rpms/denyhosts/devel README.fedora, NONE, 1.1 denyhosts-0.8.0-config.patch, NONE, 1.1 denyhosts-0.8.0-setup.patch, NONE, 1.1 denyhosts.cron, 1.2, 1.3 denyhosts.init, 1.1, 1.2 denyhosts.spec, 1.4, 1.5 denyhosts-0.8.0-workdir.patch, 1.1, NONE
Jason Tibbitts (tibbs)
fedora-extras-commits at redhat.com
Fri Jul 22 16:27:06 UTC 2005
Author: tibbs
Update of /cvs/extras/rpms/denyhosts/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17022
Modified Files:
denyhosts.cron denyhosts.init denyhosts.spec
Added Files:
README.fedora denyhosts-0.8.0-config.patch
denyhosts-0.8.0-setup.patch
Removed Files:
denyhosts-0.8.0-workdir.patch
Log Message:
* Fri Jul 22 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 0.8.0-3
- Rename the lockfile used by the initscript/cron setup because
DenyHosts now has its own internal locking and they chose the exact
same lockfile we were using.
- Turn on PURGE_DENY in the installed config file.
- Delete data_files from setup.py.
- Enable purging in denyhosts.cron.
- Add README.fedora file.
--- NEW FILE README.fedora ---
Some useful information about DenyHosts as packaged by Fedora Extras
--------------------------------------------------------------------
It installs and runs as a service, so you can start it with:
service denyhosts start
and enable it at boot time with:
chkconfig denyhosts on
By default it will process your logs every ten minutes. You can
change the interval by editing /etc/cron.d/denyhosts. You can see a
description of the file format by running:
man 5 crontab
By default, DenyHosts is set up to purge old block entries, but only
after one year. If you wish to adjust this, edit /etc/denyhosts.conf
and look for "PURGE_DENY". The purge procedure is run daily at 5AM.
To adjust this frequency, edit /etc/cron.d/denyhosts.
DenyHosts will process only your current logfile (/var/log/secure).
If you want to incorporate an old logfile (in this example,
/var/log/secure.1) , you can run
denyhosts.py -c /etc/denyhosts.conf /var/log/secure.1
DenyHosts can also handle logs compressed with gzip or bzip2.
denyhosts-0.8.0-config.patch:
--- NEW FILE denyhosts-0.8.0-config.patch ---
--- denyhosts.cfg-dist.orig 2005-07-22 08:58:03.668064303 -0500
+++ denyhosts.cfg-dist 2005-07-22 10:15:48.146561932 -0500
@@ -46,13 +46,18 @@
# 'y' = years
#
# never purge:
-PURGE_DENY =
+#PURGE_DENY =
#
# purge entries older than 1 week
#PURGE_DENY = 1w
#
# purge entries older than 5 days
#PURGE_DENY = 5d
+#
+# For the default Fedora Extras install, we want timestamping but no
+# expiration (at least by default) so this is deliberately set high.
+# Adjust to taste.
+PURGE_DENY = 1y
#######################################################################
@@ -89,7 +94,7 @@
# WORK_DIR: the path that DenyHosts will use for writing data to
# (it will be created if it does not already exist).
#
-WORK_DIR = denyhosts
+WORK_DIR = /var/lib/denyhosts
#
#######################################################################
denyhosts-0.8.0-setup.patch:
--- NEW FILE denyhosts-0.8.0-setup.patch ---
--- setup.py.orig 2005-07-22 10:18:29.184475189 -0500
+++ setup.py 2005-07-22 10:18:42.445844737 -0500
@@ -21,11 +21,11 @@
##package_dir={'': 'modules'},
##packages=["."],
py_modules=["denyhosts_version"],
- data_files=[(libpath, glob("denyhosts.cfg-dist")),
- (libpath, glob("setup.py")),
- (libpath, glob("CHANGELOG.txt")),
- (libpath, glob("README.txt")),
- (libpath, glob("LICENSE.txt"))],
+# data_files=[(libpath, glob("denyhosts.cfg-dist")),
+# (libpath, glob("setup.py")),
+# (libpath, glob("CHANGELOG.txt")),
+# (libpath, glob("README.txt")),
+# (libpath, glob("LICENSE.txt"))],
license="GPL",
extra_path='denyhosts',
long_description="""
Index: denyhosts.cron
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/denyhosts.cron,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- denyhosts.cron 2 Jul 2005 21:37:55 -0000 1.2
