Re: ports/164659: fail2ban overwrite config files

[ Available lists | Index of freebsd-ports-bugs | Month of Jan 2012 | Week of 31 Jan 2012 | Raw email | View thread | Wrap long lines | Reply | Tag ]
From
Matthias Fechner <idefix@fechner.net>
Date
31 Jan 2012 11:30:19
Subject
Re: ports/164659: fail2ban overwrite config files
Message-ID
201201311130.q0VBUJZZ093356@freefall.freebsd.org


[ Hide this part ] 
The following reply was made to PR ports/164659; it has been noted by GNATS.
 
From: Matthias Fechner <idefix@fechner.net>
To: FreeBSD-gnats-submit@FreeBSD.org, freebsd-ports-bugs@FreeBSD.org
Cc:
Subject: Re: ports/164659: fail2ban overwrite config files
Date: Tue, 31 Jan 2012 12:27:58 +0100
 
 This is a multi-part message in MIME format.
 --------------020808050508030908080707
 Content-Type: text/plain; charset=ISO-8859-15; format=flowed
 Content-Transfer-Encoding: 7bit
 
 what do you think about the attached patch?
 That should make clear how to configure and prevent the overwrite of the
 config file with an update.
 
 Bye
 Matthias
 
 --------------020808050508030908080707
 Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0";
  name="fail2ban.patch"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: attachment;
  filename="fail2ban.patch"
 
 diff -urN py-fail2ban.old/Makefile py-fail2ban/Makefile
 --- py-fail2ban.old/Makefile	2012-01-31 12:19:28.247134384 +0100
 +++ py-fail2ban/Makefile	2012-01-31 12:13:04.901139503 +0100
 @@ -23,6 +23,7 @@
  USE_PYDISTUTILS=	yes
 
  USE_RC_SUBR=	fail2ban
 +SUB_FILES=	pkg-message
  SUB_LIST+=	PYTHON_CMD=${PYTHON_CMD}
 
  PYDISTUTILS_INSTALLARGS+=	--install-purelib=${PYTHON_SITELIBDIR} \
 @@ -38,4 +39,7 @@
  post-patch:
  	@${ECHO_CMD} ${FILES} | ${XARGS} ${REINPLACE_CMD} -e 's,/etc/fail2ban,${ETCDIR},g'
 
 +post-install:
 +		@${CAT} ${PKGMESSAGE}
 +
  .include <bsd.port.mk>
 diff -urN py-fail2ban.old/files/pkg-message.in py-fail2ban/files/pkg-message.in
 --- py-fail2ban.old/files/pkg-message.in	1970-01-01 01:00:00.000000000 +0100
 +++ py-fail2ban/files/pkg-message.in	2012-01-31 12:18:31.331132519 +0100
 @@ -0,0 +1,19 @@
 +
 +To complete the configuration:
 +
 +1. Copy the standard config file to a local one:
 +      cp %%ETCDIR%%/jail.conf %%ETCDIR%%/jail.local
 +
 +2. Add new jails in the jail.local, e.g. for ssh:
 +[ssh-pf]
 +enabled = true
 +filter = bsd-sshd
 +action = pf[name=SSH, port=ssh, protocol=tcp]
 +logpath = /var/log/auth.log
 +
 +3. Enable fail2ban
 +   Edit /etc/rc.conf to enable it.
 +
 +4. Start it
 +   Use the start script in /usr/local/etc/rc.d/fail2ban start
 +
 
 --------------020808050508030908080707--
Elapsed time: 0.112 seconds