rpms/denyhosts/F-8 denyhosts-2.6-defconffile.patch, NONE, 1.1 denyhosts.init, 1.7, 1.8 denyhosts.spec, 1.45, 1.46 denyhosts.sysconfig, 1.2, 1.3
Jason ティビツ (tibbs)
fedora-extras-commits at redhat.com
Wed Jul 2 03:45:11 UTC 2008
- Previous message (by thread): rpms/denyhosts/F-9 denyhosts-2.6-defconffile.patch, NONE, 1.1 denyhosts.init, 1.8, 1.9 denyhosts.spec, 1.47, 1.48 denyhosts.sysconfig, 1.2, 1.3
- Next message (by thread): rpms/pidgin/devel pidgin-2.4.3-tcl852.patch, NONE, 1.1 pidgin.spec, 1.54, 1.55
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: tibbs
Update of /cvs/extras/rpms/denyhosts/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16334
Modified Files:
denyhosts.init denyhosts.spec denyhosts.sysconfig
Added Files:
denyhosts-2.6-defconffile.patch
Log Message:
* Tue Jul 01 2008 Jason L Tibbitts III <tibbs at math.uh.edu> - 2.6-10
- Fix initscript lockfile handling:
Stop creating the lockfile in the initscript.
Clean up stray lockfiles automatically.
Don't attempt to start the daemon if its already running.
- Various initscript cleanups.
- Set default configuration file location to match what we use.
- Make it easier to add extra options like --debug from the sysconfig file.
denyhosts-2.6-defconffile.patch:
--- NEW FILE denyhosts-2.6-defconffile.patch ---
diff -up ./DenyHosts/constants.py.defconffile ./DenyHosts/constants.py
--- ./DenyHosts/constants.py.defconffile 2008-07-01 18:12:34.000000000 -0500
+++ ./DenyHosts/constants.py 2008-07-01 18:12:43.000000000 -0500
@@ -36,7 +36,7 @@ PURGE_HISTORY = "purge-history"
# Miscellaneous constants #
#################################################################################
-CONFIG_FILE = "denyhosts.cfg" # default can be overridden on cmd line
+CONFIG_FILE = "/etc/denyhosts.conf" # default can be overridden on cmd line
DENY_DELIMITER = "# DenyHosts:"
ENTRY_DELIMITER = " | "
Index: denyhosts.init
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/F-8/denyhosts.init,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- denyhosts.init 24 Aug 2007 19:11:30 -0000 1.7
+++ denyhosts.init 2 Jul 2008 03:44:20 -0000 1.8
@@ -5,18 +5,26 @@
# /etc/sysconfig/denyhosts
#
# Author: Seth Vidal <skvidal at phy.duke.edu> (original script)
-# Jason Tibbitts <tibbs at math.uh.edu> (denyhost changes)
+# Jason Tibbitts <tibbs at math.uh.edu> (denyhost changes)
#
-# chkconfig: - 50 01
+# chkconfig: - 50 01
#
# description: Enable execution of denyhosts, an SSH log watcher
-# processname denyhosts
-# config: /etc/denyhosts.cfg
+# processname: denyhosts
+# config: /etc/denyhosts.cfg
#
### BEGIN INIT INFO
# Provides: denyhosts
# Required-Start: $syslog
# Short-Description: Enable execution of denyhosts, an SSH log watcher
+# Description: DenyHosts is a Python script that analyzes the sshd server
+# log messages to determine which hosts are attempting to
+# hack into your system. It also determines what user
+# accounts are being targeted. It keeps track of the
+# frequency of attempts from each host and, upon discovering
+# a repeated attack host, updates the /etc/hosts.deny file
+# to prevent future break-in attempts from that host. Email
+# reports can be sent to a system admin.
### END INIT INFO
# source function library
@@ -66,42 +74,51 @@
c_status() {
if [ -f $CRONLOCK ]; then
- echo $"denyhosts cron service is enabled."
- RETVAL=0
+ echo $"denyhosts cron service is enabled."
+ RETVAL=0
else
- echo $"denyhosts cron service is disabled."
- RETVAL=3
+ echo $"denyhosts cron service is disabled."
+ RETVAL=3
fi
}
# daemon service functions
d_start() {
echo -n $"Starting denyhosts: "
- daemon $DHOSTS $DOPTS
- RETVAL=$?
