Package: guix-patches;
Reported by: Rodion Goritskov <rodion <at> goritskov.com>
Date: Fri, 25 Apr 2025 20:14:02 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 78066 in the body.
You can then email your comments to 78066 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
View this report as an mbox folder, status mbox, maintainer mbox
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Fri, 25 Apr 2025 20:14:02 GMT) Full text and rfc822 format available.Rodion Goritskov <rodion <at> goritskov.com>:guix-patches <at> gnu.org.
(Fri, 25 Apr 2025 20:14:02 GMT) Full text and rfc822 format available.Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
From: Rodion Goritskov <rodion <at> goritskov.com> To: guix-patches <at> gnu.org Cc: Rodion Goritskov <rodion <at> goritskov.com> Subject: [PATCH 0/2] Fix fail2ban build Date: Fri, 25 Apr 2025 22:12:30 +0200
Hi! Currently fail2ban is not building [1] because its test suite is not compatible with Python 3.11. Quick fix is to use Python 3.10 there. Probably I will find some time to update fail2ban package in the nearest future (because it is quite old now, four years passed already). However, I think it is good to have the current version building for now. [1] - https://issues.guix.gnu.org/77996 Rodion Goritskov (2): gnu: python: Export wrap-python3. gnu: fail2ban: Build with Python 3.10. gnu/packages/admin.scm | 3 ++- gnu/packages/python.scm | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) -- 2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Fri, 25 Apr 2025 20:20:02 GMT) Full text and rfc822 format available.Message #8 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Rodion Goritskov <rodion <at> goritskov.com> To: 78066 <at> debbugs.gnu.org Cc: Rodion Goritskov <rodion <at> goritskov.com> Subject: [PATCH 1/2] gnu: python: Export wrap-python3. Date: Fri, 25 Apr 2025 22:18:08 +0200
* gnu/packages/python.scm (wrap-python3): Export wrap-python3. Change-Id: I89f8b53d0b5451dadb6f6e1c604523e8a718cb19 --- gnu/packages/python.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index dccd3cdd0e..00f4f9e07b 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -105,7 +105,8 @@ (define-module (gnu packages python) #:use-module (srfi srfi-26) #:export (customize-site - guix-pythonpath-search-path)) + guix-pythonpath-search-path + wrap-python3)) (define* (customize-site version) "Generate a install-sitecustomize.py phase, using VERSION." -- 2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Fri, 25 Apr 2025 20:20:03 GMT) Full text and rfc822 format available.Message #11 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Rodion Goritskov <rodion <at> goritskov.com> To: 78066 <at> debbugs.gnu.org Cc: Rodion Goritskov <rodion <at> goritskov.com> Subject: [PATCH 2/2] gnu: fail2ban: Build with Python 3.10. Date: Fri, 25 Apr 2025 22:18:09 +0200
* gnu/packages/admin.scm (fail2ban): Change Python version used to 3.10 to fix
test problems.
Change-Id: I67d2cf3c465ab1639659402d50357395afb35213
---
gnu/packages/admin.scm | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index d7ae926809..225ae87b06 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6289,7 +6289,8 @@ (define-public fail2ban
"fail2ban-paths-guix-conf.patch"))))
(build-system python-build-system)
(arguments
- '(#:phases (modify-phases %standard-phases
+ `(#:python ,(wrap-python3 python-3.10)
+ #:phases (modify-phases %standard-phases
(add-before 'build 'invoke-2to3
(lambda _
(invoke "./fail2ban-2to3")))
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sat, 26 Apr 2025 15:00:02 GMT) Full text and rfc822 format available.Message #14 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Subject: [PATCH 0/2] Fix fail2ban build Date: Sat, 26 Apr 2025 16:59:49 +0200
Hi Rodion! I think the issue with using a different Python version is that I'm not sure it behaves well in a profile, since python packages are propagated. Maybe the CLI might work well, but importing python modules would probably be broken. If it's only the tests that are broken, maybe it's better to ignore failing tests? Or even better : simply update the package to a more recent version. I get the impression that it should work well from https://github.com/fail2ban/fail2ban/releases/tag/1.1.0 I'll see if such an update fixes your issue, if yes I'll send an update here. -- Best regards, Nicolas Graves
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 27 Apr 2025 06:30:02 GMT) Full text and rfc822 format available.Message #17 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Subject: Re: [bug#78066] [PATCH 0/2] Fix fail2ban build Date: Sun, 27 Apr 2025 08:29:34 +0200
I managed to get tests to pass properly with an update and minimal changes (but a change in the build-system [1], I still have to replace the install phase to avoid a world-rebuild). The subject with fail2ban is that there's also a complete config, and since I'm not a user, I'm not sure everything will work well there. But let's update it, and modify the fail2ban configuration if things have changed there. See you in a few minutes/hours when I'll send an updated patch series! [1]: https://lists.gnu.org/archive/html/guix-devel/2025-04/msg00332.html On 2025-04-26 16:59, Nicolas Graves via Guix-patches via wrote: > Hi Rodion! > > I think the issue with using a different Python version is that I'm not > sure it behaves well in a profile, since python packages are propagated. > Maybe the CLI might work well, but importing python modules would > probably be broken. > > If it's only the tests that are broken, maybe it's better to ignore > failing tests? > > Or even better : simply update the package to a more recent version. I > get the impression that it should work well from > https://github.com/fail2ban/fail2ban/releases/tag/1.1.0 > > I'll see if such an update fixes your issue, if yes I'll send an update > here. -- Best regards, Nicolas Graves
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 27 Apr 2025 09:10:02 GMT) Full text and rfc822 format available.Message #20 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 0/5] Update fail2ban. Date: Sun, 27 Apr 2025 11:08:07 +0200
Instead of building fail2ban with Python <at> 3.10, update it to run with Python <at> 3.11. Nicolas Graves (5): gnu: fail2ban: Move file deletion to source snippet. gnu: fail2ban: Update to 1.1.0. gnu: fail2ban: Improve style. gnu: fail2ban: Improve snippet. gnu: fail2ban: Improve style. gnu/local.mk | 6 - gnu/packages/admin.scm | 325 ++++++++---------- .../fail2ban-0.11.2_CVE-2021-32749.patch | 155 --------- ...2ban-0.11.2_fix-setuptools-drop-2to3.patch | 64 ---- .../fail2ban-0.11.2_fix-test-suite.patch | 48 --- .../fail2ban-python310-server-action.patch | 27 -- .../fail2ban-python310-server-actions.patch | 25 -- .../fail2ban-python310-server-jails.patch | 25 -- 8 files changed, 147 insertions(+), 528 deletions(-) delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch delete mode 100644 gnu/packages/patches/fail2ban-python310-server-action.patch delete mode 100644 gnu/packages/patches/fail2ban-python310-server-actions.patch delete mode 100644 gnu/packages/patches/fail2ban-python310-server-jails.patch -- 2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 27 Apr 2025 09:10:02 GMT) Full text and rfc822 format available.Message #23 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 1/5] gnu: fail2ban: Move file deletion to source snippet. Date: Sun, 27 Apr 2025 11:08:08 +0200
* gnu/packages/admin.scm (fail2ban)
[arguments]<phases>: Move multiple file deletion from here...
[source]<snippet>: ...to here.
---
gnu/packages/admin.scm | 64 +++++++++++++++++++++---------------------
1 file changed, 32 insertions(+), 32 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index d7ae926809..c6c5188d81 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6244,6 +6244,38 @@ (define-public fail2ban
(modules '((guix build utils)))
(snippet
'(begin
+ ;; deleting things that are not feasible to fix
+ ;; or won't be used any way
+ (with-directory-excursion "config"
+ (for-each delete-file
+ '("paths-arch.conf"
+ "paths-debian.conf"
+ "paths-fedora.conf"
+ "paths-freebsd.conf"
+ "paths-opensuse.conf"
+ "paths-osx.conf")))
+ (with-directory-excursion "config/action.d"
+ (for-each delete-file
+ '("apf.conf"
+ "bsd-ipfw.conf"
+ "dshield.conf"
+ "ipfilter.conf"
+ "ipfw.conf"
+ "firewallcmd-allports.conf"
+ "firewallcmd-common.conf"
+ "firewallcmd-ipset.conf"
+ "firewallcmd-multiport.conf"
+ "firewallcmd-new.conf"
+ "firewallcmd-rich-logging.conf"
+ "firewallcmd-rich-rules.conf"
+ "osx-afctl.conf"
+ "osx-ipfw.conf"
+ "pf.conf"
+ "nginx-block-map.conf"
+ "npf.conf"
+ "shorewall.conf"
+ "shorewall-ipset-proto6.conf"
+ "ufw.conf")))
;; Get rid of absolute file names.
(substitute* "setup.py"
(("/etc/fail2ban")
@@ -6305,38 +6337,6 @@ (define-public fail2ban
"/etc/fail2ban")))))
(add-after 'fix-default-config 'set-action-dependencies
(lambda* (#:key inputs #:allow-other-keys)
- ;; deleting things that are not feasible to fix
- ;; or won't be used any way
- (with-directory-excursion "config"
- (for-each delete-file
- '("paths-arch.conf"
- "paths-debian.conf"
- "paths-fedora.conf"
- "paths-freebsd.conf"
- "paths-opensuse.conf"
- "paths-osx.conf")))
- (with-directory-excursion "config/action.d"
- (for-each delete-file
- '("apf.conf"
- "bsd-ipfw.conf"
- "dshield.conf"
- "ipfilter.conf"
- "ipfw.conf"
- "firewallcmd-allports.conf"
- "firewallcmd-common.conf"
- "firewallcmd-ipset.conf"
- "firewallcmd-multiport.conf"
- "firewallcmd-new.conf"
- "firewallcmd-rich-logging.conf"
- "firewallcmd-rich-rules.conf"
- "osx-afctl.conf"
- "osx-ipfw.conf"
- "pf.conf"
- "nginx-block-map.conf"
- "npf.conf"
- "shorewall.conf"
- "shorewall-ipset-proto6.conf"
- "ufw.conf")))
(let* ((lookup-cmd (lambda (i)
(search-input-file inputs i)))
(bin (lambda (i)
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 27 Apr 2025 09:10:03 GMT) Full text and rfc822 format available.Message #26 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 2/5] gnu: fail2ban: Update to 1.1.0. Date: Sun, 27 Apr 2025 11:08:09 +0200
* gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch,
gnu/packages/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch,
gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch,
gnu/packages/patches/fail2ban-python310-server-action.patch,
gnu/packages/fail2ban-python310-server-actions.patch: Delete patches.
* gnu/local.mk: Deregister patches.
* gnu/packages/admin.scm (fail2ban): Update to 1.1.0.
[source]<snippet>: Use (srfi srfi-26) for readability.
<patches>: Deregister patches.
[build-system]: Switch to pyproject-build-system.
[arguments]<phases>: Remove phase 'invoke-2to3. Add phase
'avoid-external-binary-in-/bin to avoid creating a symlink to
python-wrapper binary during installation (current 'install phase
breaks otherwise).
[native-inputs]: Add python-setuptools, python-wheel.
