Commit 00b88513 authored by J0WI's avatar J0WI
Browse files

main/fail2ban: upgrade to 0.11.2

parent 9637a6d3
Pipeline #76621 failed with stages
in 4 minutes and 29 seconds
From ef7aeba83a6fb936c4dca847a69140c5b22c8000 Mon Sep 17 00:00:00 2001
From: sebres <serg.brester@sebres.de>
Date: Fri, 7 Feb 2020 11:08:01 +0100
Subject: [PATCH] amend to f3dbc9dda10e52610e3de26f538b5581fd905505: change
main thread-name back to `fail2ban-server`; implements new command line
option `--pname` to specify it by start of server (default
`fail2ban-server`); closes gh-2623 (revert change of main thread-name,
because it can affect process-name too, so `pgrep` & co. may be confused)
(cherry picked from commit 3f489070646b363aa0374681fe910f05521cd247)
---
fail2ban/client/fail2bancmdline.py | 3 ++-
fail2ban/server/server.py | 5 +++--
man/fail2ban-client.1 | 3 +++
man/fail2ban-server.1 | 3 +++
4 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/fail2ban/client/fail2bancmdline.py b/fail2ban/client/fail2bancmdline.py
index 1268ee9f..3c6bd0bf 100644
--- a/fail2ban/client/fail2bancmdline.py
+++ b/fail2ban/client/fail2bancmdline.py
@@ -97,6 +97,7 @@ class Fail2banCmdLine():
output(" -c <DIR> configuration directory")
output(" -s <FILE> socket path")
output(" -p <FILE> pidfile path")
+ output(" --pname <NAME> name of the process (main thread) to identify instance (default fail2ban-server)")
output(" --loglevel <LEVEL> logging level")
output(" --logtarget <TARGET> logging target, use file-name or stdout, stderr, syslog or sysout.")
output(" --syslogsocket auto|<FILE>")
@@ -185,7 +186,7 @@ class Fail2banCmdLine():
try:
cmdOpts = 'hc:s:p:xfbdtviqV'
cmdLongOpts = ['loglevel=', 'logtarget=', 'syslogsocket=', 'test', 'async',
- 'timeout=', 'str2sec=', 'help', 'version', 'dp', '--dump-pretty']
+ 'pname=', 'timeout=', 'str2sec=', 'help', 'version', 'dp', '--dump-pretty']
optList, self._args = getopt.getopt(self._argv[1:], cmdOpts, cmdLongOpts)
except getopt.GetoptError:
self.dispUsage()
diff --git a/fail2ban/server/server.py b/fail2ban/server/server.py
index 15265822..417f4514 100644
--- a/fail2ban/server/server.py
+++ b/fail2ban/server/server.py
@@ -81,8 +81,6 @@ class Server:
'Linux': '/dev/log',
}
self.__prev_signals = {}
- # replace real thread name with short process name (for top/ps/pstree or diagnostic):
- prctl_set_th_name('f2b/server')
def __sigTERMhandler(self, signum, frame): # pragma: no cover - indirect tested
logSys.debug("Caught signal %d. Exiting", signum)
@@ -113,6 +111,9 @@ class Server:
logSys.error(err)
raise ServerInitializationError(err)
# We are daemon.
+
+ # replace main thread (and process) name to identify server (for top/ps/pstree or diagnostic):
+ prctl_set_th_name(conf.get("pname", "fail2ban-server"))
# Set all logging parameters (or use default if not specified):
self.__verbose = conf.get("verbose", None)
diff --git a/man/fail2ban-client.1 b/man/fail2ban-client.1
index 745c080a..5727caf0 100644
--- a/man/fail2ban-client.1
+++ b/man/fail2ban-client.1
@@ -19,6 +19,9 @@ socket path
\fB\-p\fR <FILE>
pidfile path
.TP
+\fB\-\-pname\fR <NAME>
+name of the process (main thread) to identify instance (default fail2ban\-server)
+.TP
\fB\-\-loglevel\fR <LEVEL>
logging level
.TP
diff --git a/man/fail2ban-server.1 b/man/fail2ban-server.1
index 418b46dd..25c5ec96 100644
--- a/man/fail2ban-server.1
+++ b/man/fail2ban-server.1
@@ -19,6 +19,9 @@ socket path
\fB\-p\fR <FILE>
pidfile path
.TP
+\fB\-\-pname\fR <NAME>
+name of the process (main thread) to identify instance (default fail2ban\-server)
