ENH: order config as jail.conf, jail.d/*.conf, jail.local, jail.d/*.local. closes gh-388

11 years ago · d6d51e352c
parent 2d1bd54439
commit d6d51e352c
3 changed files with 27 additions and 9 deletions
--- a/client/configreader.py
+++ b/client/configreader.py
@ -54,16 +54,19 @@ class ConfigReader(SafeConfigParserWithIncludes):
 							  % self._basedir)
 		basename = os.path.join(self._basedir, filename)
 		logSys.debug("Reading configs for %s under %s "  % (basename, self._basedir))
-		config_files = [ basename + ".conf",
-						 basename + ".local" ]
-
-		# choose only existing ones
-		config_files = filter(os.path.exists, config_files)
+		config_files = [ basename + ".conf" ]

 		# possible further customizations under a .conf.d directory
 		config_dir = basename + '.d'
 		config_files += sorted(glob.glob('%s/*.conf' % config_dir))

+		config_files.append(basename + ".local")
+	
+		config_files += sorted(glob.glob('%s/*.local' % config_dir))
+
+		# choose only existing ones
+		config_files = filter(os.path.exists, config_files)
+
 		if len(config_files):
 			# at least one config exists and accessible
 			logSys.debug("Reading config files: " + ', '.join(config_files))
--- a/man/jail.conf.5
+++ b/man/jail.conf.5
@ -1,7 +1,10 @@
-.TH JAIL.CONF "5" "March 2013" "Fail2Ban" "Fail2Ban Configuration"
+.TH JAIL.CONF "10" "October 2013" "Fail2Ban" "Fail2Ban Configuration"
 .SH NAME
 jail.conf \- configuration for the fail2ban server
 .SH SYNOPSIS
+
+.I fail2ban.conf fail2ban.d/*.conf fail2ban.d/*.local
+
 .I jail.conf / jail.local

 .I action.d/*.conf action.d/*.local
@ -45,6 +48,15 @@ identical entries, parsed alphabetically, e.g.
 .RE
 .RE

+The order \fIjail\fR configuration is parsed is:
+
+jail.conf ,
+jail.d/*.conf (in alphabetical order), 
+jail.local, followed by
+jail.d/*.local (in alphabetical order).
+
+Likewise for fail2ban configuration.
+
 .SH DEFAULT
 The following options are applicable to all jails. Their meaning is described in the default \fIjail.conf\fR file.
 .TP
--- a/testcases/clientreadertestcase.py
+++ b/testcases/clientreadertestcase.py
@ -82,8 +82,6 @@ option = %s
 		self.assertEqual(self._getoption(), 1)
 		self._write("c.conf", "2")		# overwrite
 		self.assertEqual(self._getoption(), 2)
-		self._write("c.local", "3")		# add override in .local
-		self.assertEqual(self._getoption(), 3)
 		self._write("c.d/98.conf", "998") # add 1st override in .d/
 		self.assertEqual(self._getoption(), 998)
 		self._write("c.d/90.conf", "990") # add previously sorted override in .d/
@ -95,10 +93,15 @@ option = %s
 		self._remove("c.d/98.conf")
 		self.assertEqual(self._getoption(), 990)
 		self._remove("c.d/90.conf")
+		self.assertEqual(self._getoption(), 2)
+		self._write("c.local", "3")		# add override in .local
 		self.assertEqual(self._getoption(), 3)
+		self._write("c.d/5.local", "9")		# add override in c.d/*.local
+		self.assertEqual(self._getoption(), 9)
 		self._remove("c.conf")			#  we allow to stay without .conf
-		self.assertEqual(self._getoption(), 3)
+		self.assertEqual(self._getoption(), 9)
 		self._write("c.conf", "1")
+		self._remove("c.d/5.local")
 		self._remove("c.local")
 		self.assertEqual(self._getoption(), 1)