---
gnu/local.mk | 6 -
gnu/packages/admin.scm | 33 ++--
.../fail2ban-0.11.2_CVE-2021-32749.patch | 155 ------------------
...2ban-0.11.2_fix-setuptools-drop-2to3.patch | 64 --------
.../fail2ban-0.11.2_fix-test-suite.patch | 48 ------
.../fail2ban-python310-server-action.patch | 27 ---
.../fail2ban-python310-server-actions.patch | 25 ---
.../fail2ban-python310-server-jails.patch | 25 ---
8 files changed, 15 insertions(+), 368 deletions(-)
delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch
delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch
delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch
delete mode 100644 gnu/packages/patches/fail2ban-python310-server-action.patch
delete mode 100644 gnu/packages/patches/fail2ban-python310-server-actions.patch
delete mode 100644 gnu/packages/patches/fail2ban-python310-server-jails.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 3f5e4cec38..be2639eeb4 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1259,13 +1259,7 @@ dist_patch_DATA = \
%D%/packages/patches/expat-CVE-2024-45492.patch \
%D%/packages/patches/extempore-unbundle-external-dependencies.patch \
%D%/packages/patches/extundelete-e2fsprogs-1.44.patch \
- %D%/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch \
- %D%/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch \
- %D%/packages/patches/fail2ban-0.11.2_fix-test-suite.patch \
%D%/packages/patches/fail2ban-paths-guix-conf.patch \
- %D%/packages/patches/fail2ban-python310-server-action.patch \
- %D%/packages/patches/fail2ban-python310-server-actions.patch \
- %D%/packages/patches/fail2ban-python310-server-jails.patch \
%D%/packages/patches/faiss-tests-CMakeLists-find-googletest.patch \
%D%/packages/patches/falcosecurity-libs-shared-build.patch \
%D%/packages/patches/farstream-gupnp.patch \
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index c6c5188d81..689e9bcd4a 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6231,7 +6231,7 @@ (define-public sysdig
(define-public fail2ban
(package
(name "fail2ban")
- (version "0.11.2")
+ (version "1.1.0")
(source (origin
(method git-fetch)
(uri (git-reference
@@ -6240,8 +6240,8 @@ (define-public fail2ban
(file-name (git-file-name name version))
(sha256
(base32
- "00d9q8m284q2wy6q462nipzszplfbvrs9fhgn0y3imwsc24kv1db"))
- (modules '((guix build utils)))
+ "0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
+ (modules '((guix build utils) (srfi srfi-26)))
(snippet
'(begin
;; deleting things that are not feasible to fix
@@ -6289,10 +6289,9 @@ (define-public fail2ban
(("'/usr/share/doc/fail2ban'")
"'usr/share/doc/fail2ban'"))
;; disable tests performing unacceptable side-effects
- (let ((make-suite (lambda (t)
- (string-append
- "tests.addTest.unittest.makeSuite."
- t ".."))))
+ (let ((make-suite (cut string-append
+ "tests.addTest\\(loadTests\\("
+ <> "\\)\\)")))
(substitute* "fail2ban/tests/utils.py"
(((make-suite "actiontestcase.CommandActionTest"))
"")
@@ -6311,20 +6310,16 @@ (define-public fail2ban
(((make-suite
"servertestcase.ServerConfigReaderTests"))
"")))))
- (patches (search-patches
- "fail2ban-0.11.2_fix-setuptools-drop-2to3.patch"
- "fail2ban-python310-server-action.patch"
- "fail2ban-python310-server-actions.patch"
- "fail2ban-python310-server-jails.patch"
- "fail2ban-0.11.2_fix-test-suite.patch"
- "fail2ban-0.11.2_CVE-2021-32749.patch"
- "fail2ban-paths-guix-conf.patch"))))
- (build-system python-build-system)
+ (patches (search-patches "fail2ban-paths-guix-conf.patch"))))
+ (build-system pyproject-build-system)
(arguments
'(#:phases (modify-phases %standard-phases
- (add-before 'build 'invoke-2to3
+ (add-after 'unpack 'avoid-external-binary-in-/bin
(lambda _
- (invoke "./fail2ban-2to3")))
+ (delete-file "fail2ban/setup.py")
+ (substitute* '("bin/fail2ban-testcases"
+ "setup.py")
+ ((".*updatePyExec.*") ""))))
(add-before 'install 'fix-default-config
(lambda* (#:key outputs #:allow-other-keys)
(substitute* '("config/paths-common.conf"
@@ -6410,6 +6405,8 @@ (define-public fail2ban
"fail2ban-testcases"))
(for-each install-man5
'("jail.conf")))))))))
+ (native-inputs
+ (list python-setuptools python-wheel))
(inputs (list gawk
coreutils-minimal
curl
diff --git a/gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch b/gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch
deleted file mode 100644
index d3c677918c..0000000000
--- a/gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch
+++ /dev/null
@@ -1,155 +0,0 @@
-From 410a6ce5c80dd981c22752da034f2529b5eee844 Mon Sep 17 00:00:00 2001
-From: sebres <serg.brester <at> sebres.de>
-Date: Mon, 21 Jun 2021 17:12:53 +0200
-Subject: [PATCH] fixed possible RCE vulnerability, unset escape variable
- (default tilde) stops consider "~" char after new-line as composing escape
- sequence
-
----
- config/action.d/complain.conf | 2 +-
- config/action.d/dshield.conf | 2 +-
- config/action.d/mail-buffered.conf | 8 ++++----
- config/action.d/mail-whois-lines.conf | 2 +-
- config/action.d/mail-whois.conf | 6 +++---
- config/action.d/mail.conf | 6 +++---
- 6 files changed, 13 insertions(+), 13 deletions(-)
-
-diff --git a/config/action.d/complain.conf b/config/action.d/complain.conf
-index 3a5f882c9f..4d73b05859 100644
---- a/config/action.d/complain.conf
-+++ b/config/action.d/complain.conf
-@@ -102,7 +102,7 @@ logpath = /dev/null
- # Notes.: Your system mail command. Is passed 2 args: subject and recipient
- # Values: CMD
- #
--mailcmd = mail -s
-+mailcmd = mail -E 'set escape' -s
-
- # Option: mailargs
- # Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
-diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf
-index c128bef348..3d5a7a53a9 100644
---- a/config/action.d/dshield.conf
-+++ b/config/action.d/dshield.conf
-@@ -179,7 +179,7 @@ tcpflags =
- # Notes.: Your system mail command. Is passed 2 args: subject and recipient
- # Values: CMD
- #
--mailcmd = mail -s
-+mailcmd = mail -E 'set escape' -s
-
- # Option: mailargs
- # Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
-diff --git a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf
-index 325f185b2f..79b841049c 100644
---- a/config/action.d/mail-buffered.conf
-+++ b/config/action.d/mail-buffered.conf
-@@ -17,7 +17,7 @@ actionstart = printf %%b "Hi,\n
- The jail <name> has been started successfully.\n
- Output will be buffered until <lines> lines are available.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-
- # Option: actionstop
- # Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
-@@ -28,13 +28,13 @@ actionstop = if [ -f <tmpfile> ]; then
- These hosts have been banned by Fail2Ban.\n
- `cat <tmpfile>`
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest>
- rm <tmpfile>
- fi
- printf %%b "Hi,\n
- The jail <name> has been stopped.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-
- # Option: actioncheck
- # Notes.: command executed once before each actionban command
-@@ -55,7 +55,7 @@ actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
- These hosts have been banned by Fail2Ban.\n
- `cat <tmpfile>`
- \nRegards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary" <dest>
- rm <tmpfile>
- fi
-
-diff --git a/config/action.d/mail-whois-lines.conf b/config/action.d/mail-whois-lines.conf
-index 3a3e56b2c7..d2818cb9b9 100644
---- a/config/action.d/mail-whois-lines.conf
-+++ b/config/action.d/mail-whois-lines.conf
-@@ -72,7 +72,7 @@ actionunban =
- # Notes.: Your system mail command. Is passed 2 args: subject and recipient
- # Values: CMD
- #
--mailcmd = mail -s
-+mailcmd = mail -E 'set escape' -s
-
- # Default name of the chain
- #
-diff --git a/config/action.d/mail-whois.conf b/config/action.d/mail-whois.conf
-index 7fea34c40d..ab33b616dc 100644
---- a/config/action.d/mail-whois.conf
-+++ b/config/action.d/mail-whois.conf
-@@ -20,7 +20,7 @@ norestored = 1
- actionstart = printf %%b "Hi,\n
- The jail <name> has been started successfully.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-
- # Option: actionstop
- # Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
-@@ -29,7 +29,7 @@ actionstart = printf %%b "Hi,\n
- actionstop = printf %%b "Hi,\n
- The jail <name> has been stopped.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-
- # Option: actioncheck
- # Notes.: command executed once before each actionban command
-@@ -49,7 +49,7 @@ actionban = printf %%b "Hi,\n
- Here is more information about <ip> :\n
- `%(_whois_command)s`\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
-
- # Option: actionunban
- # Notes.: command executed when unbanning an IP. Take care that the
-diff --git a/config/action.d/mail.conf b/config/action.d/mail.conf
-index 5d8c0e154c..f4838ddcb6 100644
---- a/config/action.d/mail.conf
-+++ b/config/action.d/mail.conf
-@@ -16,7 +16,7 @@ norestored = 1
- actionstart = printf %%b "Hi,\n
- The jail <name> has been started successfully.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-
- # Option: actionstop
- # Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
-@@ -25,7 +25,7 @@ actionstart = printf %%b "Hi,\n
- actionstop = printf %%b "Hi,\n
- The jail <name> has been stopped.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-
- # Option: actioncheck
- # Notes.: command executed once before each actionban command
-@@ -43,7 +43,7 @@ actionban = printf %%b "Hi,\n
- The IP <ip> has just been banned by Fail2Ban after
- <failures> attempts against <name>.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
-
- # Option: actionunban
- # Notes.: command executed when unbanning an IP. Take care that the
diff --git a/gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch b/gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch
deleted file mode 100644
index b0b14364b1..0000000000
--- a/gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From 5ac303df8a171f748330d4c645ccbf1c2c7f3497 Mon Sep 17 00:00:00 2001
-From: sebres <info <at> sebres.de>
-Date: Sun, 19 Sep 2021 18:49:18 +0200
-Subject: [PATCH] fix gh-3098: build fails with error in fail2ban setup
- command: use_2to3 is invalid (setuptools 58+)
-
----
- setup.py | 16 +---------------
- 1 file changed, 1 insertion(+), 15 deletions(-)
-
-diff --git a/setup.py b/setup.py
-index f4c2550f6f..98413273c5 100755
---- a/setup.py
-+++ b/setup.py
-@@ -48,7 +48,7 @@
- from glob import glob
-
- from fail2ban.setup import updatePyExec
--
-+from fail2ban.version import version
-
- source_dir = os.path.realpath(os.path.dirname(
- # __file__ seems to be overwritten sometimes on some python versions (e.g. bug of 2.6 by running under cProfile, etc.):
-@@ -112,22 +112,12 @@ def update_scripts(self, dry_run=False):
- # Wrapper to specify fail2ban own options:
- class install_command_f2b(install):
- user_options = install.user_options + [
-- ('disable-2to3', None, 'Specify to deactivate 2to3, e.g. if the install runs from fail2ban test-cases.'),
- ('without-tests', None, 'without tests files installation'),
- ]
- def initialize_options(self):
-- self.disable_2to3 = None
- self.without_tests = not with_tests
- install.initialize_options(self)
- def finalize_options(self):
-- global _2to3
-- ## in the test cases 2to3 should be already done (fail2ban-2to3):
-- if self.disable_2to3:
-- _2to3 = False
-- if _2to3:
-- cmdclass = self.distribution.cmdclass
-- cmdclass['build_py'] = build_py_2to3
-- cmdclass['build_scripts'] = build_scripts_2to3
- if self.without_tests:
- self.distribution.scripts.remove('bin/fail2ban-testcases')
-
-@@ -178,7 +168,6 @@ def run(self):
- if setuptools:
- setup_extra = {
- 'test_suite': "fail2ban.tests.utils.gatherTests",
-- 'use_2to3': True,
- }
- else:
- setup_extra = {}
-@@ -202,9 +191,6 @@ def run(self):
- ('/usr/share/doc/fail2ban', doc_files)
- )
-
--# Get version number, avoiding importing fail2ban.
