rpms/denyhosts/devel README.fedora, NONE, 1.1 denyhosts-0.8.0-config.patch, NONE, 1.1 denyhosts-0.8.0-setup.patch, NONE, 1.1 denyhosts.cron, 1.2, 1.3 denyhosts.init, 1.1, 1.2 denyhosts.spec, 1.4, 1.5 denyhosts-0.8.0-workdir.patch, 1.1, NONE

Fri Jul 22 16:27:06 UTC 2005

Author: tibbs

Update of /cvs/extras/rpms/denyhosts/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17022

Modified Files:
	denyhosts.cron denyhosts.init denyhosts.spec 
Added Files:
	README.fedora denyhosts-0.8.0-config.patch 
	denyhosts-0.8.0-setup.patch 
Removed Files:
	denyhosts-0.8.0-workdir.patch 
Log Message:
* Fri Jul 22 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 0.8.0-3
- Rename the lockfile used by the initscript/cron setup because
  DenyHosts now has its own internal locking and they chose the exact
  same lockfile we were using.
- Turn on PURGE_DENY in the installed config file.
- Delete data_files from setup.py.
- Enable purging in denyhosts.cron.
- Add README.fedora file.

--- NEW FILE README.fedora ---
Some useful information about DenyHosts as packaged by Fedora Extras
--------------------------------------------------------------------

It installs and runs as a service, so you can start it with:

  service denyhosts start

and enable it at boot time with:

  chkconfig denyhosts on


By default it will process your logs every ten minutes.  You can
change the interval by editing /etc/cron.d/denyhosts.  You can see a
description of the file format by running:

  man 5 crontab


By default, DenyHosts is set up to purge old block entries, but only
after one year.  If you wish to adjust this, edit /etc/denyhosts.conf
and look for "PURGE_DENY".  The purge procedure is run daily at 5AM.
To adjust this frequency, edit /etc/cron.d/denyhosts.


DenyHosts will process only your current logfile (/var/log/secure).
If you want to incorporate an old logfile (in this example,
/var/log/secure.1) , you can run

  denyhosts.py -c /etc/denyhosts.conf /var/log/secure.1

DenyHosts can also handle logs compressed with gzip or bzip2.



denyhosts-0.8.0-config.patch:

--- NEW FILE denyhosts-0.8.0-config.patch ---
--- denyhosts.cfg-dist.orig	2005-07-22 08:58:03.668064303 -0500
+++ denyhosts.cfg-dist	2005-07-22 10:15:48.146561932 -0500
@@ -46,13 +46,18 @@
 #            'y' = years
 #
 # never purge:
-PURGE_DENY = 
+#PURGE_DENY = 
 #
 # purge entries older than 1 week
 #PURGE_DENY = 1w
 #
 # purge entries older than 5 days
 #PURGE_DENY = 5d
+#
+# For the default Fedora Extras install, we want timestamping but no
+# expiration (at least by default) so this is deliberately set high.
+# Adjust to taste.
+PURGE_DENY = 1y
 #######################################################################
 
 
@@ -89,7 +94,7 @@
 # WORK_DIR: the path that DenyHosts will use for writing data to
 # (it will be created if it does not already exist).       
 #
-WORK_DIR = denyhosts
+WORK_DIR = /var/lib/denyhosts
 #
 #######################################################################
 

denyhosts-0.8.0-setup.patch:

--- NEW FILE denyhosts-0.8.0-setup.patch ---
--- setup.py.orig	2005-07-22 10:18:29.184475189 -0500
+++ setup.py	2005-07-22 10:18:42.445844737 -0500
@@ -21,11 +21,11 @@
       ##package_dir={'': 'modules'},
       ##packages=["."],
       py_modules=["denyhosts_version"],
-      data_files=[(libpath, glob("denyhosts.cfg-dist")),
-                  (libpath, glob("setup.py")),
-                  (libpath, glob("CHANGELOG.txt")),
-                  (libpath, glob("README.txt")),
-                  (libpath, glob("LICENSE.txt"))],
+#      data_files=[(libpath, glob("denyhosts.cfg-dist")),
+#                  (libpath, glob("setup.py")),
+#                  (libpath, glob("CHANGELOG.txt")),
+#                  (libpath, glob("README.txt")),
+#                  (libpath, glob("LICENSE.txt"))],
       license="GPL",
       extra_path='denyhosts',
       long_description="""


