rpms/denyhosts/devel denyhosts-1.0.0-config.patch, NONE, 1.1 .cvsignore, 1.6, 1.7 README.fedora, 1.1, 1.2 denyhosts-0.9.8-daemon-control.patch, 1.1, 1.2 denyhosts.cron, 1.4, 1.5 denyhosts.init, 1.3, 1.4 denyhosts.spec, 1.8, 1.9 denyhosts.sysconfig, 1.1, 1.2 sources, 1.6, 1.7 denyhosts-0.8.0-config.patch, 1.1, NONE
Jason Tibbitts (tibbs)
fedora-extras-commits at redhat.com
Tue Aug 16 03:30:59 UTC 2005
Author: tibbs
Update of /cvs/extras/rpms/denyhosts/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8339
Modified Files:
.cvsignore README.fedora denyhosts-0.9.8-daemon-control.patch
denyhosts.cron denyhosts.init denyhosts.spec
denyhosts.sysconfig sources
Added Files:
denyhosts-1.0.0-config.patch
Removed Files:
denyhosts-0.8.0-config.patch
Log Message:
* Mon Aug 15 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 1.0.0-0
- Update to 1.0.0
- Add logrotate entry
- Clean up initscript
- Add notes on upgrading.
denyhosts-1.0.0-config.patch:
--- NEW FILE denyhosts-1.0.0-config.patch ---
--- denyhosts.cfg-dist.orig 2005-08-15 10:51:55.000000000 -0500
+++ denyhosts.cfg-dist 2005-08-15 22:26:21.788502326 -0500
@@ -47,13 +47,18 @@
# 'y' = years
#
# never purge:
-PURGE_DENY =
+#PURGE_DENY =
#
# purge entries older than 1 week
#PURGE_DENY = 1w
#
# purge entries older than 5 days
#PURGE_DENY = 5d
+#
+# For the default Fedora Extras install, we want timestamping but no
+# expiration (at least by default) so this is deliberately set high.
+# Adjust to taste.
+PURGE_DENY = 1y
#######################################################################
@@ -116,7 +121,7 @@
# Note: when run in daemon mode, this directory should be specified
# as an absolute path name (eg. /home/foo/denyhosts/data)
#
-WORK_DIR = denyhosts
+WORK_DIR = /var/lib/denyhosts
#
#######################################################################
@@ -175,7 +180,7 @@
# match your email address. If you do not want to receive these reports
# leave this field blank (or run with the --noemail option)
#
-ADMIN_EMAIL =
+ADMIN_EMAIL = root
#
#######################################################################
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/.cvsignore,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- .cvsignore 13 Aug 2005 20:28:27 -0000 1.6
+++ .cvsignore 16 Aug 2005 03:30:56 -0000 1.7
@@ -1 +1 @@
-DenyHosts-0.9.9.tar.gz
+DenyHosts-1.0.0.tar.gz
Index: README.fedora
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/README.fedora,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- README.fedora 22 Jul 2005 16:27:04 -0000 1.1
+++ README.fedora 16 Aug 2005 03:30:56 -0000 1.2
@@ -32,3 +32,13 @@
DenyHosts can also handle logs compressed with gzip or bzip2.
+Notes about upgrading
+---------------------
+If upgrading from DenyHosts 0.6.0 or earlier, note that this package
+does not run denyhosts --migrate to make the old entries expirable.
+This preserves any entries that may have been manually added. You
+can, of course, run this yourself.
+
+This package runs denyhosts --upgrade099 automatically to move any
+post-0.6.0 and pre-0.9.9 entries into the proper format.
+
denyhosts-0.9.8-daemon-control.patch:
Index: denyhosts-0.9.8-daemon-control.patch
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/denyhosts-0.9.8-daemon-control.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- denyhosts-0.9.8-daemon-control.patch 11 Aug 2005 19:36:28 -0000 1.1
+++ denyhosts-0.9.8-daemon-control.patch 16 Aug 2005 03:30:56 -0000 1.2
@@ -5,7 +5,7 @@
DENYHOSTS_BIN = "/usr/bin/denyhosts.py"
DENYHOSTS_LOCK = "/var/lock/subsys/denyhosts"
-DENYHOSTS_CFG = "/usr/share/denyhosts/denyhosts.cfg"
-+DENYHOSTS_CFG = "/etc/denyhosts.cfg"
++DENYHOSTS_CFG = "/etc/denyhosts.conf"
###############################################
Index: denyhosts.cron
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/denyhosts.cron,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- denyhosts.cron 11 Aug 2005 19:36:28 -0000 1.4
+++ denyhosts.cron 16 Aug 2005 03:30:56 -0000 1.5
@@ -1,7 +1,7 @@
# The Fedora default is to use daemon mode, but if you wish to have
# denyhosts run periodically, you can uncomment the appropriate two lines
-# edit /etc/sysconfig/denyhosts. (You will also have to start the "service"
-# and set it to run at boot if necessary.)