--# This is due to tests not functioning for python3 as 2to3 takes place later
--exec(open(join("fail2ban", "version.py")).read())
-
- setup(
- name = "fail2ban",
diff --git a/gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch b/gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch
deleted file mode 100644
index 91d973e72e..0000000000
--- a/gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From 747d4683221b5584f9663695fb48145689b42ceb Mon Sep 17 00:00:00 2001
-From: sebres <info <at> sebres.de>
-Date: Mon, 4 Jan 2021 02:42:38 +0100
-Subject: [PATCH] fixes century selector of %ExY and %Exy in datepattern for
- tests, considering interval from 2005 (alternate now) to now; + better
- grouping algorithm for resulting century RE
-
----
- fail2ban/server/strptime.py | 24 ++++++++++++++++++++++--
- 1 file changed, 22 insertions(+), 2 deletions(-)
-
-diff --git a/fail2ban/server/strptime.py b/fail2ban/server/strptime.py
-index 1464a96d1f..39fc795865 100644
---- a/fail2ban/server/strptime.py
-+++ b/fail2ban/server/strptime.py
-@@ -36,10 +36,30 @@ def _getYearCentRE(cent=(0,3), distance=3, now=(MyTime.now(), MyTime.alternateNo
- Thereby respect possible run in the test-cases (alternate date used there)
- """
- cent = lambda year, f=cent[0], t=cent[1]: str(year)[f:t]
-+ def grp(exprset):
-+ c = None
-+ if len(exprset) > 1:
-+ for i in exprset:
-+ if c is None or i[0:-1] == c:
-+ c = i[0:-1]
-+ else:
-+ c = None
-+ break
-+ if not c:
-+ for i in exprset:
-+ if c is None or i[0] == c:
-+ c = i[0]
-+ else:
-+ c = None
-+ break
-+ if c:
-+ return "%s%s" % (c, grp([i[len(c):] for i in exprset]))
-+ return ("(?:%s)" % "|".join(exprset) if len(exprset[0]) > 1 else "[%s]" % "".join(exprset)) \
-+ if len(exprset) > 1 else "".join(exprset)
- exprset = set( cent(now[0].year + i) for i in (-1, distance) )
- if len(now) and now[1]:
-- exprset |= set( cent(now[1].year + i) for i in (-1, distance) )
-- return "(?:%s)" % "|".join(exprset) if len(exprset) > 1 else "".join(exprset)
-+ exprset |= set( cent(now[1].year + i) for i in xrange(-1, now[0].year-now[1].year+1, distance) )
-+ return grp(sorted(list(exprset)))
-
- timeRE = TimeRE()
-
diff --git a/gnu/packages/patches/fail2ban-python310-server-action.patch b/gnu/packages/patches/fail2ban-python310-server-action.patch
deleted file mode 100644
index 723d7f7aa6..0000000000
--- a/gnu/packages/patches/fail2ban-python310-server-action.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 2b6bb2c1bed8f7009631e8f8c306fa3160324a49 Mon Sep 17 00:00:00 2001
-From: "Sergey G. Brester" <serg.brester <at> sebres.de>
-Date: Mon, 8 Feb 2021 17:19:24 +0100
-Subject: [PATCH] follow bpo-37324: :ref:`collections-abstract-base-classes`
- moved to the :mod:`collections.abc` module
-
-(since 3.10-alpha.5 `MutableMapping` is missing in collections module)
----
- fail2ban/server/action.py | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/fail2ban/server/action.py b/fail2ban/server/action.py
-index 3bc48fe046..f0f1e6f59a 100644
---- a/fail2ban/server/action.py
-+++ b/fail2ban/server/action.py
-@@ -30,7 +30,10 @@
- import threading
- import time
- from abc import ABCMeta
--from collections import MutableMapping
-+try:
-+ from collections.abc import MutableMapping
-+except ImportError:
-+ from collections import MutableMapping
-
- from .failregex import mapTag2Opt
- from .ipdns import DNSUtils
diff --git a/gnu/packages/patches/fail2ban-python310-server-actions.patch b/gnu/packages/patches/fail2ban-python310-server-actions.patch
deleted file mode 100644
index e31316d28b..0000000000
--- a/gnu/packages/patches/fail2ban-python310-server-actions.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 42dee38ad2ac5c3f23bdf297d824022923270dd9 Mon Sep 17 00:00:00 2001
-From: "Sergey G. Brester" <serg.brester <at> sebres.de>
-Date: Mon, 8 Feb 2021 17:25:45 +0100
-Subject: [PATCH] amend for `Mapping`
-
----
- fail2ban/server/actions.py | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py
-index b7b95b445a..897d907c1a 100644
---- a/fail2ban/server/actions.py
-+++ b/fail2ban/server/actions.py
-@@ -28,7 +28,10 @@
- import os
- import sys
- import time
--from collections import Mapping
-+try:
-+ from collections.abc import Mapping
-+except ImportError:
-+ from collections import Mapping
- try:
- from collections import OrderedDict
- except ImportError:
diff --git a/gnu/packages/patches/fail2ban-python310-server-jails.patch b/gnu/packages/patches/fail2ban-python310-server-jails.patch
deleted file mode 100644
index e5873c415e..0000000000
--- a/gnu/packages/patches/fail2ban-python310-server-jails.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 9f1d1f4fbd0804695a976beb191f2c49a2739834 Mon Sep 17 00:00:00 2001
-From: "Sergey G. Brester" <serg.brester <at> sebres.de>
-Date: Mon, 8 Feb 2021 17:35:59 +0100
-Subject: [PATCH] amend for `Mapping` (jails)
-
----
- fail2ban/server/jails.py | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/fail2ban/server/jails.py b/fail2ban/server/jails.py
-index 972a8c4bd2..27e12ddf65 100644
---- a/fail2ban/server/jails.py
-+++ b/fail2ban/server/jails.py
-@@ -22,7 +22,10 @@
- __license__ = "GPL"
-
- from threading import Lock
--from collections import Mapping
-+try:
-+ from collections.abc import Mapping
-+except ImportError:
-+ from collections import Mapping
-
- from ..exceptions import DuplicateJailException, UnknownJailException
- from .jail import Jail
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 27 Apr 2025 09:10:03 GMT) Full text and rfc822 format available.Message #29 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 3/5] gnu: fail2ban: Improve style. Date: Sun, 27 Apr 2025 11:08:10 +0200
* gnu/packages/admin.scm (fail2ban): Improve style (through guix-style).
[arguments]<phases>: Rewrite using gexps. Rewrite phases
'set-action-dependencies and copy-man-pages for readability.
---
gnu/packages/admin.scm | 321 +++++++++++++++++++----------------------
1 file changed, 148 insertions(+), 173 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 689e9bcd4a..1f48eb264d 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6232,181 +6232,156 @@ (define-public fail2ban
(package
(name "fail2ban")
(version "1.1.0")
- (source (origin
- (method git-fetch)
- (uri (git-reference
- (url "https://github.com/fail2ban/fail2ban")
- (commit version)))
- (file-name (git-file-name name version))
- (sha256
- (base32
- "0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
- (modules '((guix build utils) (srfi srfi-26)))
- (snippet
- '(begin
- ;; deleting things that are not feasible to fix
- ;; or won't be used any way
- (with-directory-excursion "config"
- (for-each delete-file
- '("paths-arch.conf"
- "paths-debian.conf"
- "paths-fedora.conf"
- "paths-freebsd.conf"
- "paths-opensuse.conf"
- "paths-osx.conf")))
- (with-directory-excursion "config/action.d"
- (for-each delete-file
- '("apf.conf"
- "bsd-ipfw.conf"
- "dshield.conf"
- "ipfilter.conf"
- "ipfw.conf"
- "firewallcmd-allports.conf"
- "firewallcmd-common.conf"
- "firewallcmd-ipset.conf"
- "firewallcmd-multiport.conf"
- "firewallcmd-new.conf"
- "firewallcmd-rich-logging.conf"
- "firewallcmd-rich-rules.conf"
- "osx-afctl.conf"
- "osx-ipfw.conf"
- "pf.conf"
- "nginx-block-map.conf"
- "npf.conf"
- "shorewall.conf"
- "shorewall-ipset-proto6.conf"
- "ufw.conf")))
- ;; Get rid of absolute file names.
- (substitute* "setup.py"
- (("/etc/fail2ban")
- "etc/fail2ban")
- (("/var/lib/fail2ban")
- "var/lib/fail2ban")
- (("\"/usr/bin/\"")
- "\"usr/bin/\"")
- (("\"/usr/lib/fail2ban/\"")
- "\"usr/lib/fail2ban/\"")
- (("'/usr/share/doc/fail2ban'")
- "'usr/share/doc/fail2ban'"))
- ;; disable tests performing unacceptable side-effects
- (let ((make-suite (cut string-append
- "tests.addTest\\(loadTests\\("
- <> "\\)\\)")))
- (substitute* "fail2ban/tests/utils.py"
- (((make-suite "actiontestcase.CommandActionTest"))
- "")
- (((make-suite "misctestcase.SetupTest"))
- "")
- (((make-suite
- "filtertestcase.DNSUtilsNetworkTests"))
- "")
- (((make-suite "filtertestcase.IgnoreIPDNS"))
- "")
- (((make-suite "filtertestcase.GetFailures"))
- "")
- (((make-suite
- "fail2banclienttestcase.Fail2banServerTest"))
- "")
- (((make-suite
- "servertestcase.ServerConfigReaderTests"))
- "")))))
- (patches (search-patches "fail2ban-paths-guix-conf.patch"))))
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/fail2ban/fail2ban")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
+ (modules '((guix build utils)
+ (srfi srfi-26)))
+ (snippet '(begin
+ ;; deleting things that are not feasible to fix
+ ;; or won't be used any way
+ (with-directory-excursion "config"
+ (for-each delete-file
+ '("paths-arch.conf" "paths-debian.conf"
+ "paths-fedora.conf" "paths-freebsd.conf"
+ "paths-opensuse.conf" "paths-osx.conf")))
+ (with-directory-excursion "config/action.d"
+ (for-each delete-file
+ '("apf.conf" "bsd-ipfw.conf"
+ "dshield.conf"
+ "ipfilter.conf"
+ "ipfw.conf"
+ "firewallcmd-allports.conf"
+ "firewallcmd-common.conf"
+ "firewallcmd-ipset.conf"
+ "firewallcmd-multiport.conf"
+ "firewallcmd-new.conf"
+ "firewallcmd-rich-logging.conf"
+ "firewallcmd-rich-rules.conf"
+ "osx-afctl.conf"
+ "osx-ipfw.conf"
+ "pf.conf"
+ "nginx-block-map.conf"
+ "npf.conf"
+ "shorewall.conf"
+ "shorewall-ipset-proto6.conf"
+ "ufw.conf")))
+ ;; Get rid of absolute file names.
+ (substitute* "setup.py"
+ (("/etc/fail2ban")
+ "etc/fail2ban")
+ (("/var/lib/fail2ban")
+ "var/lib/fail2ban")
+ (("\"/usr/bin/\"")
+ "\"usr/bin/\"")
+ (("\"/usr/lib/fail2ban/\"")
+ "\"usr/lib/fail2ban/\"")
+ (("'/usr/share/doc/fail2ban'")
+ "'usr/share/doc/fail2ban'"))
+ ;; disable tests performing unacceptable side-effects
+ (let ((make-suite (cut string-append
+ "tests.addTest\\(loadTests\\(" <>
+ "\\)\\)")))
+ (substitute* "fail2ban/tests/utils.py"
+ (((make-suite "actiontestcase.CommandActionTest"))
+ "")
+ (((make-suite "misctestcase.SetupTest"))
+ "")
+ (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
+ "")
+ (((make-suite "filtertestcase.IgnoreIPDNS"))
+ "")
+ (((make-suite "filtertestcase.GetFailures"))
+ "")
+ (((make-suite
+ "fail2banclienttestcase.Fail2banServerTest"))
+ "")
+ (((make-suite "servertestcase.ServerConfigReaderTests"))
+ "")))))
+ (patches (search-patches "fail2ban-paths-guix-conf.patch"))))
(build-system pyproject-build-system)
(arguments
- '(#:phases (modify-phases %standard-phases
- (add-after 'unpack 'avoid-external-binary-in-/bin
- (lambda _
- (delete-file "fail2ban/setup.py")
- (substitute* '("bin/fail2ban-testcases"
- "setup.py")
- ((".*updatePyExec.*") ""))))
- (add-before 'install 'fix-default-config
- (lambda* (#:key outputs #:allow-other-keys)
- (substitute* '("config/paths-common.conf"
- "fail2ban/tests/utils.py"
- "fail2ban/client/configreader.py"
- "fail2ban/client/fail2bancmdline.py"
- "fail2ban/client/fail2banregex.py")
- (("/etc/fail2ban")
- (string-append (assoc-ref outputs "out")
- "/etc/fail2ban")))))
- (add-after 'fix-default-config 'set-action-dependencies
- (lambda* (#:key inputs #:allow-other-keys)
- (let* ((lookup-cmd (lambda (i)
- (search-input-file inputs i)))
- (bin (lambda (i)
- (lookup-cmd (string-append "/bin/" i))))
- (sbin (lambda (i)
- (lookup-cmd (string-append "/sbin/" i))))
- (ip (sbin "ip"))
- (sendmail (sbin "sendmail")))
- (substitute* (find-files "config/action.d" "\\.conf$")
- ;; TODO: deal with geoiplookup ..