+.TP
\fB\-\-loglevel\fR <LEVEL>
logging level
.TP
--
2.20.1
......@@ -2,18 +2,16 @@
# Contributor: Jeff Bilyk <jbilyk@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=fail2ban
pkgver=0.11.1
pkgrel=4
pkgver=0.11.2
pkgrel=0
pkgdesc="Scans log files for login failures then updates iptables to reject originating ip address"
url="https://www.fail2ban.org"
arch="noarch !s390x" # test failures
url="https://www.fail2ban.org/"
arch="noarch"
license="GPL-2.0-or-later"
depends="python3 iptables ip6tables logrotate"
makedepends="python3-dev py3-setuptools bash"
subpackages="$pkgname-doc $pkgname-openrc"
source="$pkgname-$pkgver.tar.gz::https://github.com/fail2ban/fail2ban/archive/$pkgver.tar.gz
ec37b1942c4da76f7a0f71efe81bea6835466648.patch
0001-amend-to-f3dbc9dda10e52610e3de26f538b5581fd905505-ch.patch
fail2ban.confd
fail2ban.logrotate
alpine-ssh.jaild
......@@ -21,7 +19,7 @@ source="$pkgname-$pkgver.tar.gz::https://github.com/fail2ban/fail2ban/archive/$p
alpine-sshd-ddos.filterd
"
case "$CARCH" in
mips64|armhf) options="!check";;
s390x|mips64|armhf) options="!check";;
esac
build() {
......@@ -53,9 +51,7 @@ package() {
install -Dm644 -t "$pkgdir"/usr/share/man/man5 man/*.5
}
sha512sums="019b088aa6375f98742ed101ef6f65adabca3324444d71d5b8597a8d1d22fa76b9f503660f0498643fe24a3b8e4368de916072a1ab77b8e2ea3eda41c3e0c8c6 fail2ban-0.11.1.tar.gz
2d57fe7a7e3d1889dfa00ac33f5071069ed62f5fc0edb1e1827aedc47fae3a36d19c568b1721ba3a8e117f4ba6b3756d11942f2320b42864d45203f45761c7b6 ec37b1942c4da76f7a0f71efe81bea6835466648.patch
a4dbbcde8ba98368905e06a2d526c662f9087931bc1dab02dd85138d7fcd7d724cfdcee074b454f85def76f1a33d10f0c3b062d9bd777fd52ad73ea45df1dcc8 0001-amend-to-f3dbc9dda10e52610e3de26f538b5581fd905505-ch.patch
sha512sums="46b27abd947b00ea64106dbac563ef8afef38eec86684024d47d9a0e8c1969ff864ad6df7f4f8de2aa3eb1af6d769fb6796592d9f0e35521d5f95f17b8cade97 fail2ban-0.11.2.tar.gz
1e7581dd04e7777d6fd5c40cc842a7ec5f4e6a0374673d020d89dd61bf4093d48934844bee89bcac9084f9ae44f3beb66e714cf3c2763d79c3e8feb790c5e43b fail2ban.confd
ee1c229db970239ebc707cd484a650fcf2347c70b411728ee2a4a35a72f4118cfccecf2a221275603320e0332efcc16e4979201933cec1aef1c5d5a082fc4940 fail2ban.logrotate
84915967ae1276f1e14a5813680ee2ebf081af1ff452a688ae5f9ac3363f4aff90e39f8e6456b5c33d5699917d28a16308797095fd1ef9bb1fbcb46d4cea3def alpine-ssh.jaild
......
From ec37b1942c4da76f7a0f71efe81bea6835466648 Mon Sep 17 00:00:00 2001
From: sebres <serg.brester@sebres.de>
Date: Tue, 14 Jan 2020 11:39:13 +0100
Subject: [PATCH] action.d/nginx-block-map.conf: fixed backslash substitution
(different echo behavior in some shells, gh-2596)
---
config/action.d/nginx-block-map.conf | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/config/action.d/nginx-block-map.conf b/config/action.d/nginx-block-map.conf
index 0b6aa0ad7..ee702907e 100644
--- a/config/action.d/nginx-block-map.conf
+++ b/config/action.d/nginx-block-map.conf
@@ -103,6 +103,8 @@ actionstop = %(actionflush)s
actioncheck =
-actionban = echo "\\\\<fid> 1;" >> '%(blck_lst_file)s'; %(blck_lst_reload)s
+_echo_blck_row = printf '\%%s 1;\n' "<fid>"
-actionunban = id=$(echo "<fid>" | sed -e 's/[]\/$*.^|[]/\\&/g'); sed -i "/^\\\\$id 1;$/d" %(blck_lst_file)s; %(blck_lst_reload)s
+actionban = %(_echo_blck_row)s >> '%(blck_lst_file)s'; %(blck_lst_reload)s
+
+actionunban = id=$(%(_echo_blck_row)s | sed -e 's/[]\/$*.^|[]/\\&/g'); sed -i "/^$id$/d" %(blck_lst_file)s; %(blck_lst_reload)s
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment