diff options
Diffstat (limited to 'net-analyzer/fail2ban')
-rw-r--r-- | net-analyzer/fail2ban/Manifest | 4 | ||||
-rw-r--r-- | net-analyzer/fail2ban/fail2ban-1.0.2-r2.ebuild (renamed from net-analyzer/fail2ban/fail2ban-1.0.1.ebuild) | 32 | ||||
-rw-r--r-- | net-analyzer/fail2ban/fail2ban-1.0.2-r3.ebuild (renamed from net-analyzer/fail2ban/fail2ban-0.11.2-r4.ebuild) | 52 | ||||
-rw-r--r-- | net-analyzer/fail2ban/fail2ban-1.1.0.ebuild | 135 | ||||
-rw-r--r-- | net-analyzer/fail2ban/fail2ban-9999.ebuild | 52 | ||||
-rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-2to3-usage.patch | 109 | ||||
-rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-py3.10-collections.patch | 33 | ||||
-rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-systemd-test.patch | 22 | ||||
-rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-tests-for-2021.patch | 50 | ||||
-rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-0.11.2-upstream-openrc.patch | 247 | ||||
-rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-1.0.2-configreader-warning.patch | 19 | ||||
-rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-1.0.2-umask-tests.patch | 45 |
12 files changed, 268 insertions, 532 deletions
diff --git a/net-analyzer/fail2ban/Manifest b/net-analyzer/fail2ban/Manifest index 44e3f95a0485..54681ec36bc0 100644 --- a/net-analyzer/fail2ban/Manifest +++ b/net-analyzer/fail2ban/Manifest @@ -1,2 +1,2 @@ -DIST fail2ban-0.11.2.tar.gz 559552 BLAKE2B 0c61c1d5f6eb23d585533fbb84e69343cb305df188537a97002489318292c6056447c4c221c9d4d4cde6cca52f0c2fb877b597957f703e4d6707801a646e52b0 SHA512 46b27abd947b00ea64106dbac563ef8afef38eec86684024d47d9a0e8c1969ff864ad6df7f4f8de2aa3eb1af6d769fb6796592d9f0e35521d5f95f17b8cade97 -DIST fail2ban-1.0.1.tar.gz 582122 BLAKE2B 1fe1e5b3d6a1790304c29066b7a8edcb5a6ea11bea6fd8a2bf5f42a4725db1d5bfdd9ed1215a51bfc0eeccafa8a0e93c45940e897ceba7335965126f9b913ab0 SHA512 a4d0ee5405225b1ec950f3209bc304c1168c644d06309a187d77119f6bea12c382db046130a86411aad4210b458a16ee092269dc7953400950969a34550c6da5 +DIST fail2ban-1.0.2.tar.gz 583295 BLAKE2B 84eb5e3487c4db734f4f0a36af142d520e1cc53c2960893ee2f05ff4e78133860be59ed9580fa0d972509a03c17e5d9458b8e3f6b470a4c3154f10911f94691e SHA512 688a84361b5794e1658f53d2d200ce752fe1e3320ddb1742c32c4b4b82a79ace16ae464e7ea3eeb94a0e862bcac73c2d3a0e61dd7b28e179a4c857f950d74dbb +DIST fail2ban-1.1.0.tar.gz 603854 BLAKE2B f7c2d3a1e5b5cdca1f26d92cefe75958bb61b87ad1cf316380b91527c96f3261e5665478c5fbb053f6419956dda934c8ef3ce837af2819b1b1c8d162246fc15f SHA512 9bff7b9c41e58a953901800468e5c4153c9db6af01c7eb18111ad8620b40d03a0771020472fb759b2809d250e2bb45471e6c7e8283e72ea48290ecf7bf921821 diff --git a/net-analyzer/fail2ban/fail2ban-1.0.1.ebuild b/net-analyzer/fail2ban/fail2ban-1.0.2-r2.ebuild index cf108a52442c..bac3914820d3 100644 --- a/net-analyzer/fail2ban/fail2ban-1.0.1.ebuild +++ b/net-analyzer/fail2ban/fail2ban-1.0.2-r2.ebuild @@ -1,10 +1,10 @@ -# Copyright 1999-2022 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 DISTUTILS_SINGLE_IMPL=1 -PYTHON_COMPAT=( python3_{8..11} ) +PYTHON_COMPAT=( python3_{10..11} ) inherit bash-completion-r1 distutils-r1 systemd tmpfiles @@ -16,7 +16,7 @@ if [[ ${PV} == *9999 ]] ; then inherit git-r3 else SRC_URI="https://github.com/fail2ban/fail2ban/archive/${PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~sparc ~x86" + KEYWORDS="~alpha amd64 arm arm64 ~loong ppc ppc64 ~riscv sparc x86" fi LICENSE="GPL-2" @@ -29,10 +29,8 @@ RDEPEND=" selinux? ( sec-policy/selinux-fail2ban ) systemd? ( $(python_gen_cond_dep ' - || ( - dev-python/python-systemd[${PYTHON_USEDEP}] - sys-apps/systemd[python(-),${PYTHON_USEDEP}] - )' 'python*' ) + dev-python/python-systemd[${PYTHON_USEDEP}] + ') ) " @@ -40,6 +38,8 @@ DOCS=( ChangeLog DEVELOP README.md THANKS TODO doc/run-rootless.txt ) PATCHES=( "${FILESDIR}"/${PN}-0.11.2-adjust-apache-logs-paths.patch + "${FILESDIR}"/${PN}-1.0.2-umask-tests.patch + "${FILESDIR}"/${P}-configreader-warning.patch ) python_prepare_all() { @@ -56,13 +56,15 @@ python_compile() { } python_test() { + # Skip testRepairDb for bug #907348 (didn't always fail..) bin/fail2ban-testcases \ --no-network \ --no-gamin \ + --ignore databasetestcase.DatabaseTest.testRepairDb \ --verbosity=4 || die "Tests failed with ${EPYTHON}" # Workaround for bug #790251 - rm -r fail2ban.egg-info || die + rm -rf fail2ban.egg-info || die } python_install_all() { @@ -100,7 +102,7 @@ pkg_preinst() { pkg_postinst() { tmpfiles_process ${PN}-tmpfiles.conf - if [[ ${previous_less_than_0_7} = 0 ]] ; then + if [[ ${previous_less_than_0_7} == 0 ]] ; then elog elog "Configuration files are now in /etc/fail2ban/" elog "You probably have to manually