- (("(awk|curl|dig|jq)" all cmd)
- (bin cmd))
- (("(cat|echo|grep|head|printf|wc) " all
- cmd)
- (string-append (bin cmd) " "))
- ((" (date|rm|sed|tail|touch|tr) " all
- cmd)
- (string-append " "
- (bin cmd) " "))
- (("cut -d")
- (string-append (bin "cut") " -d"))
- (("`date`")
- (string-append "`"
- (bin "date") "`"))
- (("id -")
- (string-append (bin "id") " -"))
- (("ip -([46]) addr" all ver)
- (string-append ip " -" ver " addr"))
- (("ip route")
- (string-append ip " route"))
- (("ipset ")
- (string-append (sbin "ipset") " "))
- (("(iptables|ip6tables) <" all cmd)
- (string-append (sbin cmd) " <"))
- (("/usr/bin/nsupdate")
- (bin "nsupdate"))
- (("mail -E")
- (string-append sendmail " -E"))
- (("nftables = nft")
- (string-append "nftables = " (sbin "nft")))
- (("perl -e")
- (string-append (bin "perl") " -e"))
- (("/usr/sbin/sendmail")
- sendmail)
- (("test -e")
- (string-append (bin "test") " -e"))
- (("_whois = whois")
- (string-append "_whois = " (bin "whois")))))
- (substitute* "config/jail.conf"
- (("before = paths-debian.conf")
- "before = paths-guix.conf"))))
- (add-after 'install 'copy-man-pages
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((man (string-append (assoc-ref outputs "out")
- "/man"))
- (install-man (lambda (m)
- (lambda (f)
- (install-file (string-append f
- "." m)
- (string-append man
- "/man" m)))))
- (install-man1 (install-man "1"))
- (install-man5 (install-man "5")))
- (with-directory-excursion "man"
- (for-each install-man1
- '("fail2ban"
- "fail2ban-client"
- "fail2ban-python"
- "fail2ban-regex"
- "fail2ban-server"
- "fail2ban-testcases"))
- (for-each install-man5
- '("jail.conf")))))))))
- (native-inputs
- (list python-setuptools python-wheel))
+ (list
+ #:phases
+ #~(modify-phases %standard-phases
+ (add-after 'unpack 'avoid-external-binary-in-/bin
+ (lambda _
+ (delete-file "fail2ban/setup.py")
+ (substitute* '("bin/fail2ban-testcases" "setup.py")
+ ((".*updatePyExec.*")
+ ""))))
+ (add-before 'install 'fix-default-config
+ (lambda _
+ (substitute* '("config/paths-common.conf"
+ "fail2ban/tests/utils.py"
+ "fail2ban/client/configreader.py"
+ "fail2ban/client/fail2bancmdline.py"
+ "fail2ban/client/fail2banregex.py")
+ (("/etc/fail2ban")
+ (string-append #$output "/etc/fail2ban")))))
+ (add-after 'fix-default-config 'set-action-dependencies
+ (lambda* (#:key inputs #:allow-other-keys)
+ (define (lookup dir file)
+ (search-input-file inputs (string-append "/" dir "/" file)))
+
+ (substitute* (find-files "config/action.d" "\\.conf$")
+ ;; TODO: deal with geoiplookup ..
+ (("(awk|curl|dig|jq)" all cmd)
+ (lookup "bin" cmd))
+ (("(cat|echo|grep|head|printf|wc) " all cmd)
+ (string-append (lookup "bin" cmd) " "))
+ ((" (date|rm|sed|tail|touch|tr) " all cmd)
+ (string-append " " (lookup "bin" cmd) " "))
+ (("cut -d")
+ (string-append (lookup "bin" "cut") " -d"))
+ (("`date`")
+ (string-append "`" (lookup "bin" "date") "`"))
+ (("id -")
+ (string-append (lookup "bin" "id") " -"))
+ (("ip (route|-[46] addr)" all rest)
+ (string-append (lookup "sbin" "ip") rest))
+ (("ipset ")
+ (string-append (lookup "sbin" "ipset") " "))
+ (("(iptables|ip6tables) <" all cmd)
+ (string-append (lookup "sbin" cmd) " <"))
+ (("/usr/bin/nsupdate")
+ (lookup "bin" "nsupdate"))
+ (("mail -E")
+ (string-append (lookup "sbin" "sendmail") " -E"))
+ (("nftables = nft")
+ (string-append "nftables = " (lookup "sbin" "nft")))
+ (("perl -e")
+ (string-append (lookup "bin" "perl") " -e"))
+ (("/usr/sbin/sendmail")
+ (lookup "sbin" "sendmail"))
+ (("test -e")
+ (string-append (lookup "bin" "test") " -e"))
+ (("_whois = whois")
+ (string-append "_whois = " (lookup "bin" "whois"))))
+
+ (substitute* "config/jail.conf"
+ (("before = paths-debian.conf")
+ "before = paths-guix.conf"))))
+ (add-after 'install 'copy-man-pages
+ (lambda _
+ (define (install-man m)
+ (lambda (f)
+ (install-file (string-append f "." m)
+ (string-append #$output "man/man" m))))
+
+ (with-directory-excursion "man"
+ (for-each (install-man "1")
+ '("fail2ban" "fail2ban-client" "fail2ban-python"
+ "fail2ban-regex" "fail2ban-server"
+ "fail2ban-testcases"))
+ ((install-man "5") "jail.conf")))))))
+ (native-inputs (list python-setuptools python-wheel))
(inputs (list gawk
coreutils-minimal
curl
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 27 Apr 2025 09:10:04 GMT) Full text and rfc822 format available.Message #32 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 4/5] gnu: fail2ban: Improve snippet. Date: Sun, 27 Apr 2025 11:08:11 +0200
* gnu/packages/admin.scm (fail2ban)
[source]<modules>: Remove (srfi srfi-26).
<snippet>: Use gexp. Move substitute* patches...
[arguments]<phases>: ...to phases 'patch-setup.py and 'disable-some-tests.
---
gnu/packages/admin.scm | 127 +++++++++++++++++++++--------------------
1 file changed, 64 insertions(+), 63 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 1f48eb264d..25bce63aaf 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6241,69 +6241,36 @@ (define-public fail2ban
(file-name (git-file-name name version))
(sha256
(base32 "0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
- (modules '((guix build utils)
- (srfi srfi-26)))
- (snippet '(begin
- ;; deleting things that are not feasible to fix
- ;; or won't be used any way
- (with-directory-excursion "config"
- (for-each delete-file
- '("paths-arch.conf" "paths-debian.conf"
- "paths-fedora.conf" "paths-freebsd.conf"
- "paths-opensuse.conf" "paths-osx.conf")))
- (with-directory-excursion "config/action.d"
- (for-each delete-file
- '("apf.conf" "bsd-ipfw.conf"
- "dshield.conf"
- "ipfilter.conf"
- "ipfw.conf"
- "firewallcmd-allports.conf"
- "firewallcmd-common.conf"
- "firewallcmd-ipset.conf"
- "firewallcmd-multiport.conf"
- "firewallcmd-new.conf"
- "firewallcmd-rich-logging.conf"
- "firewallcmd-rich-rules.conf"
- "osx-afctl.conf"
- "osx-ipfw.conf"
- "pf.conf"
- "nginx-block-map.conf"
- "npf.conf"
- "shorewall.conf"
- "shorewall-ipset-proto6.conf"
- "ufw.conf")))
- ;; Get rid of absolute file names.
- (substitute* "setup.py"
- (("/etc/fail2ban")
- "etc/fail2ban")
- (("/var/lib/fail2ban")
- "var/lib/fail2ban")
- (("\"/usr/bin/\"")
- "\"usr/bin/\"")
- (("\"/usr/lib/fail2ban/\"")
- "\"usr/lib/fail2ban/\"")
- (("'/usr/share/doc/fail2ban'")
- "'usr/share/doc/fail2ban'"))
- ;; disable tests performing unacceptable side-effects
- (let ((make-suite (cut string-append
- "tests.addTest\\(loadTests\\(" <>
- "\\)\\)")))
- (substitute* "fail2ban/tests/utils.py"
- (((make-suite "actiontestcase.CommandActionTest"))
- "")
- (((make-suite "misctestcase.SetupTest"))
- "")
- (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
- "")
- (((make-suite "filtertestcase.IgnoreIPDNS"))
- "")
- (((make-suite "filtertestcase.GetFailures"))
- "")
- (((make-suite
- "fail2banclienttestcase.Fail2banServerTest"))
- "")
- (((make-suite "servertestcase.ServerConfigReaderTests"))
- "")))))
+ (modules '((guix build utils)))
+ (snippet #~(begin
+ ;; deleting things that are not feasible to fix
+ ;; or won't be used any way
+ (with-directory-excursion "config"
+ (for-each delete-file
+ '("paths-arch.conf" "paths-debian.conf"
+ "paths-fedora.conf" "paths-freebsd.conf"
+ "paths-opensuse.conf" "paths-osx.conf")))
+ (with-directory-excursion "config/action.d"
+ (for-each delete-file
+ '("apf.conf" "bsd-ipfw.conf"
+ "dshield.conf"
+ "ipfilter.conf"
+ "ipfw.conf"
+ "firewallcmd-allports.conf"
+ "firewallcmd-common.conf"
+ "firewallcmd-ipset.conf"
+ "firewallcmd-multiport.conf"
+ "firewallcmd-new.conf"
+ "firewallcmd-rich-logging.conf"
+ "firewallcmd-rich-rules.conf"
+ "osx-afctl.conf"
+ "osx-ipfw.conf"
+ "pf.conf"
+ "nginx-block-map.conf"
+ "npf.conf"
+ "shorewall.conf"
+ "shorewall-ipset-proto6.conf"
+ "ufw.conf")))))
(patches (search-patches "fail2ban-paths-guix-conf.patch"))))
(build-system pyproject-build-system)
(arguments
@@ -6316,6 +6283,40 @@ (define-public fail2ban
(substitute* '("bin/fail2ban-testcases" "setup.py")
((".*updatePyExec.*")
""))))
+ (add-after 'unpack 'patch-setup.py
+ (lambda _
+ ;; Get rid of absolute file names.
+ (substitute* "setup.py"
+ (("/etc/fail2ban")
+ "etc/fail2ban")
+ (("/var/lib/fail2ban")
+ "var/lib/fail2ban")
+ (("\"/usr/bin/\"")
+ "\"usr/bin/\"")
+ (("\"/usr/lib/fail2ban/\"")
+ "\"usr/lib/fail2ban/\"")
+ (("'/usr/share/doc/fail2ban'")
+ "'usr/share/doc/fail2ban'"))))
+ (add-after 'unpack 'disable-some-tests
+ (lambda _
+ (define (make-suite str)
+ (string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
+ ;; disable tests performing unacceptable side-effects
+ (substitute* "fail2ban/tests/utils.py"
+ (((make-suite "actiontestcase.CommandActionTest"))
+ "")
+ (((make-suite "misctestcase.SetupTest"))
+ "")
+ (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
+ "")
+ (((make-suite "filtertestcase.IgnoreIPDNS"))
+ "")
+ (((make-suite "filtertestcase.GetFailures"))
+ "")
+ (((make-suite "fail2banclienttestcase.Fail2banServerTest"))
+ "")
+ (((make-suite "servertestcase.ServerConfigReaderTests"))
+ ""))))
(add-before 'install 'fix-default-config
(lambda _
(substitute* '("config/paths-common.conf"
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 27 Apr 2025 09:10:04 GMT) Full text and rfc822 format available.Message #35 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 5/5] gnu: fail2ban: Improve style. Date: Sun, 27 Apr 2025 11:08:12 +0200
* gnu/packages/admin.scm (fail2ban)[arguments]<phases>: Rewrite phase
'disable-some-tests.
