blob: 5cf1db15faa432159198e2ce11fe191c902e9eac (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
DISTUTILS_SINGLE_IMPL=1
PYTHON_COMPAT=( python3_{10..13} )
inherit bash-completion-r1 distutils-r1 systemd tmpfiles
DESCRIPTION="Scans log files and bans IPs that show malicious signs"
HOMEPAGE="https://www.fail2ban.org/"
if [[ ${PV} == *9999 ]] ; then
EGIT_REPO_URI="https://github.com/fail2ban/fail2ban"
inherit git-r3
else
SRC_URI="https://github.com/fail2ban/fail2ban/archive/${PV}.tar.gz -> ${P}.tar.gz"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86"
fi
LICENSE="GPL-2"
SLOT="0"
IUSE="selinux systemd test"
RESTRICT="!test? ( test )"
RDEPEND="
$(python_gen_cond_dep '
dev-python/pyasyncore[${PYTHON_USEDEP}]
dev-python/pyasynchat[${PYTHON_USEDEP}]
' 3.12)
virtual/logger
virtual/mta
selinux? ( sec-policy/selinux-fail2ban )
systemd? (
$(python_gen_cond_dep '
dev-python/python-systemd[${PYTHON_USEDEP}]
')
)
"
BDEPEND="
test? (
$(python_gen_cond_dep '
dev-python/aiosmtpd[${PYTHON_USEDEP}]
')
)
"
DOCS=( ChangeLog DEVELOP README.md THANKS TODO doc/run-rootless.txt )
PATCHES=(
"${FILESDIR}"/${PN}-0.11.2-adjust-apache-logs-paths.patch
"${FILESDIR}"/${PN}-1.0.2-umask-tests.patch
"${FILESDIR}"/${PN}-1.1.0-openssh-9.8.patch
"${FILESDIR}"/${PN}-1.1.0-openssh-9.8-fixups.patch
"${FILESDIR}"/${PN}-1.1.0-openrc-nftables.patch
)
python_prepare_all() {
distutils-r1_python_prepare_all
# Replace /var/run with /run, but not in the top source directory
find . -mindepth 2 -type f -exec \
sed -i -e 's|/var\(/run/fail2ban\)|\1|g' {} + || die
}
python_test() {
# Skip testRepairDb for bug #907348 (didn't always fail..)
# https://github.com/fail2ban/fail2ban/issues/3586
bin/fail2ban-testcases \
--no-network \
--ignore databasetestcase.DatabaseTest.testRepairDb \
--verbosity=4 || die "Tests failed with ${EPYTHON}"
# Workaround for bug #790251
rm -rf fail2ban.egg-info || die
}
python_install_all() {
distutils-r1_python_install_all
rm -rf "${ED}"/usr/share/doc/${PN} "${ED}"/run || die
newconfd files/fail2ban-openrc.conf ${PN}
# These two are placed in the ${BUILD_DIR} after being "built"
# in install_scripts().
newinitd "${BUILD_DIR}/fail2ban-openrc.init" "${PN}"
systemd_dounit "${BUILD_DIR}/${PN}.service"
dotmpfiles files/${PN}-tmpfiles.conf
doman man/*.{1,5}
# Use INSTALL_MASK if you do not want to touch /etc/logrotate.d.
# See http://thread.gmane.org/gmane.linux.gentoo.devel/35675
insinto /etc/logrotate.d
newins files/${PN}-logrotate ${PN}
keepdir /var/lib/${PN}
newbashcomp files/bash-completion ${PN}-client
bashcomp_alias ${PN}-client ${PN}-server ${PN}-regex
}
pkg_preinst() {
has_version "<${CATEGORY}/${PN}-0.7"
previous_less_than_0_7=$?
}
pkg_postinst() {
tmpfiles_process ${PN}-tmpfiles.conf
if [[ ${previous_less_than_0_7} == 0 ]] ; then
elog
elog "Configuration files are now in /etc/fail2ban/"
elog "You probably have to manually update your configuration"
elog "files before restarting Fail2Ban!"
elog
elog "Fail2Ban is not installed under /usr/lib anymore. The"
elog "new location is under /usr/share."
elog
elog "You are upgrading from version 0.6.x, please see:"
elog "http://www.fail2ban.org/wiki/index.php/HOWTO_Upgrade_from_0.6_to_0.8"
fi
if ! has_version dev-python/pyinotify ; then
elog "For most jail.conf configurations, it is recommended you install"
elog "dev-python/pyinotify to control how log file modifications are detected"
fi
if ! has_version dev-lang/python[sqlite] ; then
elog "If you want to use ${PN}'s persistent database, then reinstall"
elog "dev-lang/python with USE=sqlite. If you do not use the"
elog "persistent database feature, then you should set"
elog "dbfile = :memory: in fail2ban.conf accordingly."
fi
}
|