update your configuration" @@ -113,10 +115,9 @@ pkg_postinst() { elog "http://www.fail2ban.org/wiki/index.php/HOWTO_Upgrade_from_0.6_to_0.8" fi - if ! has_version dev-python/pyinotify && ! has_version app-admin/gamin ; then - elog "For most jail.conf configurations, it is recommended you install either" - elog "dev-python/pyinotify or app-admin/gamin (in order of preference)" - elog "to control how log file modifications are detected" + if ! has_version dev-python/pyinotify ; then + elog "For most jail.conf configurations, it is recommended you install" + elog "dev-python/pyinotify to control how log file modifications are detected" fi if ! has_version dev-lang/python[sqlite] ; then @@ -125,9 +126,4 @@ pkg_postinst() { elog "persistent database feature, then you should set" elog "dbfile = :memory: in fail2ban.conf accordingly." fi - - if has_version sys-apps/systemd[-python] ; then - elog "If you want to track logins through sys-apps/systemd's" - elog "journal backend, then reinstall sys-apps/systemd with USE=python" - fi } diff --git a/net-analyzer/fail2ban/fail2ban-0.11.2-r4.ebuild b/net-analyzer/fail2ban/fail2ban-1.0.2-r3.ebuild index ffabcf3a0b71..fd9d7373924e 100644 --- a/net-analyzer/fail2ban/fail2ban-0.11.2-r4.ebuild +++ b/net-analyzer/fail2ban/fail2ban-1.0.2-r3.ebuild @@ -1,21 +1,22 @@ -# Copyright 1999-2022 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -EAPI=7 +EAPI=8 -PYTHON_COMPAT=( python3_{8..10} ) DISTUTILS_SINGLE_IMPL=1 +PYTHON_COMPAT=( python3_{10..12} ) inherit bash-completion-r1 distutils-r1 systemd tmpfiles DESCRIPTION="Scans log files and bans IPs that show malicious signs" HOMEPAGE="https://www.fail2ban.org/" + if [[ ${PV} == *9999 ]] ; then - EGIT_REPO_URI="https://github.com/${PN}/${PN}" + EGIT_REPO_URI="https://github.com/fail2ban/fail2ban" inherit git-r3 else - SRC_URI="https://github.com/${PN}/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="~alpha amd64 arm arm64 hppa ppc ppc64 sparc x86" + SRC_URI="https://github.com/fail2ban/fail2ban/archive/${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~alpha amd64 arm arm64 ~loong ppc ppc64 ~riscv sparc x86" fi LICENSE="GPL-2" @@ -23,27 +24,26 @@ SLOT="0" IUSE="selinux systemd" RDEPEND=" + $(python_gen_cond_dep ' + dev-python/pyasyncore[${PYTHON_USEDEP}] + dev-python/pyasynchat[${PYTHON_USEDEP}] + ' 3.12) virtual/logger virtual/mta selinux? ( sec-policy/selinux-fail2ban ) systemd? ( $(python_gen_cond_dep ' - || ( - dev-python/python-systemd[${PYTHON_USEDEP}] - sys-apps/systemd[python(-),${PYTHON_USEDEP}] - )' 'python*' ) + dev-python/python-systemd[${PYTHON_USEDEP}] + ') ) " DOCS=( ChangeLog DEVELOP README.md THANKS TODO doc/run-rootless.txt ) PATCHES=( - "${FILESDIR}"/${P}-fix-tests-for-2021.patch "${FILESDIR}"/${PN}-0.11.2-adjust-apache-logs-paths.patch - "${FILESDIR}"/${P}-fix-2to3-usage.patch - "${FILESDIR}"/${P}-fix-systemd-test.patch - "${FILESDIR}"/${P}-fix-py3.10-collections.patch - "${FILESDIR}"/${P}-upstream-openrc.patch + "${FILESDIR}"/${PN}-1.0.2-umask-tests.patch + "${FILESDIR}"/${P}-configreader-warning.patch ) python_prepare_all() { @@ -52,6 +52,9 @@ python_prepare_all() { # Replace /var/run with /run, but not in the top source directory find . -mindepth 2 -type f -exec \ sed -i -e 's|/var\(/run/fail2ban\)|\1|g' {} + || die + + # Incompatible with Python 3.12 in 1.0.x, 9999 uses dev-python/aiosmtpd. + rm fail2ban/tests/action_d/test_smtp.py || die } python_compile() { @@ -60,13 +63,16 @@ python_compile() { } python_test() { + # Skip testRepairDb for bug #907348 (didn't always fail..) + # https://github.com/fail2ban/fail2ban/issues/3586 bin/fail2ban-testcases \ --no-network \ --no-gamin \ + --ignore databasetestcase.DatabaseTest.testRepairDb \ --verbosity=4 || die "Tests failed with ${EPYTHON}" # Workaround for bug #790251 - rm -r fail2ban.egg-info || die + rm -rf fail2ban.egg-info || die } python_install_all() { @@ -104,7 +110,7 @@ pkg_preinst() { pkg_postinst() { tmpfiles_process ${PN}-tmpfiles.conf - if [[ ${previous_less_than_0_7} = 0 ]] ; then + if [[ ${previous_less_than_0_7} == 0 ]] ; then elog elog "Configuration files are now in /etc/fail2ban/" elog "You probably have to manually update your configuration" @@ -117,10 +123,9 @@ pkg_postinst() { elog "http://www.fail2ban.org/wiki/index.php/HOWTO_Upgrade_from_0.6_to_0.8" fi - if ! has_version dev-python/pyinotify && ! has_version app-admin/gamin ; then - elog "For most jail.conf configurations, it is recommended you install either" - elog "dev-python/pyinotify or app-admin/gamin (in order of preference)" - elog "to control how log file modifications are detected" + if ! has_version dev-python/pyinotify ; then + elog "For most jail.conf configurations, it is recommended you install" + elog "dev-python/pyinotify to control how log file modifications are detected" fi if ! has_version dev-lang/python[sqlite] ; then @@ -129,9 +134,4 @@ pkg_postinst() { elog "persistent database feature, then you should set" elog "dbfile = :memory: in fail2ban.conf accordingly." fi - - if has_version sys-apps/systemd[-python] ; then - elog "If you want to track logins through sys-apps/systemd's" - elog "journal backend, then reinstall sys-apps/systemd with USE=python" - fi } diff --git a/net-analyzer/fail2ban/fail2ban-1.1.0.ebuild b/net-analyzer/fail2ban/fail2ban-1.1.0.ebuild new file mode 100644 index 000000000000..8f83d3ea20cf --- /dev/null +++ b/net-analyzer/fail2ban/fail2ban-1.1.0.ebuild @@ -0,0 +1,135 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DISTUTILS_SINGLE_IMPL=1 +PYTHON_COMPAT=( python3_{10..12} ) + +inherit bash-completion-r1 distutils-r1 systemd tmpfiles + +DESCRIPTION="Scans log files and bans IPs that show malicious signs" +HOMEPAGE="https://www.fail2ban.org/" + +if [[ ${PV} == *9999 ]] ; then + EGIT_REPO_URI="https://github.com/fail2ban/fail2ban" + inherit git-r3 +else + SRC_URI="https://github.com/fail2ban/fail2ban/archive/${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86" +fi + +LICENSE="GPL-2" +SLOT="0" +IUSE="selinux systemd test" +RESTRICT="!test? ( test )" + +RDEPEND=" + $(python_gen_cond_dep ' + dev-python/pyasyncore[${PYTHON_USEDEP}] + dev-python/pyasynchat[${PYTHON_USEDEP}] + ' 3.12) + virtual/logger + virtual/mta + selinux? ( sec-policy/selinux-fail2ban ) + systemd? ( + $(python_gen_cond_dep ' + dev-python/python-systemd[${PYTHON_USEDEP}] + ') + ) +" +BDEPEND=" + test? ( + $(python_gen_cond_dep ' + dev-python/aiosmtpd[${PYTHON_USEDEP}] + ') + ) +" + +DOCS=( ChangeLog DEVELOP README.md THANKS TODO doc/run-rootless.txt ) + +PATCHES=( + "${FILESDIR}"/${PN}-0.11.2-adjust-apache-logs-paths.patch + "${FILESDIR}"/${PN}-1.0.2-umask-tests.patch +) + +python_prepare_all() { + distutils-r1_python_prepare_all + + # Replace /var/run with /run, but not in the top source directory + find . -mindepth 2 -type f -exec \ + sed -i -e 's|/var\(/run/fail2ban\)|\1|g' {} + || die +} + +python_test() { + # Skip testRepairDb for bug #907348 (didn't always fail..) + # https://github.com/fail2ban/fail2ban/issues/3586 + bin/fail2ban-testcases \ + --no-network \ + --ignore databasetestcase.DatabaseTest.testRepairDb \ + --verbosity=4 || die "Tests failed with ${EPYTHON}" + + # Workaround for bug #790251 + rm -rf fail2ban.egg-info || die +} + +python_install_all() { + distutils-r1_python_install_all + + rm -rf "${ED}"/usr/share/doc/${PN} "${ED}"/run || die + + newconfd files/fail2ban-openrc.conf ${PN} + + # These two are placed in the ${BUILD_DIR} after being "built" + # in install_scripts(). + newinitd "${BUILD_DIR}/fail2ban-openrc.init" "${PN}" + systemd_dounit "${BUILD_DIR}/${PN}.service" + + dotmpfiles files/${PN}-tmpfiles.conf + + doman man/*.{1,5} + + # Use INSTALL_MASK if you do not want to touch /etc/logrotate.d. + # See http://thread.gmane.org/gmane.linux.gentoo.devel/35675 + insinto /etc/logrotate.d + newins files/${PN}-logrotate ${PN} + + keepdir /var/lib/${PN} + + newbashcomp files/bash-completion ${PN}-client + bashcomp_alias ${PN}-client ${PN}-server ${PN}-regex +} + +pkg_preinst() { + has_version "<${CATEGORY}/${PN}-0.7" + previous_less_than_0_7=$? +} + +pkg_postinst() { + tmpfiles_process ${PN}-tmpfiles.conf + + if [[ ${previous_less_than_0_7} == 0 ]] ; then + elog + elog "Configuration files are now in /etc/fail2ban/" + elog "You probably have to manually update your configuration" + elog "files before restarting Fail2Ban!" + elog + elog "Fail2Ban is not installed under /usr/lib anymore. The" + elog "new location is under /usr/share." + elog + elog "You are upgrading from version 0.6.x, please see:" + elog "http://www.fail2ban.org/wiki/index.php/HOWTO_Upgrade_from_0.6_to_0.8" + fi + + if ! has_version dev-python/pyinotify ; then + elog "For most jail.conf configurations, it is recommended you install" + elog "dev-python/pyinotify to control how log file modifications are detected" + fi + + if ! has_version dev-lang/python[sqlite] ; then + elog "If you want to use ${PN}'s persistent database, then reinstall" + elog "dev-lang/python with USE=sqlite. If you do not use the" + elog "persistent database feature, then you should set" + elog "dbfile = :memory: in fail2ban.conf accordingly." + fi +} diff --git a/net-analyzer/fail2ban/fail2ban-9999.ebuild b/net-analyzer/fail2ban/fail2ban-9999.ebuild index cf108a52442c..8f83d3ea20cf 100644 --- a/net-analyzer/fail2ban/fail2ban-9999.ebuild +++ b/net-analyzer/fail2ban/fail2ban-9999.ebuild @@ -1,10 +1,10 @@ -# Copyright 1999-2022 Gentoo Authors +# Copyright 1999-2024 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=8 DISTUTILS_SINGLE_IMPL=1 -PYTHON_COMPAT=( python3_{8..11} ) +PYTHON_COMPAT=( python3_{10..12} ) inherit bash-completion-r1 distutils-r1 systemd tmpfiles @@ -16,23 +16,33 @@ if [[ ${PV} == *9999 ]] ; then inherit git-r3 else SRC_URI="https://github.com/fail2ban/fail2ban/archive/${PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~sparc ~x86" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86" fi LICENSE="GPL-2" SLOT="0" -IUSE="selinux systemd" +IUSE="selinux systemd test" +RESTRICT="!test? ( test )" RDEPEND=" + $(python_gen_cond_dep ' + dev-python/pyasyncore[${PYTHON_USEDEP}] + dev-python/pyasynchat[${PYTHON_USEDEP}] + ' 3.12) virtual/logger virtual/mta selinux? ( sec-policy/selinux-fail2ban ) systemd? ( $(python_gen_cond_dep ' - || ( - dev-python/python-systemd[${PYTHON_USEDEP}] - sys-apps/systemd[python(-),${PYTHON_USEDEP}] - )' 'python*' ) + dev-python/python-systemd[${PYTHON_USEDEP}] + ') + ) +" +BDEPEND=" + test? ( + $(python_gen_cond_dep ' + dev-python/aiosmtpd[${PYTHON_USEDEP}] + ') ) " @@ -40,6 +50,7 @@ DOCS=( ChangeLog DEVELOP README.md THANKS TODO doc/run-rootless.txt ) PATCHES=( "${FILESDIR}"/${PN}-0.11.2-adjust-apache-logs-paths.patch + "${FILESDIR}"/${PN}-1.0.2-umask-tests.patch ) python_prepare_all() { @@ -50,19 +61,16 @@ python_prepare_all() { sed -i -e 's|/var\(/run/fail2ban\)|\1|g' {} + || die } -python_compile() { - ./fail2ban-2to3 || die - distutils-r1_python_compile -} - python_test() { + # Skip testRepairDb for bug #907348 (didn't always fail..) + # https://github.com/fail2ban/fail2ban/issues/3586 bin/fail2ban-testcases \ --no-network \ - --no-gamin \ + --ignore databasetestcase.DatabaseTest.testRepairDb \ --verbosity=4 || die "Tests failed with ${EPYTHON}" # Workaround for bug #790251 - rm -r fail2ban.egg-info || die + rm -rf fail2ban.egg-info || die } python_install_all() { @@ -100,7 +108,7 @@ pkg_preinst() { pkg_postinst() { tmpfiles_process ${PN}-tmpfiles.conf - if [[ ${previous_less_than_0_7} = 0 ]] ; then + if [[ ${previous_less_than_0_7} == 0 ]] ; then elog elog "Configuration files are now in /etc/fail2ban/" elog "You probably have to manually update your configuration" @@ -113,10 +121,9 @@ pkg_postinst() { elog "http://www.fail2ban.org/wiki/index.php/HOWTO_Upgrade_from_0.6_to_0.8" fi - if ! has_version dev-python/pyinotify && ! has_version app-admin/gamin ; then - elog "For most jail.conf configurations, it is recommended you install either" - elog "dev-python/pyinotify or app-admin/gamin (in order of preference)" - elog "to control how log file modifications are detected" + if ! has_version dev-python/pyinotify ; then + elog "For most jail.conf configurations, it is recommended you install" + elog "dev-python/pyinotify to control how log file modifications are detected" fi if ! has_version dev-lang/python[sqlite] ; then @@ -125,9 +132,4 @@ pkg_postinst() { elog "persistent database feature, then you should set" elog "dbfile = :memory: in fail2ban.conf accordingly." fi - - if has_version sys-apps/systemd[-python] ; then - elog "If you want to track logins through sys-apps/systemd's" - elog "journal backend, then reinstall sys-apps/systemd with USE=python" - fi } diff --git a/net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-2to3-usage.patch b/net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-2to3-usage.patch deleted file mode 100644 index 9098d096e8ad..000000000000 --- a/net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-2to3-usage.patch +++ /dev/null @@ -1,109 +0,0 @@ -https://github.com/fail2ban/fail2ban/commit/7f22c4873aed3b5ffce0953f079f3c1977297c9a -https://github.com/fail2ban/fail2ban/commit/5ac303df8a171f748330d4c645ccbf1c2c7f3497 -https://github.com/fail2ban/fail2ban/commit/d6b884f3b72b8a42b21da863836569ef6836c2ea -https://github.com/fail2ban/fail2ban/issues/3098 -https://bugs.gentoo.org/818733 - -From: "Sergey G. Brester" <serg.brester@sebres.de> -Date: Sun, 19 Sep 2021 18:36:02 +0200 -Subject: [PATCH] remove 2to3 in setup (should be called outside before setup) - ---- a/setup.py -+++ b/setup.py -@@ -39,14 +39,6 @@ - if setuptools is None: - from distutils.command.install import install - from distutils.command.install_scripts import install_scripts --try: -- # python 3.x -- from distutils.command.build_py import build_py_2to3 -- from distutils.command.build_scripts import build_scripts_2to3 -- _2to3 = True --except ImportError: -- # python 2.x -- _2to3 = False - - import os - from os.path import isfile, join, isdir, realpath - -From: sebres <info@sebres.de> -Date: Sun, 19 Sep 2021 18:49:18 +0200 -Subject: [PATCH] fix gh-3098: build fails with error in fail2ban setup - command: use_2to3 is invalid (setuptools 58+) - ---- a/setup.py -+++ b/setup.py -@@ -48,7 +48,7 @@ - from glob import glob - - from fail2ban.setup import updatePyExec -- -+from fail2ban.version import version - - source_dir = os.path.realpath(os.path.dirname( - # __file__ seems to be overwritten sometimes on some python versions (e.g. bug of 2.6 by running under cProfile, etc.): -@@ -112,22 +112,12 @@ def update_scripts(self, dry_run=False): - # Wrapper to specify fail2ban own options: - class install_command_f2b(install): - user_options = install.user_options + [ -- ('disable-2to3', None, 'Specify to deactivate 2to3, e.g. if the install runs from fail2ban test-cases.'), - ('without-tests', None, 'without tests files installation'), - ] - def initialize_options(self): -- self.disable_2to3 = None - self.without_tests = not with_tests - install.initialize_options(self) - def finalize_options(self): -- global _2to3 -- ## in the test cases 2to3 should be already done (fail2ban-2to3): -- if self.disable_2to3: -- _2to3 = False -- if _2to3: -- cmdclass = self.distribution.cmdclass -- cmdclass['build_py'] = build_py_2to3 -- cmdclass['build_scripts'] = build_scripts_2to3 - if self.without_tests: - self.distribution.scripts.remove('bin/fail2ban-testcases') - -@@ -178,7 +168,6 @@ def run(self): - if setuptools: - setup_extra = { - 'test_suite': "fail2ban.tests.utils.gatherTests", -- 'use_2to3': True, - } - else: - setup_extra = {} -@@ -202,9 +191,6 @@ def run(self): - ('/usr/share/doc/fail2ban', doc_files) - ) - --# Get version number, avoiding importing fail2ban. --# This is due to tests not functioning for python3 as 2to3 takes place later --exec(open(join("fail2ban", "version.py")).read()) - - setup( - name = "fail2ban", -From: sebres <info@sebres.de> -Date: Sun, 19 Sep 2021 18:52:34 +0200 -Subject: [PATCH] amend to fix gh-3098: no option `--disable-2to3` anymore - ---- a/fail2ban/tests/misctestcase.py -+++ b/fail2ban/tests/misctestcase.py -@@ -111,7 +111,7 @@ def testSetupInstallDryRun(self): - supdbgout = ' >/dev/null 2>&1' if unittest.F2B.log_level >= logging.DEBUG else '' # HEAVYDEBUG - try: - # try dry-run: -- os.system("%s %s --dry-run install --disable-2to3 --root=%s%s" -+ os.system("%s %s --dry-run install --root=%s%s" - % (sys.executable, self.setup , tmp, supdbgout)) - # check nothing was created: - self.assertTrue(not os.listdir(tmp)) -@@ -127,7 +127,7 @@ def testSetupInstallRoot(self): - # suppress stdout (and stderr) if not heavydebug - supdbgout = ' >/dev/null' if unittest.F2B.log_level >= logging.DEBUG else '' # HEAVYDEBUG - try: -- self.assertEqual(os.system("%s %s install --disable-2to3 --root=%s%s" -+ self.assertEqual(os.system("%s %s install --root=%s%s" - % (sys.executable, self.setup, tmp, supdbgout)), 0) - - def strippath(l): diff --git a/net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-py3.10-collections.patch b/net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-py3.10-collections.patch deleted file mode 100644 index 6cf4e194b089..000000000000 --- a/net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-py3.10-collections.patch +++ /dev/null @@ -1,33 +0,0 @@ ---- a/fail2ban/server/action.py -+++ b/fail2ban/server/action.py -@@ -30,7 +30,7 @@ import tempfile - import threading - import time - from abc import ABCMeta --from collections import MutableMapping -+from collections.abc import MutableMapping - - from .failregex import mapTag2Opt - from .ipdns import DNSUtils ---- a/fail2ban/server/actions.py -+++ b/fail2ban/server/actions.py -@@ -28,7 +28,7 @@ import logging - import os - import sys - import time --from collections import Mapping -+from collections.abc import Mapping - try: - from collections import OrderedDict - except ImportError: ---- a/fail2ban/server/jails.py -+++ b/fail2ban/server/jails.py -@@ -22,7 +22,7 @@ __copyright__ = "Copyright (c) 2004 Cyril Jaquier, 2013- Yaroslav Halchenko" - __license__ = "GPL" - - from threading import Lock --from collections import Mapping -+from collections.abc import Mapping - - from ..exceptions import DuplicateJailException, UnknownJailException - from .jail import Jail diff --git a/net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-systemd-test.patch b/net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-systemd-test.patch deleted file mode 100644 index 865ce19912bb..000000000000 --- a/net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-systemd-test.patch +++ /dev/null @@ -1,22 +0,0 @@ -https://github.com/fail2ban/fail2ban/pull/3037 -https://bugs.gentoo.org/794931 - -From: Mike Gilbert <floppym@gentoo.org> -Date: Tue, 8 Jun 2021 17:48:12 -0400 -Subject: [PATCH] tests: improve detection of readable systemd journal - -Look for system.journal in journal sub-directory. -Add -readable to the find command. - -Bug: https://bugs.gentoo.org/794931 ---- a/fail2ban/tests/filtertestcase.py -+++ b/fail2ban/tests/filtertestcase.py -@@ -1396,7 +1396,7 @@ def _getRuntimeJournal(self): - # check one at at time until the first hit - for systemd_var in 'system-runtime-logs', 'system-state-logs': - tmp = Utils.executeCmd( -- 'find "$(systemd-path %s)" -name system.journal' % systemd_var, -+ 'find "$(systemd-path %s)/journal" -name system.journal -readable' % systemd_var, - timeout=10, shell=True, output=True - ) - self.assertTrue(tmp) diff --git a/net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-tests-for-2021.patch b/net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-tests-for-2021.patch deleted file mode 100644 index 36193b181933..000000000000 --- a/net-analyzer/fail2ban/files/fail2ban-0.11.2-fix-tests-for-2021.patch +++ /dev/null @@ -1,50 +0,0 @@ -https://github.com/fail2ban/fail2ban/issues/2904 - -From 747d4683221b5584f9663695fb48145689b42ceb Mon Sep 17 00:00:00 2001 -From: sebres <info@sebres.de> -Date: Mon, 4 Jan 2021 02:42:38 +0100 -Subject: [PATCH] fixes century selector of %ExY and %Exy in datepattern for - tests, considering interval from 2005 (alternate now) to now; + better - grouping algorithm for resulting century RE - ---- - fail2ban/server/strptime.py | 24 ++++++++++++++++++++++-- - 1 file changed, 22 insertions(+), 2 deletions(-) - -diff --git a/fail2ban/server/strptime.py b/fail2ban/server/strptime.py -index 1464a96d1f..39fc795865 100644 ---- a/fail2ban/server/strptime.py -+++ b/fail2ban/server/strptime.py -@@ -36,10 +36,30 @@ def _getYearCentRE(cent=(0,3), distance=3, now=(MyTime.now(), MyTime.alternateNo - Thereby respect possible run in the test-cases (alternate date used there) - """ - cent = lambda year, f=cent[0], t=cent[1]: str(year)[f:t] -+ def grp(exprset): -+ c = None -+ if len(exprset) > 1: -+ for i in exprset: -+ if c is None or i[0:-1] == c: -+ c = i[0:-1] -+ else: -+ c = None -+ break -+ if not c: -+ for i in exprset: -+ if c is None or i[0] == c: -+ c = i[0] -+ else: -+ c = None -+ break -+ if c: -+ return "%s%s" % (c, grp([i[len(c):] for i in exprset])) -+ return ("(?:%s)" % "|".join(exprset) if len(exprset[0]) > 1 else "[%s]" % "".join(exprset)) \ -+ if len(exprset) > 1 else "".join(exprset) - exprset = set( cent(now[0].year + i) for i in (-1, distance) ) - if len(now) and now[1]: -- exprset |= set( cent(now[1].year + i) for i in (-1, distance) ) -- return "(?:%s)" % "|".join(exprset) if len(exprset) > 1 else "".join(exprset) -+ exprset |= set( cent(now[1].year + i) for i in xrange(-1, now[0].year-now[1].year+1, distance) ) -+ return grp(sorted(list(exprset))) - - timeRE = TimeRE() - diff --git a/net-analyzer/fail2ban/files/fail2ban-0.11.2-upstream-openrc.patch b/net-analyzer/fail2ban/files/fail2ban-0.11.2-upstream-openrc.patch deleted file mode 100644 index bbe655124d36..000000000000 --- a/net-analyzer/fail2ban/files/fail2ban-0.11.2-upstream-openrc.patch +++ /dev/null @@ -1,247 +0,0 @@ -https://github.com/fail2ban/fail2ban/pull/2182 - -diff --git a/MANIFEST b/MANIFEST -index 48c751a0..c2df1e51 100644 ---- a/MANIFEST -+++ b/MANIFEST -@@ -393,8 +393,8 @@ files/fail2ban.service.in - files/fail2ban-tmpfiles.conf - files/fail2ban.upstart - files/gen_badbots --files/gentoo-confd --files/gentoo-initd -+files/fail2ban-openrc.conf -+files/fail2ban-openrc.init.in - files/ipmasq-ZZZzzz_fail2ban.rul - files/logwatch/fail2ban - files/logwatch/fail2ban-0.8.log -diff --git a/files/fail2ban-openrc.conf b/files/fail2ban-openrc.conf -new file mode 100644 -index 00000000..9454ef68 ---- /dev/null -+++ b/files/fail2ban-openrc.conf -@@ -0,0 +1,2 @@ -+# For available options, please run "fail2ban-server --help". -+#FAIL2BAN_OPTIONS="-x" -diff --git a/files/fail2ban-openrc.init.in b/files/fail2ban-openrc.init.in -new file mode 100755 -index 00000000..2c56ee3a ---- /dev/null -+++ b/files/fail2ban-openrc.init.in -@@ -0,0 +1,86 @@ -+#!