---
gnu/packages/admin.scm | 26 +++++++++++---------------
1 file changed, 11 insertions(+), 15 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 25bce63aaf..777d0abb47 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6299,23 +6299,19 @@ (define-public fail2ban
"'usr/share/doc/fail2ban'"))))
(add-after 'unpack 'disable-some-tests
(lambda _
- (define (make-suite str)
- (string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
+ (define (make-suite-regex tests)
+ (string-append "tests.addTest\\(loadTests\\(("
+ (string-join tests "|")
+ ")\\)\\)"))
;; disable tests performing unacceptable side-effects
(substitute* "fail2ban/tests/utils.py"
- (((make-suite "actiontestcase.CommandActionTest"))
- "")
- (((make-suite "misctestcase.SetupTest"))
- "")
- (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
- "")
- (((make-suite "filtertestcase.IgnoreIPDNS"))
- "")
- (((make-suite "filtertestcase.GetFailures"))
- "")
- (((make-suite "fail2banclienttestcase.Fail2banServerTest"))
- "")
- (((make-suite "servertestcase.ServerConfigReaderTests"))
+ (((make-suite-regex (list "actiontestcase.CommandActionTest"
+ "misctestcase.SetupTest"
+ "filtertestcase.DNSUtilsNetworkTests"
+ "filtertestcase.IgnoreIPDNS"
+ "filtertestcase.GetFailures"
+ "fail2banclienttestcase.Fail2banServerTest"
+ "servertestcase.ServerConfigReaderTests")))
""))))
(add-before 'install 'fix-default-config
(lambda _
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Tue, 29 Apr 2025 08:01:01 GMT) Full text and rfc822 format available.Message #38 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Andreas Enge <andreas <at> enge.fr> To: Nicolas Graves <ngraves <at> ngraves.fr> Cc: 78066 <at> debbugs.gnu.org, Rodion Goritskov <rodion <at> goritskov.com> Subject: Re: [PATCH v2 1/5] gnu: fail2ban: Move file deletion to source snippet. Date: Tue, 29 Apr 2025 10:00:24 +0200
Hello Nicolas, thanks for the update! Am Sun, Apr 27, 2025 at 11:08:08AM +0200 schrieb Nicolas Graves: > * gnu/packages/admin.scm (fail2ban) > [arguments]<phases>: Move multiple file deletion from here... > [source]<snippet>: ...to here. > + ;; deleting things that are not feasible to fix > + ;; or won't be used any way What is the motivation for this change? I think we always remove non-free code and often bundled libraries in a snippet, but changes only related to the idiosyncrasies of Guix usually occur in the phases. In this way, "guix build -S" returns essentially the source code of a package. But this is not written policy, so no hard obstacle to pushing the commit; I just do not see why a snippet would be better than a phase. Andreas
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Tue, 29 Apr 2025 21:28:05 GMT) Full text and rfc822 format available.Message #41 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Rodion Goritskov <rodion <at> goritskov.com> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: Re: [bug#78066] [PATCH v2 0/5] Update fail2ban. Date: Tue, 29 Apr 2025 23:26:54 +0200
Hi Nicolas! Thank you for your patch, it is great to have the updated version of fail2ban. I quickly tried to run available tests for fail2ban (it appears that Guix has some). I applied your patches and tried running: > make check-system TESTS="fail2ban-basic fail2ban-extension > fail2ban-simple" To find out that tests are failing: > /gnu/store/amc2p1x9gkgn6q6arak7ki4yxzcbs2cc-fail2ban-basic-test-builder:1: FAIL fail2ban running > /gnu/store/amc2p1x9gkgn6q6arak7ki4yxzcbs2cc-fail2ban-basic-test-builder:1: FAIL fail2ban socket ready > PASS: fail2ban running after restart > /gnu/store/amc2p1x9gkgn6q6arak7ki4yxzcbs2cc-fail2ban-basic-test-builder:1: FAIL fail2ban socket ready after restart > /gnu/store/amc2p1x9gkgn6q6arak7ki4yxzcbs2cc-fail2ban-basic-test-builder:1: FAIL fail2ban pid ready > /gnu/store/amc2p1x9gkgn6q6arak7ki4yxzcbs2cc-fail2ban-basic-test-builder:1: FAIL fail2ban log file > /gnu/store/amc2p1x9gkgn6q6arak7ki4yxzcbs2cc-fail2ban-basic-test-builder:1: FAIL fail2ban sshd jail running status output > /gnu/store/amc2p1x9gkgn6q6arak7ki4yxzcbs2cc-fail2ban-basic-test-builder:1: FAIL fail2ban sshd jail running exit code I have not investigated this problem yet, will try to do it tomorrow evening. Looks like "simple" and "extension" tests were already unstable (as per ci.guix.gnu.org), but "basic" was passing before the Python upgrade and the following changes.
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Wed, 30 Apr 2025 08:00:02 GMT) Full text and rfc822 format available.Message #44 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: Andreas Enge <andreas <at> enge.fr> Cc: 78066 <at> debbugs.gnu.org, Rodion Goritskov <rodion <at> goritskov.com> Subject: Re: [bug#78066] [PATCH v2 1/5] gnu: fail2ban: Move file deletion to source snippet. Date: Wed, 30 Apr 2025 09:59:51 +0200
On 2025-04-29 10:00, Andreas Enge wrote: > Hello Nicolas, > > thanks for the update! > > Am Sun, Apr 27, 2025 at 11:08:08AM +0200 schrieb Nicolas Graves: >> * gnu/packages/admin.scm (fail2ban) >> [arguments]<phases>: Move multiple file deletion from here... >> [source]<snippet>: ...to here. >> + ;; deleting things that are not feasible to fix >> + ;; or won't be used any way > > What is the motivation for this change? I think we always remove > non-free code and often bundled libraries in a snippet, but changes only > related to the idiosyncrasies of Guix usually occur in the phases. In this > way, "guix build -S" returns essentially the source code of a package. > > But this is not written policy, so no hard obstacle to pushing the > commit; I just do not see why a snippet would be better than a phase. My rationale was that those files are not going to be used and are replaced by a guix alternative file, provided as a patch. Since they are removed anyway, it's arguably better to remove them from source too, as not to download them when not needed. It might also be better for readability of the phases replacement. But it's not also an issue if we prefer to keep them in phases, I don't really care. -- Best regards, Nicolas Graves
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Wed, 30 Apr 2025 08:42:02 GMT) Full text and rfc822 format available.Message #47 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: Andreas Enge <andreas <at> enge.fr> Cc: 78066 <at> debbugs.gnu.org, Rodion Goritskov <rodion <at> goritskov.com> Subject: Re: [bug#78066] [PATCH v2 1/5] gnu: fail2ban: Move file deletion to source snippet. Date: Wed, 30 Apr 2025 10:41:29 +0200
On 2025-04-30 09:59, Nicolas Graves wrote: > On 2025-04-29 10:00, Andreas Enge wrote: > >> Hello Nicolas, >> >> thanks for the update! >> >> Am Sun, Apr 27, 2025 at 11:08:08AM +0200 schrieb Nicolas Graves: >>> * gnu/packages/admin.scm (fail2ban) >>> [arguments]<phases>: Move multiple file deletion from here... >>> [source]<snippet>: ...to here. >>> + ;; deleting things that are not feasible to fix >>> + ;; or won't be used any way >> >> What is the motivation for this change? I think we always remove >> non-free code and often bundled libraries in a snippet, but changes only >> related to the idiosyncrasies of Guix usually occur in the phases. In this >> way, "guix build -S" returns essentially the source code of a package. >> >> But this is not written policy, so no hard obstacle to pushing the >> commit; I just do not see why a snippet would be better than a phase. > > My rationale was that those files are not going to be used and are > replaced by a guix alternative file, provided as a patch. Since they > are removed anyway, it's arguably better to remove them from source too, > as not to download them when not needed. It might also be better for > readability of the phases replacement. > > But it's not also an issue if we prefer to keep them in phases, I don't > really care. Maybe it's better to only remove files for other distros in snippet, and remove files in action.d in phases, that would make better sense overall IMO. I'll change that. -- Best regards, Nicolas Graves
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sat, 03 May 2025 14:03:02 GMT) Full text and rfc822 format available.Message #50 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 1/6] gnu: fail2ban: Move file deletion to source snippet. Date: Sat, 3 May 2025 15:59:57 +0200
* gnu/packages/admin.scm (fail2ban)
[arguments]<phases>: Move multiple file deletion from here...
[source]<snippet>: ...to here.
---
gnu/packages/admin.scm | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index d7ae926809..bd07a73c99 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6244,6 +6244,15 @@ (define-public fail2ban
(modules '((guix build utils)))
(snippet
'(begin
+ ;; Replacing those by our own paths-guix.conf
+ (with-directory-excursion "config"
+ (for-each delete-file
+ '("paths-arch.conf"
+ "paths-debian.conf"
+ "paths-fedora.conf"
+ "paths-freebsd.conf"
+ "paths-opensuse.conf"
+ "paths-osx.conf")))
;; Get rid of absolute file names.
(substitute* "setup.py"
(("/etc/fail2ban")
@@ -6307,14 +6316,6 @@ (define-public fail2ban
(lambda* (#:key inputs #:allow-other-keys)
;; deleting things that are not feasible to fix
;; or won't be used any way
- (with-directory-excursion "config"
- (for-each delete-file
- '("paths-arch.conf"
- "paths-debian.conf"
- "paths-fedora.conf"
- "paths-freebsd.conf"
- "paths-opensuse.conf"
- "paths-osx.conf")))
(with-directory-excursion "config/action.d"
(for-each delete-file
'("apf.conf"
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sat, 03 May 2025 14:03:02 GMT) Full text and rfc822 format available.Message #53 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 2/6] gnu: fail2ban: Move setup and test patches to phases. Date: Sat, 3 May 2025 15:59:58 +0200
* gnu/packages/admin.scm (fail2ban)
[source]<snippet>: Move setup and test substitutions...
[arguments]<phases>: ...to phases 'patch-setup.py and
'disable-some-tests.
---
gnu/packages/admin.scm | 71 +++++++++++++++++++++---------------------
1 file changed, 35 insertions(+), 36 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index bd07a73c99..ee428c00df 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6252,42 +6252,7 @@ (define-public fail2ban
"paths-fedora.conf"
"paths-freebsd.conf"
"paths-opensuse.conf"
- "paths-osx.conf")))
- ;; Get rid of absolute file names.
- (substitute* "setup.py"
- (("/etc/fail2ban")
- "etc/fail2ban")
- (("/var/lib/fail2ban")
- "var/lib/fail2ban")
- (("\"/usr/bin/\"")
- "\"usr/bin/\"")
- (("\"/usr/lib/fail2ban/\"")
- "\"usr/lib/fail2ban/\"")
- (("'/usr/share/doc/fail2ban'")
- "'usr/share/doc/fail2ban'"))
- ;; disable tests performing unacceptable side-effects
- (let ((make-suite (lambda (t)
- (string-append
- "tests.addTest.unittest.makeSuite."
- t ".."))))
- (substitute* "fail2ban/tests/utils.py"
- (((make-suite "actiontestcase.CommandActionTest"))
- "")
- (((make-suite "misctestcase.SetupTest"))
- "")
- (((make-suite
- "filtertestcase.DNSUtilsNetworkTests"))
- "")
- (((make-suite "filtertestcase.IgnoreIPDNS"))
- "")
- (((make-suite "filtertestcase.GetFailures"))
- "")
- (((make-suite
- "fail2banclienttestcase.Fail2banServerTest"))
- "")
- (((make-suite
- "servertestcase.ServerConfigReaderTests"))
- "")))))
+ "paths-osx.conf")))))
(patches (search-patches
"fail2ban-0.11.2_fix-setuptools-drop-2to3.patch"
"fail2ban-python310-server-action.patch"
@@ -6302,6 +6267,40 @@ (define-public fail2ban
(add-before 'build 'invoke-2to3
(lambda _
(invoke "./fail2ban-2to3")))
+ (add-after 'unpack 'patch-setup.py
+ (lambda _
+ ;; Get rid of absolute file names.