+
+ # There may be a stray lockfile; clean it up.
+ status -p $LOCKFILE $DHOSTS &> /dev/null
+ STATUS=$?
+ if [ $STATUS -eq 0 ]; then
+ echo -n $"Denyhosts already running."
+ failure
+ RETVAL=0
+ else
+ if [ $STATUS -eq 1 ]; then
+ echo -n $"Stray lockfile present; removing it."
+ rm -f $LOCKFILE
+ fi
+ daemon $DHOSTS $DOPTS $EXTRA_OPTIONS
+ RETVAL=$?
+ fi
echo
- [ $RETVAL -eq 0 ] && touch $LOCKFILE
}
d_stop() {
echo -n $"Stopping denyhosts: "
- # Some magic here since older versions stored the PID in the lockfile
- # instead of using a separate PID file
- # So if the lockfile has nonzero length, we use it as the PID file
- if [ -n $LOCKFILE ]; then
+ if [ -f $LOCKFILE ]; then
killproc -p $LOCKFILE $DHOSTS
RETVAL=$?
- else
- killproc $DHOSTS
- RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && rm -f $LOCKFILE
fi
- echo
- [ $RETVAL -eq 0 ] && rm -f $LOCKFILE
}
+# Upstream's control script sleeps here; copy that behavior just in case.
d_restart() {
d_stop
+ sleep 1;
d_start
}
@@ -110,7 +127,7 @@
}
d_status() {
- status $DHOSTS
+ status -p $LOCKFILE $DHOSTS
RETVAL=$?
}
Index: denyhosts.spec
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/F-8/denyhosts.spec,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -r1.45 -r1.46
--- denyhosts.spec 24 Aug 2007 19:11:30 -0000 1.45
+++ denyhosts.spec 2 Jul 2008 03:44:20 -0000 1.46
@@ -1,25 +1,26 @@
-Name: denyhosts
-Version: 2.6
-Release: 7%{?dist}
-Summary: A script to help thwart ssh server attacks
-
-Group: Applications/System
-License: GPLv2
-URL: http://denyhosts.sourceforge.net/
-Source0: http://dl.sourceforge.net/denyhosts/DenyHosts-%{version}.tar.gz
-Source1: denyhosts.cron
-Source2: denyhosts.init
-Source3: denyhosts-allowed-hosts
-Source4: denyhosts.sysconfig
-Source5: denyhosts.logrotate
-Source6: README.fedora
-Patch0: denyhosts-2.6-config.patch
-Patch1: denyhosts-2.4-setup.patch
-Patch2: denyhosts-2.2-daemon-control.patch
+Name: denyhosts
+Version: 2.6
+Release: 10%{?dist}
+Summary: A script to help thwart ssh server attacks
+
+Group: Applications/System
+License: GPLv2
+URL: http://denyhosts.sourceforge.net/
+Source0: http://dl.sourceforge.net/denyhosts/DenyHosts-%{version}.tar.gz
+Source1: denyhosts.cron
+Source2: denyhosts.init
+Source3: denyhosts-allowed-hosts
+Source4: denyhosts.sysconfig
+Source5: denyhosts.logrotate
+Source6: README.fedora
+Patch0: denyhosts-2.6-config.patch
+Patch1: denyhosts-2.4-setup.patch
+Patch2: denyhosts-2.2-daemon-control.patch
+Patch3: denyhosts-2.6-defconffile.patch
# Patch10 is a security fix
-Patch10: denyhosts-2.6-regex.patch
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildArch: noarch
+Patch10: denyhosts-2.6-regex.patch
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildArch: noarch
BuildRequires: python-devel
Requires: openssh-server
@@ -42,10 +43,16 @@
%patch0 -p0 -b .config
%patch1 -p0 -b .setup
%patch2 -p0 -b .daemon-control
+%patch3 -p0 -b .defconffile
%patch10 -p1 -b .regex
cp %{SOURCE6} .
+# Fix up non-utf8-ness
+for i in CHANGELOG.txt; do
+ iconv -f iso-8859-1 -t utf-8 < $i > $i. && touch -r $i $i. && mv -f $i. $i
+done
+
# This must be moved before the Python build process runs so that we
# can include it as documentation.
mv plugins/README.contrib .