/sbin/openrc-run -+# This file is part of Fail2Ban. -+# -+# Fail2Ban is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 2 of the License, or -+# (at your option) any later version. -+# -+# Fail2Ban is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with Fail2Ban; if not, write to the Free Software -+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -+# -+# Author: Sireyessire, Cyril Jaquier -+# -+ -+description="Ban hosts that cause multiple authentication errors" -+description_reload="reload configuration without dropping bans" -+extra_started_commands="reload" -+ -+# Can't (and shouldn't) be changed by the end-user. -+# -+# Note that @BINDIR@ is already supplied by the build system. Some -+# day, it might be nice to have @RUNDIR@ supplied by the build system -+# as well, so that we don't have to hard-code /run here. -+FAIL2BAN_RUNDIR="/run/${RC_SVCNAME}" -+FAIL2BAN_SOCKET="${FAIL2BAN_RUNDIR}/${RC_SVCNAME}.sock" -+ -+# The fail2ban-client program is also capable of starting and stopping -+# the server, but things are simpler if we let start-stop-daemon do it. -+command="@BINDIR@/fail2ban-server" -+pidfile="${FAIL2BAN_RUNDIR}/${RC_SVCNAME}.pid" -+ -+# We force the pidfile/socket location in this service script because -+# we're taking responsibility for ensuring that their parent directory -+# exists and has the correct permissions (which we can't do if the -+# user is allowed to change them). -+command_args="${FAIL2BAN_OPTIONS} -p ${pidfile} -s ${FAIL2BAN_SOCKET}" -+retry="30" -+ -+depend() { -+ use logger -+ after iptables -+} -+ -+checkconfig() { -+ "${command}" ${command_args} --test -+} -+ -+start_pre() { -+ # If this isn't a restart, make sure that the user's config isn't -+ # busted before we try to start the daemon (this will produce -+ # better error messages than if we just try to start it blindly). -+ # -+ # If, on the other hand, this *is* a restart, then the stop_pre -+ # action will have ensured that the config is usable and we don't -+ # need to do that again. -+ if [ "${RC_CMD}" != "restart" ] ; then -+ checkconfig || return $? -+ fi -+ checkpath -d "${FAIL2BAN_RUNDIR}" -+} -+ -+stop_pre() { -+ # If this is a restart, check to make sure the user's config -+ # isn't busted before we stop the running daemon. -+ if [ "${RC_CMD}" = "restart" ] ; then -+ checkconfig || return $? -+ fi -+} -+ -+reload() { -+ # The fail2ban-client uses an undocumented protocol to tell -+ # the server to reload(), so we have to use it here rather -+ # than e.g. sending a signal to the server daemon. Note that -+ # the reload will fail (on the server side) if the new config -+ # is invalid; we therefore don't need to test it ourselves -+ # with checkconfig() before initiating the reload. -+ ebegin "Reloading ${RC_SVCNAME}" -+ "@BINDIR@/fail2ban-client" ${command_args} reload -+ eend $? "Failed to reload ${RC_SVCNAME}" -+} -diff --git a/files/gentoo-confd b/files/gentoo-confd -deleted file mode 100644 -index 00d19f8b..00000000 ---- a/files/gentoo-confd -+++ /dev/null -@@ -1,8 +0,0 @@ --# Config file for /etc/init.d/fail2ban --# --# For information on options, see "/usr/bin/fail2ban-client -h". -- --FAIL2BAN_OPTIONS="" -- --# Force execution of the server even if the socket already exists: --#FAIL2BAN_OPTIONS="-x" -diff --git a/files/gentoo-initd b/files/gentoo-initd -deleted file mode 100755 -index 0fb157cd..00000000 ---- a/files/gentoo-initd -+++ /dev/null -@@ -1,60 +0,0 @@ --#!/sbin/openrc-run --# This file is part of Fail2Ban. --# --# Fail2Ban is free software; you can redistribute it and/or modify --# it under the terms of the GNU General Public License as published by --# the Free Software Foundation; either version 2 of the License, or --# (at your option) any later version. --# --# Fail2Ban is distributed in the hope that it will be useful, --# but WITHOUT ANY WARRANTY; without even the implied warranty of --# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --# GNU General Public License for more details. --# --# You should have received a copy of the GNU General Public License --# along with Fail2Ban; if not, write to the Free Software --# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. --# --# Author: Sireyessire, Cyril Jaquier --# -- --description="Daemon to ban hosts that cause multiple authentication errors" --description_reload="reload configuration" --description_showlog="show fail2ban logs" --extra_started_commands="reload showlog" -- --FAIL2BAN="/usr/bin/fail2ban-client ${FAIL2BAN_OPTIONS}" -- --depend() { -- need net -- need logger -- after iptables --} -- --start() { -- ebegin "Starting fail2ban" -- mkdir -p /var/run/fail2ban || return 1 -- # remove stalled sock file after system crash -- # bug 347477 -- rm -f /var/run/fail2ban/fail2ban.sock || return 1 -- start-stop-daemon --start --pidfile /var/run/fail2ban/fail2ban.pid \ -- -- ${FAIL2BAN} start -- eend $? "Failed to start fail2ban" --} -- --stop() { -- ebegin "Stopping fail2ban" -- start-stop-daemon --stop --pidfile /var/run/fail2ban/fail2ban.pid --retry 30 \ -- -- ${FAIL2BAN} stop -- eend $? "Failed to stop