+ (substitute* "setup.py"
+ (("/etc/fail2ban")
+ "etc/fail2ban")
+ (("/var/lib/fail2ban")
+ "var/lib/fail2ban")
+ (("\"/usr/bin/\"")
+ "\"usr/bin/\"")
+ (("\"/usr/lib/fail2ban/\"")
+ "\"usr/lib/fail2ban/\"")
+ (("'/usr/share/doc/fail2ban'")
+ "'usr/share/doc/fail2ban'"))))
+ (add-after 'unpack 'disable-some-tests
+ (lambda _
+ (define (make-suite str)
+ (string-append "tests.addTest.unittest.makeSuite." str ".."))
+ ;; disable tests performing unacceptable side-effects
+ (substitute* "fail2ban/tests/utils.py"
+ (((make-suite "actiontestcase.CommandActionTest"))
+ "")
+ (((make-suite "misctestcase.SetupTest"))
+ "")
+ (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
+ "")
+ (((make-suite "filtertestcase.IgnoreIPDNS"))
+ "")
+ (((make-suite "filtertestcase.GetFailures"))
+ "")
+ (((make-suite "fail2banclienttestcase.Fail2banServerTest"))
+ "")
+ (((make-suite "servertestcase.ServerConfigReaderTests"))
+ ""))))
(add-before 'install 'fix-default-config
(lambda* (#:key outputs #:allow-other-keys)
(substitute* '("config/paths-common.conf"
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sat, 03 May 2025 14:03:03 GMT) Full text and rfc822 format available.Message #56 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 0/6] Fix fail2ban build. Date: Sat, 3 May 2025 15:59:56 +0200
Haven't fixed tests yet, but this new version should a bit easier to review. I don't know if/how it's possible to get shepherd's side details while testing, so I'll probably end up trying the service myself to see what's wrong before trying to dig in tests. Nicolas Graves (6): gnu: fail2ban: Move file deletion to source snippet. gnu: fail2ban: Move setup and test patches to phases. gnu: fail2ban: Update to 1.1.0. gnu: fail2ban: Improve style. gnu: fail2ban: Improve style. gnu: fail2ban: Improve snippet. gnu/local.mk | 6 - gnu/packages/admin.scm | 327 ++++++++---------- .../fail2ban-0.11.2_CVE-2021-32749.patch | 155 --------- ...2ban-0.11.2_fix-setuptools-drop-2to3.patch | 64 ---- .../fail2ban-0.11.2_fix-test-suite.patch | 48 --- .../fail2ban-python310-server-action.patch | 27 -- .../fail2ban-python310-server-actions.patch | 25 -- .../fail2ban-python310-server-jails.patch | 25 -- 8 files changed, 149 insertions(+), 528 deletions(-) delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch delete mode 100644 gnu/packages/patches/fail2ban-python310-server-action.patch delete mode 100644 gnu/packages/patches/fail2ban-python310-server-actions.patch delete mode 100644 gnu/packages/patches/fail2ban-python310-server-jails.patch -- 2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sat, 03 May 2025 14:03:03 GMT) Full text and rfc822 format available.Message #59 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 3/6] gnu: fail2ban: Update to 1.1.0. Date: Sat, 3 May 2025 15:59:59 +0200
* gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch,
gnu/packages/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch,
gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch,
gnu/packages/patches/fail2ban-python310-server-action.patch,
gnu/packages/fail2ban-python310-server-actions.patch: Delete patches.
* gnu/local.mk: Deregister patches.
* gnu/packages/admin.scm (fail2ban): Update to 1.1.0.
[source]<snippet>: Use (srfi srfi-26) for readability.
<patches>: Deregister patches.
[build-system]: Switch to pyproject-build-system.
[arguments]<phases>: Remove phase 'invoke-2to3. Add phase
'avoid-external-binary-in-/bin to avoid creating a symlink to
python-wrapper binary during installation (current 'install phase
breaks otherwise).
[native-inputs]: Add python-setuptools, python-wheel.
---
gnu/local.mk | 6 -
gnu/packages/admin.scm | 26 ++-
.../fail2ban-0.11.2_CVE-2021-32749.patch | 155 ------------------
...2ban-0.11.2_fix-setuptools-drop-2to3.patch | 64 --------
.../fail2ban-0.11.2_fix-test-suite.patch | 48 ------
.../fail2ban-python310-server-action.patch | 27 ---
.../fail2ban-python310-server-actions.patch | 25 ---
.../fail2ban-python310-server-jails.patch | 25 ---
8 files changed, 12 insertions(+), 364 deletions(-)
delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch
delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch
delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch
delete mode 100644 gnu/packages/patches/fail2ban-python310-server-action.patch
delete mode 100644 gnu/packages/patches/fail2ban-python310-server-actions.patch
delete mode 100644 gnu/packages/patches/fail2ban-python310-server-jails.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 3f5e4cec38..be2639eeb4 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1259,13 +1259,7 @@ dist_patch_DATA = \
%D%/packages/patches/expat-CVE-2024-45492.patch \
%D%/packages/patches/extempore-unbundle-external-dependencies.patch \
%D%/packages/patches/extundelete-e2fsprogs-1.44.patch \
- %D%/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch \
- %D%/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch \
- %D%/packages/patches/fail2ban-0.11.2_fix-test-suite.patch \
%D%/packages/patches/fail2ban-paths-guix-conf.patch \
- %D%/packages/patches/fail2ban-python310-server-action.patch \
- %D%/packages/patches/fail2ban-python310-server-actions.patch \
- %D%/packages/patches/fail2ban-python310-server-jails.patch \
%D%/packages/patches/faiss-tests-CMakeLists-find-googletest.patch \
%D%/packages/patches/falcosecurity-libs-shared-build.patch \
%D%/packages/patches/farstream-gupnp.patch \
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index ee428c00df..342d11e49e 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6231,7 +6231,7 @@ (define-public sysdig
(define-public fail2ban
(package
(name "fail2ban")
- (version "0.11.2")
+ (version "1.1.0")
(source (origin
(method git-fetch)
(uri (git-reference
@@ -6240,7 +6240,7 @@ (define-public fail2ban
(file-name (git-file-name name version))
(sha256
(base32
- "00d9q8m284q2wy6q462nipzszplfbvrs9fhgn0y3imwsc24kv1db"))
+ "0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
(modules '((guix build utils)))
(snippet
'(begin
@@ -6253,20 +6253,16 @@ (define-public fail2ban
"paths-freebsd.conf"
"paths-opensuse.conf"
"paths-osx.conf")))))
- (patches (search-patches
- "fail2ban-0.11.2_fix-setuptools-drop-2to3.patch"
- "fail2ban-python310-server-action.patch"
- "fail2ban-python310-server-actions.patch"
- "fail2ban-python310-server-jails.patch"
- "fail2ban-0.11.2_fix-test-suite.patch"
- "fail2ban-0.11.2_CVE-2021-32749.patch"
- "fail2ban-paths-guix-conf.patch"))))
- (build-system python-build-system)
+ (patches (search-patches "fail2ban-paths-guix-conf.patch"))))
+ (build-system pyproject-build-system)
(arguments
'(#:phases (modify-phases %standard-phases
- (add-before 'build 'invoke-2to3
+ (add-after 'unpack 'avoid-external-binary-in-/bin
(lambda _
- (invoke "./fail2ban-2to3")))
+ (delete-file "fail2ban/setup.py")
+ (substitute* '("bin/fail2ban-testcases"
+ "setup.py")
+ ((".*updatePyExec.*") ""))))
(add-after 'unpack 'patch-setup.py
(lambda _
;; Get rid of absolute file names.
@@ -6284,7 +6280,7 @@ (define-public fail2ban
(add-after 'unpack 'disable-some-tests
(lambda _
(define (make-suite str)
- (string-append "tests.addTest.unittest.makeSuite." str ".."))
+ (string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
;; disable tests performing unacceptable side-effects
(substitute* "fail2ban/tests/utils.py"
(((make-suite "actiontestcase.CommandActionTest"))
@@ -6410,6 +6406,8 @@ (define (make-suite str)
"fail2ban-testcases"))
(for-each install-man5
'("jail.conf")))))))))
+ (native-inputs
+ (list python-setuptools python-wheel))
(inputs (list gawk
coreutils-minimal
curl
diff --git a/gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch b/gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch
deleted file mode 100644
index d3c677918c..0000000000
--- a/gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch
+++ /dev/null
@@ -1,155 +0,0 @@
-From 410a6ce5c80dd981c22752da034f2529b5eee844 Mon Sep 17 00:00:00 2001
-From: sebres <serg.brester <at> sebres.de>
-Date: Mon, 21 Jun 2021 17:12:53 +0200
-Subject: [PATCH] fixed possible RCE vulnerability, unset escape variable
- (default tilde) stops consider "~" char after new-line as composing escape
- sequence
-
----
- config/action.d/complain.conf | 2 +-
- config/action.d/dshield.conf | 2 +-
- config/action.d/mail-buffered.conf | 8 ++++----
- config/action.d/mail-whois-lines.conf | 2 +-
- config/action.d/mail-whois.conf | 6 +++---
- config/action.d/mail.conf | 6 +++---
- 6 files changed, 13 insertions(+), 13 deletions(-)
-
-diff --git a/config/action.d/complain.conf b/config/action.d/complain.conf
-index 3a5f882c9f..4d73b05859 100644
---- a/config/action.d/complain.conf
-+++ b/config/action.d/complain.conf
-@@ -102,7 +102,7 @@ logpath = /dev/null
- # Notes.: Your system mail command. Is passed 2 args: subject and recipient
- # Values: CMD
- #
--mailcmd = mail -s
-+mailcmd = mail -E 'set escape' -s
-
- # Option: mailargs
- # Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
-diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf
-index c128bef348..3d5a7a53a9 100644
---- a/config/action.d/dshield.conf
-+++ b/config/action.d/dshield.conf
-@@ -179,7 +179,7 @@ tcpflags =
- # Notes.: Your system mail command. Is passed 2 args: subject and recipient
- # Values: CMD
- #
--mailcmd = mail -s
-+mailcmd = mail -E 'set escape' -s
-
- # Option: mailargs
- # Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
-diff --git a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf
-index 325f185b2f..79b841049c 100644
---- a/config/action.d/mail-buffered.conf
-+++ b/config/action.d/mail-buffered.conf
-@@ -17,7 +17,7 @@ actionstart = printf %%b "Hi,\n
- The jail <name> has been started successfully.\n
- Output will be buffered until <lines> lines are available.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-
- # Option: actionstop
- # Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
-@@ -28,13 +28,13 @@ actionstop = if [ -f <tmpfile> ]; then
- These hosts have been banned by Fail2Ban.\n
- `cat <tmpfile>`
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest>
- rm <tmpfile>
- fi
- printf %%b "Hi,\n
- The jail <name> has been stopped.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-
- # Option: actioncheck
- # Notes.: command executed once before each actionban command
-@@ -55,7 +55,7 @@ actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
- These hosts have been banned by Fail2Ban.\n
- `cat <tmpfile>`
- \nRegards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary" <dest>
- rm <tmpfile>
- fi
-
-diff --git a/config/action.d/mail-whois-lines.conf b/config/action.d/mail-whois-lines.conf
-index 3a3e56b2c7..d2818cb9b9 100644
---- a/config/action.d/mail-whois-lines.conf
-+++ b/config/action.d/mail-whois-lines.conf
-@@ -72,7 +72,7 @@ actionunban =
- # Notes.: Your system mail command. Is passed 2 args: subject and recipient
- # Values: CMD
- #
--mailcmd = mail -s
-+mailcmd = mail -E 'set escape' -s
-
- # Default name of the chain
- #
-diff --git a/config/action.d/mail-whois.conf b/config/action.d/mail-whois.conf
-index 7fea34c40d..ab33b616dc 100644
---- a/config/action.d/mail-whois.conf
-+++ b/config/action.d/mail-whois.conf
-@@ -20,7 +20,7 @@ norestored = 1
- actionstart = printf %%b "Hi,\n
- The jail <name> has been started successfully.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-