@@ -124,7 +131,7 @@
%{_bindir}/denyhosts-control
%{_datadir}/denyhosts
-%{python_sitelib}/DenyHosts/
+%{python_sitelib}/*
%config(noreplace) %{_sysconfdir}/denyhosts.conf
%config(noreplace) %{_sysconfdir}/cron.d/denyhosts
@@ -151,6 +158,24 @@
%changelog
+* Tue Jul 01 2008 Jason L Tibbitts III <tibbs at math.uh.edu> - 2.6-10
+- Fix initscript lockfile handling:
+ Stop creating the lockfile in the initscript.
+ Clean up stray lockfiles automatically.
+ Don't attempt to start the daemon if its already running.
+- Various initscript cleanups.
+- Set default configuration file location to match what we use.
+- Make it easier to add extra options like --debug from the sysconfig file.
+
+* Fri Jan 04 2008 Jason L Tibbitts III <tibbs at math.uh.edu> - 2.6-9
+- Properly escape percent symbols in the changelog entries.
+
+* Thu Jan 03 2008 Jason L Tibbitts III <tibbs at math.uh.edu> - 2.6-8
+- Include everything under %%python_sitelib to pick up any egg-info files that
+ might be generated.
+- Silence file-not-utf8 rpmlint complaint.
+- Silence missing-mandatory-lsb-keyword rpmlint complaint.
+
* Thu Aug 23 2007 Jason L Tibbitts III <tibbs at math.uh.edu> - 2.6-7
- Init file tweaks including patch from Jonathan Underwood
(bug 188536).
@@ -200,7 +225,7 @@
- Fix permissions on plugins.
* Thu Mar 30 2006 Jason L Tibbitts III <tibbs at math.uh.edu> - 2.2-3
-- Switch from $RPM_BUILD_ROOT to %{buildroot} (looks cleaner).
+- Switch from $RPM_BUILD_ROOT to %%{buildroot} (looks cleaner).
- Rename the main executable from denyhosts.py to denyhosts.
* Wed Mar 29 2006 Jason L Tibbitts III <tibbs at math.uh.edu> - 2.2-2
@@ -230,7 +255,7 @@
- Delete stray .pyo and .pyc files that appear for no reason.
* Fri Jan 13 2006 Jason L Tibbitts III <tibbs at math.uh.edu> - 1.1.4-2
-- Clean up %post script; just call condrestart and don't bother with
+- Clean up %%post script; just call condrestart and don't bother with
the call to --upgrade099.
* Fri Jan 13 2006 Jason L Tibbitts III <tibbs at math.uh.edu> - 1.1.4-1
@@ -313,8 +338,8 @@
* Thu May 19 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 0.5.5-2
- Use dist tag
- Don't automatically enable at install time
-- Include %ghost'ed allowed-warned-hosts file
-- Use %ghost instead of including zero length files.
+- Include %%ghost'ed allowed-warned-hosts file
+- Use %%ghost instead of including zero length files.
- Source is at dl.sourceforge.net
* Thu May 12 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 0.5.5-1
Index: denyhosts.sysconfig
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/F-8/denyhosts.sysconfig,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- denyhosts.sysconfig 16 Aug 2005 03:30:56 -0000 1.2
+++ denyhosts.sysconfig 2 Jul 2008 03:44:20 -0000 1.3
@@ -2,3 +2,8 @@
# If not set to "yes", you also need to edit /etc/cron.d/denyhosts
# and uncomment the appropriate lines.
DAEMON=yes
+
+# Set EXTRA_OPTIONS to pass additional settings to denyhosts when run in daemon
+# mode.
+# For example, uncomment the following line to enable additional debugging.
+#EXTRA_OPTIONS="--debug"
- Previous message (by thread): rpms/denyhosts/F-9 denyhosts-2.6-defconffile.patch, NONE, 1.1 denyhosts.init, 1.8, 1.9 denyhosts.spec, 1.47, 1.48 denyhosts.sysconfig, 1.2, 1.3
- Next message (by thread): rpms/pidgin/devel pidgin-2.4.3-tcl852.patch, NONE, 1.1 pidgin.spec, 1.54, 1.55
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list