MyTime
- from ..server.utils import Utils
- from .utils import LogCaptureTestCase, logSys as DefLogSys, with_tmpdir, shutil, logging
-+from .utils import CONFIG_DIR as STOCK_CONF_DIR
- 
- from ..helpers import getLogger
- 
- # Gets the instance of the logger.
- logSys = getLogger(__name__)
- 
-STOCK_CONF_DIR = "config"
- STOCK = exists(pjoin(STOCK_CONF_DIR, 'fail2ban.conf'))
- 
- CLIENT = "fail2ban-client"
-- 
-2.15.1
-
--- a/debian/patches/0002-ENH-verify-that-use_stock_cfg-was-not-provided-while.patch
+++ b/debian/patches/0002-ENH-verify-that-use_stock_cfg-was-not-provided-while.patch
@ -10,19 +10,16 @@ so decided to make it more explicit
 fail2ban/tests/fail2banclienttestcase.py | 2 ++
 1 file changed, 2 insertions(+)

-diff --git a/fail2ban/tests/fail2banclienttestcase.py b/fail2ban/tests/fail2banclienttestcase.py
-index 65653a8e..94790b04 100644
--- a/fail2ban/tests/fail2banclienttestcase.py
-+++ b/fail2ban/tests/fail2banclienttestcase.py
-@@ -153,6 +153,8 @@ def _start_params(tmp, use_stock=False, use_stock_cfg=None,
+Index: fail2ban/fail2ban/tests/fail2banclienttestcase.py
+===================================================================
+--- fail2ban.orig/fail2ban/tests/fail2banclienttestcase.py
+++ fail2ban/fail2ban/tests/fail2banclienttestcase.py
+@@ -173,6 +173,8 @@ def _start_params(tmp, use_stock=False,
 			"""Filters list of 'files' to contain only directories (under dir)"""
 			return [f for f in files if isdir(pjoin(dir, f))]
 		shutil.copytree(STOCK_CONF_DIR, cfg, ignore=ig_dirs)
 +		assert use_stock_cfg is None, \
 +			"We are about to overload use_stock_cfg from the one provided %s" % repr(use_stock_cfg)
- 		use_stock_cfg = ('action.d', 'filter.d')
+ 		if use_stock_cfg is None: use_stock_cfg = ('action.d', 'filter.d')
 		# replace fail2ban params (database with memory):
 		r = re.compile(r'^dbfile\s*=')
-- 
-2.15.1
-
--- a/debian/patches/0003-BF-look-for-system.journal-also-under-system-state-l.patch
+++ b/debian/patches/0003-BF-look-for-system.journal-also-under-system-state-l.patch
@ -9,38 +9,3 @@ as it happens on Debian systems
 fail2ban/tests/filtertestcase.py | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

-diff --git a/fail2ban/tests/filtertestcase.py b/fail2ban/tests/filtertestcase.py
-index 1803974b..b707beb5 100644
--- a/fail2ban/tests/filtertestcase.py
-+++ b/fail2ban/tests/filtertestcase.py
-@@ -1173,11 +1173,22 @@ def get_monitor_failures_journal_testcase(Filter_): # pragma: systemd no cover
- 			super(MonitorJournalFailures, self).tearDown()
- 
- 		def _getRuntimeJournal(self):
-			# retrieve current system journal path
-			tmp = Utils.executeCmd('find "$(systemd-path system-runtime-logs)" -name system.journal', 
-				timeout=10, shell=True, output=True);
-			self.assertTrue(tmp)
-			return str(tmp[1].decode('utf-8')).split('\n')[0]
-+			"""Retrieve current system journal path
-+
-+			If none found, None will be returned
-+			"""
-+			# Depending on the system, it could be found under /run or /var/log (e.g. Debian)
-+			# which are pointed by different systemd-path variables.  We will
-+			# check one at at time until the first hit
-+			for systemd_var in 'system-runtime-logs', 'system-state-logs':
-+				tmp = Utils.executeCmd(
-+					'find "$(systemd-path %s)" -name system.journal' % systemd_var,
-+					timeout=10, shell=True, output=True
-+				)
-+				self.assertTrue(tmp)
-+				out = str(tmp[1].decode('utf-8')).split('\n')[0]
-+				if out:
-+					return out
- 
- 		def testJournalFilesArg(self):
- 			# retrieve current system journal path
-- 
-2.15.1
-
--- a/debian/patches/0004-BF-use-build_-_2to3-if-in-_2to3.patch
+++ b/debian/patches/0004-BF-use-build_-_2to3-if-in-_2to3.patch
@ -12,23 +12,3 @@ changed files etc
 setup.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