- # Option: actionstop
- # Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
-@@ -29,7 +29,7 @@ actionstart = printf %%b "Hi,\n
- actionstop = printf %%b "Hi,\n
- The jail <name> has been stopped.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-
- # Option: actioncheck
- # Notes.: command executed once before each actionban command
-@@ -49,7 +49,7 @@ actionban = printf %%b "Hi,\n
- Here is more information about <ip> :\n
- `%(_whois_command)s`\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
-
- # Option: actionunban
- # Notes.: command executed when unbanning an IP. Take care that the
-diff --git a/config/action.d/mail.conf b/config/action.d/mail.conf
-index 5d8c0e154c..f4838ddcb6 100644
---- a/config/action.d/mail.conf
-+++ b/config/action.d/mail.conf
-@@ -16,7 +16,7 @@ norestored = 1
- actionstart = printf %%b "Hi,\n
- The jail <name> has been started successfully.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-
- # Option: actionstop
- # Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
-@@ -25,7 +25,7 @@ actionstart = printf %%b "Hi,\n
- actionstop = printf %%b "Hi,\n
- The jail <name> has been stopped.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-
- # Option: actioncheck
- # Notes.: command executed once before each actionban command
-@@ -43,7 +43,7 @@ actionban = printf %%b "Hi,\n
- The IP <ip> has just been banned by Fail2Ban after
- <failures> attempts against <name>.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
-
- # Option: actionunban
- # Notes.: command executed when unbanning an IP. Take care that the
diff --git a/gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch b/gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch
deleted file mode 100644
index b0b14364b1..0000000000
--- a/gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From 5ac303df8a171f748330d4c645ccbf1c2c7f3497 Mon Sep 17 00:00:00 2001
-From: sebres <info <at> sebres.de>
-Date: Sun, 19 Sep 2021 18:49:18 +0200
-Subject: [PATCH] fix gh-3098: build fails with error in fail2ban setup
- command: use_2to3 is invalid (setuptools 58+)
-
----
- setup.py | 16 +---------------
- 1 file changed, 1 insertion(+), 15 deletions(-)
-
-diff --git a/setup.py b/setup.py
-index f4c2550f6f..98413273c5 100755
---- a/setup.py
-+++ b/setup.py
-@@ -48,7 +48,7 @@
- from glob import glob
-
- from fail2ban.setup import updatePyExec
--
-+from fail2ban.version import version
-
- source_dir = os.path.realpath(os.path.dirname(
- # __file__ seems to be overwritten sometimes on some python versions (e.g. bug of 2.6 by running under cProfile, etc.):
-@@ -112,22 +112,12 @@ def update_scripts(self, dry_run=False):
- # Wrapper to specify fail2ban own options:
- class install_command_f2b(install):
- user_options = install.user_options + [
-- ('disable-2to3', None, 'Specify to deactivate 2to3, e.g. if the install runs from fail2ban test-cases.'),
- ('without-tests', None, 'without tests files installation'),
- ]
- def initialize_options(self):
-- self.disable_2to3 = None
- self.without_tests = not with_tests
- install.initialize_options(self)
- def finalize_options(self):
-- global _2to3
-- ## in the test cases 2to3 should be already done (fail2ban-2to3):
-- if self.disable_2to3:
-- _2to3 = False
-- if _2to3:
-- cmdclass = self.distribution.cmdclass
-- cmdclass['build_py'] = build_py_2to3
-- cmdclass['build_scripts'] = build_scripts_2to3
- if self.without_tests:
- self.distribution.scripts.remove('bin/fail2ban-testcases')
-
-@@ -178,7 +168,6 @@ def run(self):
- if setuptools:
- setup_extra = {
- 'test_suite': "fail2ban.tests.utils.gatherTests",
-- 'use_2to3': True,
- }
- else:
- setup_extra = {}
-@@ -202,9 +191,6 @@ def run(self):
- ('/usr/share/doc/fail2ban', doc_files)
- )
-
--# Get version number, avoiding importing fail2ban.
--# This is due to tests not functioning for python3 as 2to3 takes place later
--exec(open(join("fail2ban", "version.py")).read())
-
- setup(
- name = "fail2ban",
diff --git a/gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch b/gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch
deleted file mode 100644
index 91d973e72e..0000000000
--- a/gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From 747d4683221b5584f9663695fb48145689b42ceb Mon Sep 17 00:00:00 2001
-From: sebres <info <at> sebres.de>
-Date: Mon, 4 Jan 2021 02:42:38 +0100
-Subject: [PATCH] fixes century selector of %ExY and %Exy in datepattern for
- tests, considering interval from 2005 (alternate now) to now; + better
- grouping algorithm for resulting century RE
-
----
- fail2ban/server/strptime.py | 24 ++++++++++++++++++++++--
- 1 file changed, 22 insertions(+), 2 deletions(-)
-
-diff --git a/fail2ban/server/strptime.py b/fail2ban/server/strptime.py
-index 1464a96d1f..39fc795865 100644
---- a/fail2ban/server/strptime.py
-+++ b/fail2ban/server/strptime.py
-@@ -36,10 +36,30 @@ def _getYearCentRE(cent=(0,3), distance=3, now=(MyTime.now(), MyTime.alternateNo
- Thereby respect possible run in the test-cases (alternate date used there)
- """
- cent = lambda year, f=cent[0], t=cent[1]: str(year)[f:t]
-+ def grp(exprset):
-+ c = None
-+ if len(exprset) > 1:
-+ for i in exprset:
-+ if c is None or i[0:-1] == c:
-+ c = i[0:-1]
-+ else:
-+ c = None
-+ break
-+ if not c:
-+ for i in exprset:
-+ if c is None or i[0] == c:
-+ c = i[0]
-+ else:
-+ c = None
-+ break
-+ if c:
-+ return "%s%s" % (c, grp([i[len(c):] for i in exprset]))
-+ return ("(?:%s)" % "|".join(exprset) if len(exprset[0]) > 1 else "[%s]" % "".join(exprset)) \
-+ if len(exprset) > 1 else "".join(exprset)
- exprset = set( cent(now[0].year + i) for i in (-1, distance) )
- if len(now) and now[1]:
-- exprset |= set( cent(now[1].year + i) for i in (-1, distance) )
-- return "(?:%s)" % "|".join(exprset) if len(exprset) > 1 else "".join(exprset)
-+ exprset |= set( cent(now[1].year + i) for i in xrange(-1, now[0].year-now[1].year+1, distance) )
-+ return grp(sorted(list(exprset)))
-
- timeRE = TimeRE()
-
diff --git a/gnu/packages/patches/fail2ban-python310-server-action.patch b/gnu/packages/patches/fail2ban-python310-server-action.patch
deleted file mode 100644
index 723d7f7aa6..0000000000
--- a/gnu/packages/patches/fail2ban-python310-server-action.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 2b6bb2c1bed8f7009631e8f8c306fa3160324a49 Mon Sep 17 00:00:00 2001
-From: "Sergey G. Brester" <serg.brester <at> sebres.de>
-Date: Mon, 8 Feb 2021 17:19:24 +0100
-Subject: [PATCH] follow bpo-37324: :ref:`collections-abstract-base-classes`
- moved to the :mod:`collections.abc` module
-
-(since 3.10-alpha.5 `MutableMapping` is missing in collections module)
----
- fail2ban/server/action.py | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/fail2ban/server/action.py b/fail2ban/server/action.py
-index 3bc48fe046..f0f1e6f59a 100644
---- a/fail2ban/server/action.py
-+++ b/fail2ban/server/action.py
-@@ -30,7 +30,10 @@
- import threading
- import time
- from abc import ABCMeta
--from collections import MutableMapping
-+try:
-+ from collections.abc import MutableMapping
-+except ImportError:
-+ from collections import MutableMapping
-
- from .failregex import mapTag2Opt
- from .ipdns import DNSUtils
diff --git a/gnu/packages/patches/fail2ban-python310-server-actions.patch b/gnu/packages/patches/fail2ban-python310-server-actions.patch
deleted file mode 100644
index e31316d28b..0000000000
--- a/gnu/packages/patches/fail2ban-python310-server-actions.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 42dee38ad2ac5c3f23bdf297d824022923270dd9 Mon Sep 17 00:00:00 2001
-From: "Sergey G. Brester" <serg.brester <at> sebres.de>
-Date: Mon, 8 Feb 2021 17:25:45 +0100
-Subject: [PATCH] amend for `Mapping`
-
----
- fail2ban/server/actions.py | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py
-index b7b95b445a..897d907c1a 100644
---- a/fail2ban/server/actions.py
-+++ b/fail2ban/server/actions.py
-@@ -28,7 +28,10 @@
- import os
- import sys
- import time
--from collections import Mapping
-+try:
-+ from collections.abc import Mapping
-+except ImportError:
-+ from collections import Mapping
- try:
- from collections import OrderedDict
- except ImportError:
diff --git a/gnu/packages/patches/fail2ban-python310-server-jails.patch b/gnu/packages/patches/fail2ban-python310-server-jails.patch
deleted file mode 100644
index e5873c415e..0000000000
--- a/gnu/packages/patches/fail2ban-python310-server-jails.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 9f1d1f4fbd0804695a976beb191f2c49a2739834 Mon Sep 17 00:00:00 2001
-From: "Sergey G. Brester" <serg.brester <at> sebres.de>
-Date: Mon, 8 Feb 2021 17:35:59 +0100
-Subject: [PATCH] amend for `Mapping` (jails)
-
----
- fail2ban/server/jails.py | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/fail2ban/server/jails.py b/fail2ban/server/jails.py
-index 972a8c4bd2..27e12ddf65 100644
---- a/fail2ban/server/jails.py
-+++ b/fail2ban/server/jails.py
-@@ -22,7 +22,10 @@
- __license__ = "GPL"
-
- from threading import Lock
--from collections import Mapping
-+try:
-+ from collections.abc import Mapping
-+except ImportError:
-+ from collections import Mapping
-
- from ..exceptions import DuplicateJailException, UnknownJailException
- from .jail import Jail
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sat, 03 May 2025 14:05:01 GMT) Full text and rfc822 format available.Message #62 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 4/6] gnu: fail2ban: Improve style. Date: Sat, 3 May 2025 16:00:00 +0200
* gnu/packages/admin.scm (fail2ban): Use gexps and run guix style.
---
gnu/packages/admin.scm | 338 ++++++++++++++++++++---------------------
1 file changed, 164 insertions(+), 174 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 342d11e49e..1f99059e4f 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6232,182 +6232,172 @@ (define-public fail2ban
(package
(name "fail2ban")
(version "1.1.0")
- (source (origin
- (method git-fetch)
- (uri (git-reference
- (url "https://github.com/fail2ban/fail2ban")
- (commit version)))
- (file-name (git-file-name name version))
- (sha256
- (base32
- "0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
- (modules '((guix build utils)))
- (snippet
- '(begin
- ;; Replacing those by our own paths-guix.conf
- (with-directory-excursion "config"
- (for-each delete-file
- '("paths-arch.conf"
- "paths-debian.conf"
- "paths-fedora.conf"
- "paths-freebsd.conf"
- "paths-opensuse.conf"
- "paths-osx.conf")))))
- (patches (search-patches "fail2ban-paths-guix-conf.patch"))))
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/fail2ban/fail2ban")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
+ (modules '((guix build utils)))
+ (snippet #~(begin
+ ;; Replacing those by our own paths-guix.conf
+ (with-directory-excursion "config"
+ (for-each delete-file
+ '("paths-arch.conf" "paths-debian.conf"
+ "paths-fedora.conf" "paths-freebsd.conf"
+ "paths-opensuse.conf" "paths-osx.conf")))))
+ (patches (search-patches "fail2ban-paths-guix-conf.patch"))))
(build-system pyproject-build-system)
(arguments
- '(#:phases (modify-phases %standard-phases
- (add-after 'unpack 'avoid-external-binary-in-/bin
- (lambda _
- (delete-file "fail2ban/setup.py")
- (substitute* '("bin/fail2ban-testcases"
- "setup.py")
- ((".*updatePyExec.*") ""))))
- (add-after 'unpack 'patch-setup.py
- (lambda _
- ;; Get rid of absolute file names.
