Prev
Next
# spec file based on and patches graciously taken from tpg@mandriva
Summary: Ban IP-addresses that result in too many password failures
Name: fail2ban
Version: 0.8.6
%define subrel 2
Release: %mkrel 3
License: GPLv2+
Group: System/Configuration/Networking
URL: http://www.fail2ban.org/
Source0: https://github.com/downloads/fail2ban/fail2ban/%{name}_%{version}.orig.tar.gz
Source1: %{name}-initscript
Source2: %{name}.service
Patch0: %{name}-0.8.2-jail-conf.patch
Patch3: %{name}-0.8.6-log-actions-to-SYSLOG.patch
Patch4: %{name}-0.8.6-escape-matches.patch
Patch5: %{name}-apache-dos.patch
Requires(post): rpm-helper >= 0.24.8-1
Requires(preun): rpm-helper >= 0.24.8-1
BuildRequires: python-devel
BuildRequires: systemd-units
Requires: python >= 2.5
Requires: tcp_wrappers >= 7.6-29
Requires: iptables >= 1.3.5-3
Requires(post,preun): systemd-units
Suggests: python-gamin
%py_requires -d
BuildArch: noarch
%description
Fail2Ban scans log files like /var/log/secure and bans IP-addresses that have
too many password failures within a specified time frame. It updates firewall
rules to reject these IP addresses. The rules needed for this can be defined by
the user. Fail2Ban can read multiple log files including sshd and Apache web
server logs.
%prep
%setup -qn fail2ban-fail2ban-a20d1f8
%patch0 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%build
%serverbuild
env CFLAGS="%{optflags}" python setup.py build
pushd man
sh generate-man
popd
%install
[ "%{buildroot}" != "/" ] && rm -rf %{buildroot}
python setup.py install --root=%{buildroot}
install -d %{buildroot}/%{_mandir}/man1
install man/*.1 %{buildroot}%{_mandir}/man1/
install -D %{SOURCE1} %{buildroot}/%{_initrddir}/%{name}
mkdir -p %{buildroot}%{_unitdir}
install -m 644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service
install -d %{buildroot}/%{_var}/run/%{name}
%post
%_post_service fail2ban
%preun
%_preun_service fail2ban
%files
%doc ChangeLog README TODO
%attr(744,root,root) %{_initrddir}/%{name}
%{_unitdir}/%{name}.service
%{_bindir}/%{name}-*
%config(noreplace) %{_sysconfdir}/%{name}/*.conf
%config(noreplace) %{_sysconfdir}/%{name}/action.d/*.conf
%config(noreplace) %{_sysconfdir}/%{name}/filter.d/*.conf
%dir %{_sysconfdir}/%{name}
%dir %{_sysconfdir}/%{name}/action.d
%dir %{_sysconfdir}/%{name}/filter.d
%dir %{_datadir}/%{name}
%dir %{_datadir}/%{name}/client
%dir %{_datadir}/%{name}/server
%dir %{_datadir}/%{name}/common
%dir %{_var}/run/%{name}
%{_datadir}/%{name}/client/*.py*
%{_datadir}/%{name}/server/*.py*
%{_datadir}/%{name}/common/*.py*
%{_datadir}/%{name}/*-info
%{_mandir}/man1/*
%changelog
* Tue Jun 18 2013 remmy <remmy> 0.8.6-3.2.mga2
+ Revision: 444742
- Fix for apache logs DoS vulnerability (CVE-2013-2178)
- Small addition that was missing from the latest security patch
- Patched to include fix for security issue CVE-2012-5642 (mga#8542)
+ tmb <tmb>
- Require rpm-helper >= 0.24.8-1 for systemd support
* Wed Mar 07 2012 remmy <remmy> 0.8.6-1.mga2
+ Revision: 221223
- Drop unneeded patches
- Provide systemd .service file
- Log to SYSLOG by default
- Moved to upstream release 0.8.6
* Wed May 04 2011 saispo <saispo> 0.8.4-5.mga1
+ Revision: 94760
- Add missing patch
- Fix fail2ban with running file in /tmp, see bug #908
* Sun Feb 20 2011 eandry <eandry> 0.8.4-4.mga1
+ Revision: 54755
- remove buildroot
- bump for upgrade
- imported package fail2ban
