From owner-freebsd-ports-bugs@freebsd.org  Wed Feb 17 07:39:37 2021
Return-Path: <owner-freebsd-ports-bugs@freebsd.org>
Delivered-To: freebsd-ports-bugs@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 72F62535CD1
 for <freebsd-ports-bugs@mailman.nyi.freebsd.org>;
 Wed, 17 Feb 2021 07:39:37 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::50:13])
 by mx1.freebsd.org (Postfix) with ESMTP id 4DgV952cGYz4tfj
 for <freebsd-ports-bugs@freebsd.org>; Wed, 17 Feb 2021 07:39:37 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: by mailman.nyi.freebsd.org (Postfix)
 id 56AD6535CD0; Wed, 17 Feb 2021 07:39:37 +0000 (UTC)
Delivered-To: ports-bugs@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 567A5535E55
 for <ports-bugs@mailman.nyi.freebsd.org>; Wed, 17 Feb 2021 07:39:37 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4DgV951w75z4thq
 for <ports-bugs@FreeBSD.org>; Wed, 17 Feb 2021 07:39:37 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2610:1c1:1:606c::50:1d])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 30AC120E83
 for <ports-bugs@FreeBSD.org>; Wed, 17 Feb 2021 07:39:37 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 11H7dblT052757
 for <ports-bugs@FreeBSD.org>; Wed, 17 Feb 2021 07:39:37 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 11H7db8t052756
 for ports-bugs@FreeBSD.org; Wed, 17 Feb 2021 07:39:37 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: ports-bugs@FreeBSD.org
Subject: [Bug 221602] security/sshguard: configuration inconvenience wrt
 blacklisting
Date: Wed, 17 Feb 2021 07:39:37 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Ports & Packages
X-Bugzilla-Component: Individual Port(s)
X-Bugzilla-Version: Latest
X-Bugzilla-Keywords: needs-patch
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: kevinz5000@gmail.com
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org
X-Bugzilla-Flags: maintainer-feedback?
X-Bugzilla-Changed-Fields: attachments.created
Message-ID: <bug-221602-7788-2h3KvWFx72@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-221602-7788@https.bugs.freebsd.org/bugzilla/>
References: <bug-221602-7788@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports-bugs>, 
 <mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs/>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
 <mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Feb 2021 07:39:37 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D221602

--- Comment #5 from Kevin Zheng <kevinz5000@gmail.com> ---
Created attachment 222508
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D222508&action=
=3Dedit
Patch

I've attached a patch with the requested changes. More detail is in the pat=
ch
body, which is reproduced below:

The sshguard_blacklist rcvar always overrides the setting in
sshguard.conf. Since the rc.d script sets sshguard_blacklist, the
blacklist option in sshguard.conf is never used.

This patch removes the default rcvar setting, and instead enables
blacklisting in the example sshguard.conf. (Note that this is a
traditional FreeBSD ports default, not an upstream default.)

New users (with no existing sshguard.conf) will see no change. Users
with existing sshguard.conf will have blacklisting turned off until they
update their sshguard.conf.

Though, I want to ask those CC'd on the patch here, what do you think about
leaving blacklisting off by default?

--=20
You are receiving this mail because:
You are the assignee for the bug.=