+++ denyhosts.cron 22 Jul 2005 16:27:04 -0000 1.3
@@ -2,5 +2,9 @@
# heavily attacked then it is reasonable to make it run as frequently as once
# every minute. DenyHosts runs quickly once it has initially processed your
# logs and should not take a significant amount of CPU time.
-*/10 * * * * root [ -f /var/lock/subsys/denyhosts ] && /usr/bin/denyhosts.py -c /etc/denyhosts.conf
-
+*/10 * * * * root [ -f /var/lock/subsys/denyhosts.init ] && /usr/bin/denyhosts.py -c /etc/denyhosts.conf
+#
+# Automatically purge old entries early in the morning. Note that you must
+# edit /etc/denyhosts.conf and set PURGE_DENY to something reasonable, as the
+# default value purge time is set very high.
+0 5 * * * root [ -f /var/lock/subsys/denyhosts.init ] && /usr/bin/denyhosts.py -c /etc/denyhosts.conf --purge
Index: denyhosts.init
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/denyhosts.init,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- denyhosts.init 20 May 2005 04:57:02 -0000 1.1
+++ denyhosts.init 22 Jul 2005 16:27:04 -0000 1.2
@@ -15,7 +15,7 @@
# source function library
. /etc/rc.d/init.d/functions
-lockfile=/var/lock/subsys/denyhosts
+lockfile=/var/lock/subsys/denyhosts.init
RETVAL=0
Index: denyhosts.spec
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/denyhosts.spec,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- denyhosts.spec 21 Jul 2005 16:56:22 -0000 1.4
+++ denyhosts.spec 22 Jul 2005 16:27:04 -0000 1.5
@@ -1,6 +1,6 @@
Name: denyhosts
Version: 0.8.0
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: A script to help thwart ssh server attacks
Group: Applications/System
@@ -10,7 +10,9 @@
Source1: denyhosts.cron
Source2: denyhosts.init
Source3: denyhosts-allowed-hosts
-Patch0: denyhosts-0.8.0-workdir.patch
+Source4: README.fedora
+Patch0: denyhosts-0.8.0-config.patch
+Patch1: denyhosts-0.8.0-setup.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArchitectures: noarch
@@ -29,10 +31,15 @@
%prep
%setup -q -n DenyHosts-%{version}
%patch0 -p0
+%patch1 -p0
+
+cp %{SOURCE4} .
+
%build
python ./setup.py build
+
%install
rm -rf $RPM_BUILD_ROOT
python ./setup.py install --root=$RPM_BUILD_ROOT --record=%{name}.files
@@ -73,7 +80,8 @@
%files -f %{name}.files
%defattr(-,root,root,-)
-%doc CHANGELOG.txt denyhosts.cfg-dist LICENSE.txt README.txt setup.py
+%doc CHANGELOG.txt denyhosts.cfg-dist LICENSE.txt
+%doc README.fedora README.txt setup.py
%config(noreplace) %{_sysconfdir}/denyhosts.conf
%config(noreplace) %{_sysconfdir}/cron.d/denyhosts
%config(noreplace) %{_localstatedir}/lib/denyhosts/allowed-hosts
@@ -92,6 +100,15 @@
%changelog
+* Fri Jul 22 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 0.8.0-3
+- Rename the lockfile used by the initscript/cron setup because
+ DenyHosts now has its own internal locking and they chose the exact
+ same lockfile we were using.
+- Turn on PURGE_DENY in the installed config file.
+- Delete data_files from setup.py.
+- Enable purging in denyhosts.cron.
+- Add README.fedora file.
+
* Thu Jul 21 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 0.8.0-2
- Package CHANGELOG.txt and denyhosts.cfg-dist as well (as
documentation).
--- denyhosts-0.8.0-workdir.patch DELETED ---
More information about the fedora-extras-commits
mailing list