diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2020-01-06 17:48:41 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2020-01-06 17:48:43 +0300 |
commit | a48c014e7bf11391734c05fac6552bbef2dc2086 (patch) | |
tree | e24b69c6931f59a59f20290059eb15d9d655b295 /meta-security/recipes-security/fail2ban | |
parent | 870eb53cd2dd418fcd6e26356392b6366e51cae5 (diff) | |
download | openbmc-a48c014e7bf11391734c05fac6552bbef2dc2086.tar.xz |
meta-security: subtree update:3001c3ebfc..b72cc7f87c
Armin Kuster (10):
apparmor: add distro check
smack: add distro check
python-fail2ban: Drop python2 package
python3-fail2ban: include python-fail2ban.inc
google-authenticator-libpam: update to 1.07
smack-test: add feature check for smack
lib/oeqa/runtime: fix clamav test order
clamav: update to 0.101.5
meta-integrity: fix issues with yocto-check-layer
fail2ban: fix runtime error
Change-Id: I4f7e656b0f9e2e9dc32989a1756c94e4e0143c42
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'meta-security/recipes-security/fail2ban')
4 files changed, 51 insertions, 61 deletions
diff --git a/meta-security/recipes-security/fail2ban/files/initd b/meta-security/recipes-security/fail2ban/files/initd index 4f4b394c4..586b3dac3 100644 --- a/meta-security/recipes-security/fail2ban/files/initd +++ b/meta-security/recipes-security/fail2ban/files/initd @@ -39,9 +39,9 @@ start() { RETVAL=$? if [ $RETVAL = 0 ]; then touch ${lockfile} - echo_success + success else - echo_failure + failure fi echo return $RETVAL @@ -53,9 +53,9 @@ stop() { RETVAL=$? if [ $RETVAL = 0 ]; then rm -f ${lockfile} ${pidfile} - echo_success + success else - echo_failure + failure fi echo return $RETVAL diff --git a/meta-security/recipes-security/fail2ban/python-fail2ban.inc b/meta-security/recipes-security/fail2ban/python-fail2ban.inc deleted file mode 100644 index 7270ed8ac..000000000 --- a/meta-security/recipes-security/fail2ban/python-fail2ban.inc +++ /dev/null @@ -1,49 +0,0 @@ -SUMMARY = "Daemon to ban hosts that cause multiple authentication errors." -DESCRIPTION = "Fail2Ban scans log files like /var/log/auth.log and bans IP addresses having too \ -many failed login attempts. It does this by updating system firewall rules to reject new \ -connections from those IP addresses, for a configurable amount of time. Fail2Ban comes \ -out-of-the-box ready to read many standard log files, such as those for sshd and Apache, \ -and is easy to configure to read any log file you choose, for any error you choose." -HOMEPAGE = "http://www.fail2ban.org" - -LICENSE = "GPL-2.0" -LIC_FILES_CHKSUM = "file://COPYING;md5=ecabc31e90311da843753ba772885d9f" - -SRCREV ="aa565eb80ec6043317e8430cabcaf9c3f4e61578" -SRC_URI = " \ - git://github.com/fail2ban/fail2ban.git;branch=0.11 \ - file://initd \ - file://fail2ban_setup.py \ - file://run-ptest \ -" - -inherit update-rc.d ptest - -S = "${WORKDIR}/git" - -INITSCRIPT_PACKAGES = "${PN}" -INITSCRIPT_NAME = "fail2ban-server" -INITSCRIPT_PARAMS = "defaults 25" - -do_compile_prepend () { - cp ${WORKDIR}/fail2ban_setup.py ${S}/setup.py -} - -do_install_append () { - install -d ${D}/${sysconfdir}/fail2ban - install -d ${D}/${sysconfdir}/init.d - install -m 0755 ${WORKDIR}/initd ${D}${sysconfdir}/init.d/fail2ban-server - chown -R root:root ${D}/${bindir} -} - -do_install_ptest_append () { - install -d ${D}${PTEST_PATH} - sed -i -e 's/##PYTHON##/${PYTHON_PN}/g' ${D}${PTEST_PATH}/run-ptest - install -D ${S}/bin/fail2ban-testcases ${D}${PTEST_PATH} -} - -FILES_${PN} += "/run" - -INSANE_SKIP_${PN}_append = "already-stripped" - -RDEPENDS_${PN} = "sysklogd iptables sqlite3 ${PYTHON_PN} ${PYTHON_PN}-pyinotify" diff --git a/meta-security/recipes-security/fail2ban/python-fail2ban_0.10.4.0.bb b/meta-security/recipes-security/fail2ban/python-fail2ban_0.10.4.0.bb deleted file mode 100644 index 17a7dd8dd..000000000 --- a/meta-security/recipes-security/fail2ban/python-fail2ban_0.10.4.0.bb +++ /dev/null @@ -1,4 +0,0 @@ -inherit setuptools -require python-fail2ban.inc - -RDEPENDS_${PN}-ptest = "python python-modules python-fail2ban" diff --git a/meta-security/recipes-security/fail2ban/python3-fail2ban_0.10.4.0.bb b/meta-security/recipes-security/fail2ban/python3-fail2ban_0.10.4.0.bb index 23ef027b3..53f94ff9f 100644 --- a/meta-security/recipes-security/fail2ban/python3-fail2ban_0.10.4.0.bb +++ b/meta-security/recipes-security/fail2ban/python3-fail2ban_0.10.4.0.bb @@ -1,8 +1,51 @@ -inherit setuptools3 -require python-fail2ban.inc +SUMMARY = "Daemon to ban hosts that cause multiple authentication errors." +DESCRIPTION = "Fail2Ban scans log files like /var/log/auth.log and bans IP addresses having too \ +many failed login attempts. It does this by updating system firewall rules to reject new \ +connections from those IP addresses, for a configurable amount of time. Fail2Ban comes \ +out-of-the-box ready to read many standard log files, such as those for sshd and Apache, \ +and is easy to configure to read any log file you choose, for any error you choose." +HOMEPAGE = "http://www.fail2ban.org" -RDEPENDS_${PN}-ptest = "python3-core python3-io python3-modules python3-fail2ban" +LICENSE = "GPL-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=ecabc31e90311da843753ba772885d9f" -SRC_URI += " \ +SRCREV ="aa565eb80ec6043317e8430cabcaf9c3f4e61578" +SRC_URI = " \ + git://github.com/fail2ban/fail2ban.git;branch=0.11 \ + file://initd \ + file://fail2ban_setup.py \ + file://run-ptest \ file://0001-To-fix-build-error-of-xrang.patch \ " + +inherit update-rc.d ptest setuptools3 + +S = "${WORKDIR}/git" + +do_compile_prepend () { + cp ${WORKDIR}/fail2ban_setup.py ${S}/setup.py +} + +do_install_append () { + install -d ${D}/${sysconfdir}/fail2ban + install -d ${D}/${sysconfdir}/init.d + install -m 0755 ${WORKDIR}/initd ${D}${sysconfdir}/init.d/fail2ban-server + chown -R root:root ${D}/${bindir} +} + +do_install_ptest_append () { + install -d ${D}${PTEST_PATH} + sed -i -e 's/##PYTHON##/${PYTHON_PN}/g' ${D}${PTEST_PATH}/run-ptest + install -D ${S}/bin/fail2ban-testcases ${D}${PTEST_PATH} +} + +FILES_${PN} += "/run" + +INITSCRIPT_PACKAGES = "${PN}" +INITSCRIPT_NAME = "fail2ban-server" +INITSCRIPT_PARAMS = "defaults 25" + +INSANE_SKIP_${PN}_append = "already-stripped" + +RDEPENDS_${PN} = "sysklogd iptables sqlite3 ${PYTHON_PN} ${PYTHON_PN}-pyinotify" +RDEPENDS_${PN}-ptest = "python3-core python3-io python3-modules python3-fail2ban" |