Index: denyhosts.cron
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/denyhosts.cron,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- denyhosts.cron	2 Jul 2005 21:37:55 -0000	1.2
+++ denyhosts.cron	22 Jul 2005 16:27:04 -0000	1.3
@@ -2,5 +2,9 @@
 # heavily attacked then it is reasonable to make it run as frequently as once
 # every minute.  DenyHosts runs quickly once it has initially processed your
 # logs and should not take a significant amount of CPU time.
-*/10 * * * * root [ -f /var/lock/subsys/denyhosts ] && /usr/bin/denyhosts.py -c /etc/denyhosts.conf
-
+*/10 * * * * root [ -f /var/lock/subsys/denyhosts.init ] && /usr/bin/denyhosts.py -c /etc/denyhosts.conf
+#
+# Automatically purge old entries early in the morning.  Note that you must
+# edit /etc/denyhosts.conf and set PURGE_DENY to something reasonable, as the
+# default value purge time is set very high.
+0 5 * * * root [ -f /var/lock/subsys/denyhosts.init ] && /usr/bin/denyhosts.py -c /etc/denyhosts.conf --purge


Index: denyhosts.init
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/denyhosts.init,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- denyhosts.init	20 May 2005 04:57:02 -0000	1.1
+++ denyhosts.init	22 Jul 2005 16:27:04 -0000	1.2
@@ -15,7 +15,7 @@
 # source function library
 . /etc/rc.d/init.d/functions
 
-lockfile=/var/lock/subsys/denyhosts
+lockfile=/var/lock/subsys/denyhosts.init
 
 RETVAL=0
 


Index: denyhosts.spec
===================================================================
RCS file: /cvs/extras/rpms/denyhosts/devel/denyhosts.spec,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- denyhosts.spec	21 Jul 2005 16:56:22 -0000	1.4
+++ denyhosts.spec	22 Jul 2005 16:27:04 -0000	1.5
@@ -1,6 +1,6 @@
 Name:           denyhosts
 Version:        0.8.0
-Release:	2%{?dist}
+Release:	3%{?dist}
 Summary:        A script to help thwart ssh server attacks
 
 Group:          Applications/System
@@ -10,7 +10,9 @@
 Source1:	denyhosts.cron
 Source2:	denyhosts.init
 Source3:	denyhosts-allowed-hosts
-Patch0:		denyhosts-0.8.0-workdir.patch
+Source4:	README.fedora
+Patch0:		denyhosts-0.8.0-config.patch
+Patch1:		denyhosts-0.8.0-setup.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildArchitectures: noarch
 
@@ -29,10 +31,15 @@
 %prep
 %setup -q -n DenyHosts-%{version}
 %patch0 -p0
+%patch1 -p0
+
+cp %{SOURCE4} .
+
 
 %build
 python ./setup.py build
 
+
 %install
 rm -rf $RPM_BUILD_ROOT
 python ./setup.py install --root=$RPM_BUILD_ROOT --record=%{name}.files
@@ -73,7 +80,8 @@
 
 %files -f %{name}.files
 %defattr(-,root,root,-)
-%doc CHANGELOG.txt denyhosts.cfg-dist LICENSE.txt README.txt setup.py
+%doc CHANGELOG.txt denyhosts.cfg-dist LICENSE.txt
+%doc README.fedora README.txt setup.py
 %config(noreplace) %{_sysconfdir}/denyhosts.conf
 %config(noreplace) %{_sysconfdir}/cron.d/denyhosts
 %config(noreplace) %{_localstatedir}/lib/denyhosts/allowed-hosts
@@ -92,6 +100,15 @@
 
 
 %changelog
+* Fri Jul 22 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 0.8.0-3
+- Rename the lockfile used by the initscript/cron setup because
+  DenyHosts now has its own internal locking and they chose the exact
+  same lockfile we were using.
+- Turn on PURGE_DENY in the installed config file.
+- Delete data_files from setup.py.
+- Enable purging in denyhosts.cron.
+- Add README.fedora file.
+
 * Thu Jul 21 2005 Jason L Tibbitts III <tibbs at math.uh.edu> - 0.8.0-2
 - Package CHANGELOG.txt and denyhosts.cfg-dist as well (as
   documentation).


--- denyhosts-0.8.0-workdir.patch DELETED ---