-diff --git a/setup.py b/setup.py
-index 8da29268..850f748f 100755
--- a/setup.py
-+++ b/setup.py
-@@ -208,8 +208,10 @@ setup(
- 	license = "GPL",
- 	platforms = "Posix",
- 	cmdclass = {
-		'build_py': build_py, 'build_scripts': build_scripts, 
-		'install_scripts': install_scripts_f2b, 'install': install_command_f2b
-+		'build_py': build_py_2to3 if _2to3 else build_py,
-+		'build_scripts': build_scripts_2to3 if _2to3 else build_scripts,
-+		'install_scripts': install_scripts_f2b,
-+		'install': install_command_f2b
- 	},
- 	scripts = [
- 		'bin/fail2ban-client',
-- 
-2.15.1
-
--- a/debian/patches/deb_init_paths
+++ b/debian/patches/deb_init_paths
@ -1,11 +1,13 @@
--- a/files/debian-initd
-+++ b/files/debian-initd
-@@ -28,7 +28,7 @@ NAME=fail2ban
+Index: fail2ban/files/debian-initd
+===================================================================
+--- fail2ban.orig/files/debian-initd
+++ fail2ban/files/debian-initd
+@@ -28,7 +28,7 @@ NAME="fail2ban"
 
 # fail2ban-client is not a daemon itself but starts a daemon and
 # loads its with configuration
-DAEMON=/usr/local/bin/$NAME-client
-+DAEMON=/usr/bin/$NAME-client
- SCRIPTNAME=/etc/init.d/$NAME
+-DAEMON="/usr/local/bin/$NAME-client"
+DAEMON="/usr/bin/$NAME-client"
+ SCRIPTNAME="/etc/init.d/$NAME"
 
 # Ad-hoc way to parse out socket file name
--- a/debian/patches/deb_manpages_reportbug
+++ b/debian/patches/deb_manpages_reportbug
@ -2,25 +2,29 @@ From: Yaroslav Halchenko <debian@onerussian.com>
 Date: Fri, 8 Feb 2008 00:40:57 -0500
 Subject: tune ups in upstream manpages to direct users to use reportbug

--- a/man/fail2ban-client.1
-+++ b/man/fail2ban-client.1
-@@ -437,7 +437,7 @@ the action <ACT> for <JAIL>
+Index: fail2ban/man/fail2ban-client.1
+===================================================================
+--- fail2ban.orig/man/fail2ban-client.1
+++ fail2ban/man/fail2ban-client.1
+@@ -470,7 +470,7 @@ the action <ACT> for <JAIL>
 .SH FILES
 \fI/etc/fail2ban/*\fR
 .SH "REPORTING BUGS"
 -Report bugs to https://github.com/fail2ban/fail2ban/issues
 +Report bugs via Debian bug tracking system \fIhttp://www.debian.org/Bugs/\fR .
- .SH COPYRIGHT
- Copyright \(co 2004\-2008 Cyril Jaquier, 2008\- Fail2Ban Contributors
+ .SH "SEE ALSO"
 .br 
--- a/man/fail2ban-server.1
-+++ b/man/fail2ban-server.1
+ fail2ban-server(1)
+Index: fail2ban/man/fail2ban-server.1
+===================================================================
+--- fail2ban.orig/man/fail2ban-server.1
+++ fail2ban/man/fail2ban-server.1
@@ -69,7 +69,7 @@ display this help message
 \fB\-V\fR, \fB\-\-version\fR
- print the version
+ print the version (\fB\-V\fR returns machine\-readable short format)
 .SH "REPORTING BUGS"
 -Report bugs to https://github.com/fail2ban/fail2ban/issues
 +Report bugs via Debian bug tracking system \fIhttp://www.debian.org/Bugs/\fR .
- .SH COPYRIGHT
- Copyright \(co 2004\-2008 Cyril Jaquier, 2008\- Fail2Ban Contributors
+ .SH "SEE ALSO"
 .br 
+ fail2ban-client(1)
--- a/debian/patches/deb_no_iptables_service
+++ b/debian/patches/deb_no_iptables_service
@ -15,13 +15,15 @@ Origin: Fedora, Debian
 Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871993
 Last-Update: 2018-04-04

--- a/files/fail2ban.service.in
-+++ b/files/fail2ban.service.in
+Index: fail2ban/files/fail2ban.service.in
+===================================================================
+--- fail2ban.orig/files/fail2ban.service.in
+++ fail2ban/files/fail2ban.service.in
@@ -2,7 +2,7 @@
 Description=Fail2Ban Service
 Documentation=man:fail2ban(1)
- After=network.target iptables.service firewalld.service ip6tables.service ipset.service
-PartOf=iptables.service firewalld.service ip6tables.service ipset.service
+ After=network.target iptables.service firewalld.service ip6tables.service ipset.service nftables.service
+-PartOf=iptables.service firewalld.service ip6tables.service ipset.service nftables.service
 +PartOf=firewalld.service
 
 [Service]