+# and edit /etc/sysconfig/denyhosts. (You will also have to start the
+# "service" and set it to run at boot if necessary.)
#
# Run denyhosts occasionally; adjust the time span to your liking
#*/10 * * * * root [ -f /var/lock/subsys/denyhosts.init ] && /usr/bin/denyhosts.py -c /etc/denyhosts.conf
Index: denyhosts.init
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/denyhosts.init,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- denyhosts.init 15 Aug 2005 16:21:11 -0000 1.3
+++ denyhosts.init 16 Aug 2005 03:30:56 -0000 1.4
@@ -15,7 +15,6 @@
# source function library
. /etc/rc.d/init.d/functions
-CONFIG=/etc/denyhosts.cfg
CONTROL=/usr/bin/denyhosts-control
CRONLOCK=/var/lock/subsys/denyhosts.init
LOCKFILE=/var/lock/subsys/denyhosts
@@ -54,12 +53,14 @@
echo $"Denyhosts is disabled."
RETVAL=3
fi
-}
+}
+
+
+d_start() { $CONTROL start; RETVAL=$?; }
+d_restart() { $CONTROL restart; RETVAL=$?; }
+d_stop() { $CONTROL stop; RETVAL=$?; }
+d_status() { $CONTROL status; RETVAL=$?; }
-d_start() {$CONTROL start --config=$CONFIG; RETVAL=$?}
-d_stop() {$CONTROL stop --config=$CONFIG; RETVAL=$?}
-d_restart() {$CONTROL restart --config=$CONFIG; RETVAL=$?}
-d_status() {$CONTROL status --config=$CONFIG; RETVAL=$?}
d_condrestart() {
# It's a layering violation to test the location of the
@@ -68,11 +69,11 @@
[ -f $LOCKFILE ] && d_restart
}
-start() {if [ $DAEMON = "yes" ]; then d_start; else c_start; fi}
-stop() {if [ $DAEMON = "yes" ]; then d_stop; else c_stop; fi}
-restart() {if [ $DAEMON = "yes" ]; then d_restart; else c_restart; fi}
-condrestart() {if [ $DAEMON = "yes" ]; then d_condrestart; else c_restart; fi}
-status() {if [ $DAEMON = "yes" ]; then d_status; else c_status; fi}
+start() { if [ $DAEMON = "yes" ]; then d_start; else c_start; fi }
+stop() { if [ $DAEMON = "yes" ]; then d_stop; else c_stop; fi }
+restart() { if [ $DAEMON = "yes" ]; then d_restart; else c_restart; fi }
+condrestart() { if [ $DAEMON = "yes" ]; then d_condrestart; else c_restart; fi }
+status() { if [ $DAEMON = "yes" ]; then d_status; else c_status; fi }
case "$1" in
start)
Index: denyhosts.spec
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/denyhosts.spec,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- denyhosts.spec 15 Aug 2005 16:21:11 -0000 1.8
+++ denyhosts.spec 16 Aug 2005 03:30:56 -0000 1.9
@@ -1,6 +1,6 @@
Name: denyhosts
-Version: 0.9.9
-Release: 1%{?dist}
+Version: 1.0.0
+release: 0%{?dist}
Summary: A script to help thwart ssh server attacks
Group: Applications/System
@@ -11,8 +11,9 @@
Source2: denyhosts.init
Source3: denyhosts-allowed-hosts
Source4: denyhosts.sysconfig
-Source5: README.fedora
-Patch0: denyhosts-0.8.0-config.patch
+Source5: denyhosts.logrotate
+Source6: README.fedora
+Patch0: denyhosts-1.0.0-config.patch
Patch1: denyhosts-0.9.8-setup.patch
Patch2: denyhosts-0.9.8-daemon-control.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -36,7 +37,7 @@
%patch1 -p0
%patch2 -p0
-cp %{SOURCE5} .
+cp %{SOURCE6} .
