Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 31 Jan 2012 12:27:58 +0100
From:      Matthias Fechner <idefix@fechner.net>
To:        FreeBSD-gnats-submit@FreeBSD.org, freebsd-ports-bugs@FreeBSD.org
Subject:   Re: ports/164659: fail2ban overwrite config files
Message-ID:  <4F27D03E.6040105@fechner.net>
In-Reply-To: <201201310920.q0V9KAPE072226@freefall.freebsd.org>
References:  <201201310920.q0V9KAPE072226@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is a multi-part message in MIME format.
--------------020808050508030908080707
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit

what do you think about the attached patch?
That should make clear how to configure and prevent the overwrite of the 
config file with an update.

Bye
Matthias

--------------020808050508030908080707
Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0";
	name="fail2ban.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="fail2ban.patch"

diff -urN py-fail2ban.old/Makefile py-fail2ban/Makefile
--- py-fail2ban.old/Makefile	2012-01-31 12:19:28.247134384 +0100
+++ py-fail2ban/Makefile	2012-01-31 12:13:04.901139503 +0100
@@ -23,6 +23,7 @@
 USE_PYDISTUTILS=	yes
 
 USE_RC_SUBR=	fail2ban
+SUB_FILES=	pkg-message
 SUB_LIST+=	PYTHON_CMD=${PYTHON_CMD}
 
 PYDISTUTILS_INSTALLARGS+=	--install-purelib=${PYTHON_SITELIBDIR} \
@@ -38,4 +39,7 @@
 post-patch:
 	@${ECHO_CMD} ${FILES} | ${XARGS} ${REINPLACE_CMD} -e 's,/etc/fail2ban,${ETCDIR},g'
 
+post-install:
+		@${CAT} ${PKGMESSAGE}
+
 .include <bsd.port.mk>
diff -urN py-fail2ban.old/files/pkg-message.in py-fail2ban/files/pkg-message.in
--- py-fail2ban.old/files/pkg-message.in	1970-01-01 01:00:00.000000000 +0100
+++ py-fail2ban/files/pkg-message.in	2012-01-31 12:18:31.331132519 +0100
@@ -0,0 +1,19 @@
+
+To complete the configuration:
+
+1. Copy the standard config file to a local one:
+      cp %%ETCDIR%%/jail.conf %%ETCDIR%%/jail.local
+
+2. Add new jails in the jail.local, e.g. for ssh:
+[ssh-pf]
+enabled = true
+filter = bsd-sshd
+action = pf[name=SSH, port=ssh, protocol=tcp]
+logpath = /var/log/auth.log
+
+3. Enable fail2ban
+   Edit /etc/rc.conf to enable it.
+
+4. Start it
+   Use the start script in /usr/local/etc/rc.d/fail2ban start
+

--------------020808050508030908080707--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F27D03E.6040105>