Hello community, here is the log from the commit of package fail2ban for openSUSE:Factory checked in at 2017-06-27 10:21:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/fail2ban (Old) and /work/SRC/openSUSE:Factory/.fail2ban.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "fail2ban" Tue Jun 27 10:21:50 2017 rev:49 rq:506342 version:0.9.7 Changes: -------- --- /work/SRC/openSUSE:Factory/fail2ban/fail2ban.changes 2017-05-17 10:55:01.245200934 +0200 +++ /work/SRC/openSUSE:Factory/.fail2ban.new/fail2ban.changes 2017-06-27 10:21:55.957595728 +0200 @@ -1,0 +2,6 @@ +Mon Jun 26 07:23:57 UTC 2017 - [email protected] + +- added 1783.patch from upstream: "Updated roundcube authentication filter" +- use tmpfiles_create macro + +------------------------------------------------------------------- New: ---- 1783.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ fail2ban.spec ++++++ --- /var/tmp/diff_new_pack.qlrW4E/_old 2017-06-27 10:21:57.377395060 +0200 +++ /var/tmp/diff_new_pack.qlrW4E/_new 2017-06-27 10:21:57.377395060 +0200 @@ -16,6 +16,7 @@ # +%{!?tmpfiles_create:%global tmpfiles_create systemd-tmpfiles --create} Name: fail2ban Version: 0.9.7 Release: 0 @@ -39,6 +40,8 @@ Patch101: %{name}-opensuse-service.patch # PATCH-UPSTREAM 607568f.patch bnc#1036928 [email protected] -- Postfix RBL: 554 & SMTP Patch102: 607568f.patch +# PATCH-UPSTREAM 1783.patch [email protected] -- Updated roundcube authentication filter +Patch103: 1783.patch # PATCH-FIX-OPENSUSE fail2ban-disable-iptables-w-option.patch [email protected] -- disable iptables "-w" option for older releases Patch200: %{name}-disable-iptables-w-option.patch BuildRequires: fdupes @@ -119,9 +122,13 @@ # Use openSUSE paths sed -i -e 's/^before = paths-.*/before = paths-opensuse.conf/' config/jail.conf +# Remove shebang +sed -i -e '/^#!\/usr\/bin\/python$/d' fail2ban/client/fail2banregex.py + %patch100 %patch101 %patch102 -p1 +%patch103 -p1 %if 0%{?suse_version} < 1310 %patch200 -p1 %endif @@ -224,7 +231,7 @@ %post %fillup_only %if 0%{?suse_version} >= 1230 -systemd-tmpfiles --create %{_tmpfilesdir}/%{name}.conf +%tmpfiles_create %{_tmpfilesdir}/%{name}.conf # The next line is not workin in Leap 42.1, so keep the old way #%%tmpfiles_create %%{_tmpfilesdir}/%%{name}.conf %service_add_post %{name}.service ++++++ 1783.patch ++++++ diff -ur fail2ban-0.9.7-orig/config/filter.d/roundcube-auth.conf fail2ban-0.9.7/config/filter.d/roundcube-auth.conf --- fail2ban-0.9.7-orig/config/filter.d/roundcube-auth.conf 2017-05-11 03:38:57.000000000 +0200 +++ fail2ban-0.9.7/config/filter.d/roundcube-auth.conf 2017-06-26 16:57:15.171337942 +0200 @@ -7,16 +7,30 @@ # The logpath in your jail can be updated to userlogins if you wish # + +[Definition] +# Fail2Ban configuration file for roundcube web server authentication failures +# +# When you enable systemd-logging, this filter needs "$config['log_driver']" set +# to "syslog" in the roundcube configuration +# + [INCLUDES] before = common.conf [Definition] -failregex = ^\s*(\[\])?(%(__hostname)s\s*(roundcube:)?\s*(<[\w]+>)? IMAP Error)?: (FAILED login|Login failed) for .*? from <HOST>(\. .* in .*?/rcube_imap\.php on line \d+ \(\S+ \S+\))?$ - ^\[\]:\s*(<[\w]+>)? Failed login for [\w\-\.\+]+(@[\w\-\.\+]+\.[a-zA-Z]{2,6})? from <HOST> in session \w+( \(error: \d\))?$ +prefregex = ^\s*(\[\])?(%(__hostname)s\s*(?:roundcube(?:\[(\d*)\])?:)?\s*(<[\w]+>)? IMAP Error)?: + +failregex = %(prefregex)s (?:FAILED login|Login failed) for (?P<user>.*) from <HOST>(\. (?:(?! from ).)*(?: user=(?P=user))? in \S+\.php on line \d+ \(\S+ \S+\))?$ + %(prefregex)s (?:<[\w]+> )?Failed login for (?P<user>.*) from <HOST> in session \w+( \(error: \d\))?$ + +ignoreregex = + +[Init] +journalmatch = SYSLOG_IDENTIFIER=roundcube -ignoreregex = # DEV Notes: # # Source: https://github.com/roundcube/roundcubemail/blob/master/program/lib/Roundcube/rcube_imap.php#L180 diff -ur fail2ban-0.9.7-orig/config/jail.conf fail2ban-0.9.7/config/jail.conf --- fail2ban-0.9.7-orig/config/jail.conf 2017-05-11 03:38:57.000000000 +0200 +++ fail2ban-0.9.7/config/jail.conf 2017-06-26 10:37:10.200062390 +0200 @@ -379,7 +379,8 @@ port = http,https logpath = %(roundcube_errors_log)s - +# Use following line in your jail.local if roundcube logs to journal. +#backend = %(syslog_backend)s [openwebmail]