%build
@@ -47,18 +48,23 @@
rm -rf $RPM_BUILD_ROOT
python ./setup.py install --root=$RPM_BUILD_ROOT --record=%{name}.files
-install -d $RPM_BUILD_ROOT${_bindir}
-install -p -m 755 daemon-control-dist $RPM_BUILD_ROOT%{_bindir}/denyhosts-control
+install -d $RPM_BUILD_ROOT%{_bindir}
install -d $RPM_BUILD_ROOT%{_initrddir}
install -d $RPM_BUILD_ROOT%{_sysconfdir}/cron.d
+install -d $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
install -d -m 700 $RPM_BUILD_ROOT%{_localstatedir}/lib/denyhosts
+install -d $RPM_BUILD_ROOT%{_localstatedir}/log
install -p -m 600 denyhosts.cfg-dist $RPM_BUILD_ROOT%{_sysconfdir}/denyhosts.conf
+install -p -m 755 daemon-control-dist $RPM_BUILD_ROOT%{_bindir}/denyhosts-control
install -p -m 644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/cron.d/denyhosts
install -p -m 755 %{SOURCE2} $RPM_BUILD_ROOT%{_initrddir}/denyhosts
install -p -m 644 %{SOURCE3} $RPM_BUILD_ROOT%{_localstatedir}/lib/denyhosts/allowed-hosts
+install -p -m 644 %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/denyhosts
+
+touch $RPM_BUILD_ROOT%{_localstatedir}/log/denyhosts
for i in allowed-warned-hosts hosts offset suspicious-logins \
users-hosts users-invalid users-valid; do
@@ -70,16 +76,19 @@
rm -rf $RPM_BUILD_ROOT
+# Note that we do not automaticaly run --migrate, because we can't be
+# sure that all of the hosts.deny entries were created by denyhosts
%post
/sbin/chkconfig --add denyhosts
-/sbin/service denyhosts condrestart >> /dev/null
+%{_bindir}/denyhosts.py -c /etc/denyhosts.conf --upgrade099 || :
+/sbin/service denyhosts condrestart > /dev/null 2>&1
exit 0
%preun
if [ $1 = 0 ]; then
+ /sbin/service denyhosts stop > /dev/null 2>&1
/sbin/chkconfig --del denyhosts
- /sbin/service denyhosts stop >> /dev/null
fi
exit 0
@@ -90,8 +99,10 @@
%doc README.fedora README.txt setup.py
%config(noreplace) %{_sysconfdir}/denyhosts.conf
%config(noreplace) %{_sysconfdir}/cron.d/denyhosts
+%config(noreplace) %{_sysconfdir}/sysconfig/denyhosts
%config(noreplace) %{_localstatedir}/lib/denyhosts/allowed-hosts
+%ghost %{_localstatedir}/log/denyhosts
%ghost %{_localstatedir}/lib/denyhosts/allowed-warned-hosts
%ghost %{_localstatedir}/lib/denyhosts/hosts
%ghost %{_localstatedir}/lib/denyhosts/offset
@@ -106,7 +117,16 @@
%{_bindir}/denyhosts-control
%changelog
-* Sun Aug 14 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 0.9.9
+* Mon Aug 15 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 1.0.0-0
+- Update to 1.0.0
+- Add logrotate entry
+- Clean up initscript
+- Add notes on upgrading.
+
+* Mon Aug 15 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 0.9.9-2
+- Automatically upgrade the format of hosts.deny entries.
+
+* Sun Aug 14 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 0.9.9-1
- Framework for enabling daemon mode.
* Sat Aug 13 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 0.9.9-0
Index: denyhosts.sysconfig
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/denyhosts.sysconfig,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- denyhosts.sysconfig 15 Aug 2005 16:21:11 -0000 1.1
+++ denyhosts.sysconfig 16 Aug 2005 03:30:56 -0000 1.2
@@ -1,4 +1,4 @@
# Should DenyHosts run in daemon mode?
-# If set to "no", you also need to edit /etc/cron.d/denyhosts and
-# uncomment the appropriate lines.
+# If not set to "yes", you also need to edit /etc/cron.d/denyhosts
+# and uncomment the appropriate lines.
DAEMON=yes
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/sources,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- sources 13 Aug 2005 20:28:27 -0000 1.6
+++ sources 16 Aug 2005 03:30:56 -0000 1.7
@@ -1 +1 @@
-cda391b8724ecf7c9bb02162b9534a41 DenyHosts-0.9.9.tar.gz
+12633e88a120ccdbd604bd775b154a62 DenyHosts-1.0.0.tar.gz
--- denyhosts-0.8.0-config.patch DELETED ---
More information about the fedora-extras-commits
mailing list