New package: denyhosts
Aaron Kurtz
a.kurtz at hardsun.net
Tue May 17 20:06:13 UTC 2005
On Tue, 2005-05-17 at 13:32 -0500, Jason L Tibbitts III wrote:
> >>>>> "AK" == Aaron Kurtz <a.kurtz at hardsun.net> writes:
>
> AK> Dist Tag? http://fedoraproject.org/wiki/DistTag
>
> I'm not sure what purpose it would serve. The package is pretty much
> independent of the distro version.
I thought packages were required to have a higher version for later FC
releases, and Dist Tag is the best way to do that if you have the same
version for multiple releases.
> BTW, I've found that after making this package that unfortunately
> DenyHosts doesn't really fit my requirements because it doesn't age
> out entries. So a user unlucky enough to mistype his passwords five
> times in total from the same IP gets blocked, regardless of the
> frequency of the mistakes. Crap. So I have to decide whether to
> improve my Python by hacking on DenyHosts, to take the easy road and
> rewrite it in Perl. Or, hey, I've been meaning to learn Ruby.
There is whitelisting by ip. But not by domain name. Hmm. This is not as
fine-grained as I hoped. The default before blocking should probably be
turned up a bit. Oh, and the whitelisting creates allowed-warned-hosts,
which should be added to the spec.
Should this really be turned on in post? The way it is, this runs a high
risk of cutting off SSH users, and it's only turned on for the runlevel
running when it's installed. I'd rather see it turned on manually.
As for the various rpmlint errors, rpmlint -i gives more context about
them.
>From the SRPM, W: denyhosts strange-permission denyhosts.init 0755
Just a warning, but if you really wanted it to be quiet, just change the
permission in the SRPM, since it gets installed with the proper bits set
anyways.
The other rpmlints errors are either not that important or dealt with in
the diff.
--
Aaron Kurtz <a.kurtz at hardsun.net GPG Key ID: ED588CF2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: spec.patch
Type: text/x-patch
Size: 261 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-extras-list/attachments/20050517/df1db15d/attachment.bin>
More information about the fedora-extras-list
mailing list