fail2ban" --} -- --reload() { -- ebegin "Reloading fail2ban" -- ${FAIL2BAN} reload -- eend $? "Failed to reload fail2ban" --} -- --showlog(){ -- less /var/log/fail2ban.log --} -diff --git a/setup.py b/setup.py -index 98413273..91f71cf2 100755 ---- a/setup.py -+++ b/setup.py -@@ -89,24 +89,27 @@ class install_scripts_f2b(install_scripts): - if install_dir.startswith(root): - install_dir = install_dir[len(root):] - except: # pragma: no cover -- print('WARNING: Cannot find root-base option, check the bin-path to fail2ban-scripts in "fail2ban.service".') -- print('Creating %s/fail2ban.service (from fail2ban.service.in): @BINDIR@ -> %s' % (buildroot, install_dir)) -- with open(os.path.join(source_dir, 'files/fail2ban.service.in'), 'r') as fn: -- lines = fn.readlines() -- fn = None -- if not dry_run: -- fn = open(os.path.join(buildroot, 'fail2ban.service'), 'w') -- try: -- for ln in lines: -- ln = re.sub(r'@BINDIR@', lambda v: install_dir, ln) -- if dry_run: -- sys.stdout.write(' | ' + ln) -- continue -- fn.write(ln) -- finally: -- if fn: fn.close() -- if dry_run: -- print(' `') -+ print('WARNING: Cannot find root-base option, check the bin-path to fail2ban-scripts in "fail2ban.service" and "fail2ban-openrc.init".') -+ -+ scripts = ['fail2ban.service', 'fail2ban-openrc.init'] -+ for script in scripts: -+ print('Creating %s/%s (from %s.in): @BINDIR@ -> %s' % (buildroot, script, script, install_dir)) -+ with open(os.path.join(source_dir, 'files/%s.in' % script), 'r') as fn: -+ lines = fn.readlines() -+ fn = None -+ if not dry_run: -+ fn = open(os.path.join(buildroot, script), 'w') -+ try: -+ for ln in lines: -+ ln = re.sub(r'@BINDIR@', lambda v: install_dir, ln) -+ if dry_run: -+ sys.stdout.write(' | ' + ln) -+ continue -+ fn.write(ln) -+ finally: -+ if fn: fn.close() -+ if dry_run: -+ print(' `') - - - # Wrapper to specify fail2ban own options: diff --git a/net-analyzer/fail2ban/files/fail2ban-1.0.2-configreader-warning.patch b/net-analyzer/fail2ban/files/fail2ban-1.0.2-configreader-warning.patch new file mode 100644 index 000000000000..748e507e4a26 --- /dev/null +++ b/net-analyzer/fail2ban/files/fail2ban-1.0.2-configreader-warning.patch @@ -0,0 +1,19 @@ +https://github.com/fail2ban/fail2ban/commit/432e7e1 + +From 432e7e1e93936f09e349e80d94254e5f43d0cc8a Mon Sep 17 00:00:00 2001 +From: "Sergey G. Brester" <serg.brester@sebres.de> +Date: Mon, 28 Nov 2022 13:21:15 +0100 +Subject: [PATCH] no warning if no config value but default (debug message now) + +closes #3420 +--- a/fail2ban/client/configreader.py ++++ b/fail2ban/client/configreader.py +@@ -277,7 +277,7 @@ def getOptions(self, sec, options, pOptions=None, shouldExist=False, convert=Tru + # TODO: validate error handling here. + except NoOptionError: + if not optvalue is None: +- logSys.warning("'%s' not defined in '%s'. Using default one: %r" ++ logSys.debug("'%s' not defined in '%s'. Using default one: %r" + % (optname, sec, optvalue)) + values[optname] = optvalue + # elif logSys.getEffectiveLevel() <= logLevel: diff --git a/net-analyzer/fail2ban/files/fail2ban-1.0.2-umask-tests.patch b/net-analyzer/fail2ban/files/fail2ban-1.0.2-umask-tests.patch new file mode 100644 index 000000000000..8feca43412ec --- /dev/null +++ b/net-analyzer/fail2ban/files/fail2ban-1.0.2-umask-tests.patch @@ -0,0 +1,45 @@ +Avoid corrupting umask permanently in the testdir because of fail2ban/server/server.py::start. + +In particular: +* https://bugs.gentoo.org/659010#c11 +* https://bugs.gentoo.org/790251#c10 +* https://bugs.gentoo.org/907350 + +But see also the many dupes. +--- a/fail2ban/tests/fail2banclienttestcase.py ++++ b/fail2ban/tests/fail2banclienttestcase.py +@@ -23,6 +23,7 @@ __author__ = "Serg Brester" + __copyright__ = "Copyright (c) 2014- Serg G. Brester (sebres), 2008- Fail2Ban Contributors" + __license__ = "GPL" + ++import atexit + import fileinput + import os + import re +@@ -40,6 +41,14 @@ from ..client.fail2bancmdline import Fail2banCmdLine + from ..client.fail2banclient import exec_command_line as _exec_client, CSocket, VisualWait + from ..client.fail2banserver import Fail2banServer, exec_command_line as _exec_server + from .. import protocol ++ ++def current_umask(): ++ tmp = os.umask(0o022) ++ os.umask(tmp) ++ return tmp ++ ++old_umask = current_umask() ++ + from ..server import server + from ..server.mytime import MyTime + from ..server.utils import Utils +@@ -48,6 +57,11 @@ from .utils import LogCaptureTestCase, logSys as DefLogSys, with_tmpdir, shutil, + + from ..helpers import getLogger + ++def restore_umask(): ++ os.umask(old_umask) ++ ++atexit.register(restore_umask) ++ + # Gets the instance of the logger. + logSys = getLogger(__name__) + |