mirror of https://github.com/fail2ban/fail2ban
configreaders: don't swallow return code by decoding error (whole jail or fail2ban config failed to read due to some error like encoding etc), so dump or test of config would get an error at end (and coverage for #3971)
parent
8ae6eaf39a
commit
d02a613e89
|
@ -230,6 +230,7 @@ class ConfigReaderUnshared(SafeConfigParserWithIncludes):
|
|||
missed = [ cf for cf in config_files if cf not in config_files_read ]
|
||||
if missed:
|
||||
logSys.error("Could not read config files: %s", ', '.join(missed))
|
||||
return False
|
||||
if config_files_read:
|
||||
return True
|
||||
logSys.error("Found no accessible config files for %r under %s",
|
||||
|
|
|
@ -63,11 +63,13 @@ class Configurator:
|
|||
return fail2ban_basedir
|
||||
|
||||
def readEarly(self):
|
||||
self.__fail2ban.read()
|
||||
if not self.__fail2ban.read():
|
||||
raise LookupError("Read fail2ban configuration failed.")
|
||||
|
||||
def readAll(self):
|
||||
self.readEarly()
|
||||
self.__jails.read()
|
||||
if not self.__jails.read():
|
||||
raise LookupError("Read jails configuration failed.")
|
||||
|
||||
def getEarlyOptions(self):
|
||||
return self.__fail2ban.getEarlyOptions()
|
||||
|
|
|
@ -37,7 +37,7 @@ class Fail2banReader(ConfigReader):
|
|||
ConfigReader.__init__(self, **kwargs)
|
||||
|
||||
def read(self):
|
||||
ConfigReader.read(self, "fail2ban")
|
||||
return ConfigReader.read(self, "fail2ban")
|
||||
|
||||
def getEarlyOptions(self):
|
||||
opts = [
|
||||
|
|
|
@ -826,6 +826,23 @@ class Fail2banServerTest(Fail2banClientServerBase):
|
|||
"Errors in jail 'broken-jail'.",
|
||||
"ERROR: test configuration failed", all=True)
|
||||
|
||||
# disable jail in .local (shall be again OK):
|
||||
self.pruneLog("[test-phase 1]")
|
||||
_write_file(pjoin(cfg, "jail.local"), "a", "",
|
||||
"[broken-jail]", "enabled = false")
|
||||
self.execCmd(SUCCESS, startparams, "--test")
|
||||
self.assertLogged("OK: configuration test is successful")
|
||||
|
||||
# generate decoding error: ('utf-8' codec can't decode byte 0xfd):
|
||||
self.pruneLog("[test-phase 1a]")
|
||||
with open(pjoin(cfg, "jail.local"), "ab") as f:
|
||||
f.write(b"\n# invalid char \xfd")
|
||||
self.execCmd(FAILED, startparams, "-t")
|
||||
self.assertLogged("Could not read config files",
|
||||
"Read jails configuration failed.",
|
||||
"ERROR: test configuration failed", all=True)
|
||||
|
||||
|
||||
@with_tmpdir
|
||||
def testKillAfterStart(self, tmp):
|
||||
try:
|
||||
|
|
Loading…
Reference in New Issue