- (substitute* "setup.py"
- (("/etc/fail2ban")
- "etc/fail2ban")
- (("/var/lib/fail2ban")
- "var/lib/fail2ban")
- (("\"/usr/bin/\"")
- "\"usr/bin/\"")
- (("\"/usr/lib/fail2ban/\"")
- "\"usr/lib/fail2ban/\"")
- (("'/usr/share/doc/fail2ban'")
- "'usr/share/doc/fail2ban'"))))
- (add-after 'unpack 'disable-some-tests
- (lambda _
- (define (make-suite str)
- (string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
- ;; disable tests performing unacceptable side-effects
- (substitute* "fail2ban/tests/utils.py"
- (((make-suite "actiontestcase.CommandActionTest"))
- "")
- (((make-suite "misctestcase.SetupTest"))
- "")
- (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
- "")
- (((make-suite "filtertestcase.IgnoreIPDNS"))
- "")
- (((make-suite "filtertestcase.GetFailures"))
- "")
- (((make-suite "fail2banclienttestcase.Fail2banServerTest"))
- "")
- (((make-suite "servertestcase.ServerConfigReaderTests"))
- ""))))
- (add-before 'install 'fix-default-config
- (lambda* (#:key outputs #:allow-other-keys)
- (substitute* '("config/paths-common.conf"
- "fail2ban/tests/utils.py"
- "fail2ban/client/configreader.py"
- "fail2ban/client/fail2bancmdline.py"
- "fail2ban/client/fail2banregex.py")
- (("/etc/fail2ban")
- (string-append (assoc-ref outputs "out")
- "/etc/fail2ban")))))
- (add-after 'fix-default-config 'set-action-dependencies
- (lambda* (#:key inputs #:allow-other-keys)
- ;; deleting things that are not feasible to fix
- ;; or won't be used any way
- (with-directory-excursion "config/action.d"
- (for-each delete-file
- '("apf.conf"
- "bsd-ipfw.conf"
- "dshield.conf"
- "ipfilter.conf"
- "ipfw.conf"
- "firewallcmd-allports.conf"
- "firewallcmd-common.conf"
- "firewallcmd-ipset.conf"
- "firewallcmd-multiport.conf"
- "firewallcmd-new.conf"
- "firewallcmd-rich-logging.conf"
- "firewallcmd-rich-rules.conf"
- "osx-afctl.conf"
- "osx-ipfw.conf"
- "pf.conf"
- "nginx-block-map.conf"
- "npf.conf"
- "shorewall.conf"
- "shorewall-ipset-proto6.conf"
- "ufw.conf")))
- (let* ((lookup-cmd (lambda (i)
- (search-input-file inputs i)))
- (bin (lambda (i)
- (lookup-cmd (string-append "/bin/" i))))
- (sbin (lambda (i)
- (lookup-cmd (string-append "/sbin/" i))))
- (ip (sbin "ip"))
- (sendmail (sbin "sendmail")))
- (substitute* (find-files "config/action.d" "\\.conf$")
- ;; TODO: deal with geoiplookup ..
- (("(awk|curl|dig|jq)" all cmd)
- (bin cmd))
- (("(cat|echo|grep|head|printf|wc) " all
- cmd)
- (string-append (bin cmd) " "))
- ((" (date|rm|sed|tail|touch|tr) " all
- cmd)
- (string-append " "
- (bin cmd) " "))
- (("cut -d")
- (string-append (bin "cut") " -d"))
- (("`date`")
- (string-append "`"
- (bin "date") "`"))
- (("id -")
- (string-append (bin "id") " -"))
- (("ip -([46]) addr" all ver)
- (string-append ip " -" ver " addr"))
- (("ip route")
- (string-append ip " route"))
- (("ipset ")
- (string-append (sbin "ipset") " "))
- (("(iptables|ip6tables) <" all cmd)
- (string-append (sbin cmd) " <"))
- (("/usr/bin/nsupdate")
- (bin "nsupdate"))
- (("mail -E")
- (string-append sendmail " -E"))
- (("nftables = nft")
- (string-append "nftables = " (sbin "nft")))
- (("perl -e")
- (string-append (bin "perl") " -e"))
- (("/usr/sbin/sendmail")
- sendmail)
- (("test -e")
- (string-append (bin "test") " -e"))
- (("_whois = whois")
- (string-append "_whois = " (bin "whois")))))
- (substitute* "config/jail.conf"
- (("before = paths-debian.conf")
- "before = paths-guix.conf"))))
- (add-after 'install 'copy-man-pages
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((man (string-append (assoc-ref outputs "out")
- "/man"))
- (install-man (lambda (m)
- (lambda (f)
- (install-file (string-append f
- "." m)
- (string-append man
- "/man" m)))))
- (install-man1 (install-man "1"))
- (install-man5 (install-man "5")))
- (with-directory-excursion "man"
- (for-each install-man1
- '("fail2ban"
- "fail2ban-client"
- "fail2ban-python"
- "fail2ban-regex"
- "fail2ban-server"
- "fail2ban-testcases"))
- (for-each install-man5
- '("jail.conf")))))))))
- (native-inputs
- (list python-setuptools python-wheel))
+ (list
+ #:phases
+ #~(modify-phases %standard-phases
+ (add-after 'unpack 'avoid-external-binary-in-/bin
+ (lambda _
+ (delete-file "fail2ban/setup.py")
+ (substitute* '("bin/fail2ban-testcases" "setup.py")
+ ((".*updatePyExec.*")
+ ""))))
+ (add-after 'unpack 'patch-setup.py
+ (lambda _
+ ;; Get rid of absolute file names.
+ (substitute* "setup.py"
+ (("/etc/fail2ban")
+ "etc/fail2ban")
+ (("/var/lib/fail2ban")
+ "var/lib/fail2ban")
+ (("\"/usr/bin/\"")
+ "\"usr/bin/\"")
+ (("\"/usr/lib/fail2ban/\"")
+ "\"usr/lib/fail2ban/\"")
+ (("'/usr/share/doc/fail2ban'")
+ "'usr/share/doc/fail2ban'"))))
+ (add-after 'unpack 'disable-some-tests
+ (lambda _
+ (define (make-suite str)
+ (string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
+ ;; disable tests performing unacceptable side-effects
+ (substitute* "fail2ban/tests/utils.py"
+ (((make-suite "actiontestcase.CommandActionTest"))
+ "")
+ (((make-suite "misctestcase.SetupTest"))
+ "")
+ (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
+ "")
+ (((make-suite "filtertestcase.IgnoreIPDNS"))
+ "")
+ (((make-suite "filtertestcase.GetFailures"))
+ "")
+ (((make-suite "fail2banclienttestcase.Fail2banServerTest"))
+ "")
+ (((make-suite "servertestcase.ServerConfigReaderTests"))
+ ""))))
+ (add-before 'install 'fix-default-config
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* '("config/paths-common.conf"
+ "fail2ban/tests/utils.py"
+ "fail2ban/client/configreader.py"
+ "fail2ban/client/fail2bancmdline.py"
+ "fail2ban/client/fail2banregex.py")
+ (("/etc/fail2ban")
+ (string-append (assoc-ref outputs "out") "/etc/fail2ban")))))
+ (add-after 'fix-default-config 'set-action-dependencies
+ (lambda* (#:key inputs #:allow-other-keys)
+ ;; deleting things that are not feasible to fix
+ ;; or won't be used any way
+ (with-directory-excursion "config/action.d"
+ (for-each delete-file
+ '("apf.conf" "bsd-ipfw.conf"
+ "dshield.conf"
+ "ipfilter.conf"
+ "ipfw.conf"
+ "firewallcmd-allports.conf"
+ "firewallcmd-common.conf"
+ "firewallcmd-ipset.conf"
+ "firewallcmd-multiport.conf"
+ "firewallcmd-new.conf"
+ "firewallcmd-rich-logging.conf"
+ "firewallcmd-rich-rules.conf"
+ "osx-afctl.conf"
+ "osx-ipfw.conf"
+ "pf.conf"
+ "nginx-block-map.conf"
+ "npf.conf"
+ "shorewall.conf"
+ "shorewall-ipset-proto6.conf"
+ "ufw.conf")))
+ (let* ((lookup-cmd (lambda (i)
+ (search-input-file inputs i)))
+ (bin (lambda (i)
+ (lookup-cmd (string-append "/bin/" i))))
+ (sbin (lambda (i)
+ (lookup-cmd (string-append "/sbin/" i))))
+ (ip (sbin "ip"))
+ (sendmail (sbin "sendmail")))
+ (substitute* (find-files "config/action.d" "\\.conf$")
+ ;; TODO: deal with geoiplookup ..
+ (("(awk|curl|dig|jq)" all cmd)
+ (bin cmd))
+ (("(cat|echo|grep|head|printf|wc) " all cmd)
+ (string-append (bin cmd) " "))
+ ((" (date|rm|sed|tail|touch|tr) " all cmd)
+ (string-append " "
+ (bin cmd) " "))
+ (("cut -d")
+ (string-append (bin "cut") " -d"))
+ (("`date`")
+ (string-append "`"
+ (bin "date") "`"))
+ (("id -")
+ (string-append (bin "id") " -"))
+ (("ip -([46]) addr" all ver)
+ (string-append ip " -" ver " addr"))
+ (("ip route")
+ (string-append ip " route"))
+ (("ipset ")
+ (string-append (sbin "ipset") " "))
+ (("(iptables|ip6tables) <" all cmd)
+ (string-append (sbin cmd) " <"))
+ (("/usr/bin/nsupdate")
+ (bin "nsupdate"))
+ (("mail -E")
+ (string-append sendmail " -E"))
+ (("nftables = nft")
+ (string-append "nftables = "
+ (sbin "nft")))
+ (("perl -e")
+ (string-append (bin "perl") " -e"))
+ (("/usr/sbin/sendmail")
+ sendmail)
+ (("test -e")
+ (string-append (bin "test") " -e"))
+ (("_whois = whois")
+ (string-append "_whois = "
+ (bin "whois")))))
+ (substitute* "config/jail.conf"
+ (("before = paths-debian.conf")
+ "before = paths-guix.conf"))))
+ (add-after 'install 'copy-man-pages
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((man (string-append (assoc-ref outputs "out") "/man"))
+ (install-man (lambda (m)
+ (lambda (f)
+ (install-file (string-append f "." m)
+ (string-append man "/man"
+ m)))))
+ (install-man1 (install-man "1"))
+ (install-man5 (install-man "5")))
+ (with-directory-excursion "man"
+ (for-each install-man1
+ '("fail2ban" "fail2ban-client" "fail2ban-python"
+ "fail2ban-regex" "fail2ban-server"
+ "fail2ban-testcases"))
+ (for-each install-man5
+ '("jail.conf")))))))))
+ (native-inputs (list python-setuptools python-wheel))
(inputs (list gawk
coreutils-minimal
curl
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sat, 03 May 2025 14:05:02 GMT) Full text and rfc822 format available.Message #65 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 5/6] gnu: fail2ban: Improve style. Date: Sat, 3 May 2025 16:00:01 +0200
* gnu/packages/admin.scm (fail2ban):
[arguments]<phases>: Rewrite phases 'set-action-dependencies and
copy-man-pages for readability.
---
gnu/packages/admin.scm | 121 ++++++++++++++++++-----------------------
1 file changed, 54 insertions(+), 67 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 1f99059e4f..b808a3b6c5 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6296,21 +6296,22 @@ (define (make-suite str)
(((make-suite "servertestcase.ServerConfigReaderTests"))
""))))
(add-before 'install 'fix-default-config
- (lambda* (#:key outputs #:allow-other-keys)
+ (lambda _
(substitute* '("config/paths-common.conf"
"fail2ban/tests/utils.py"
"fail2ban/client/configreader.py"
"fail2ban/client/fail2bancmdline.py"
"fail2ban/client/fail2banregex.py")
(("/etc/fail2ban")
- (string-append (assoc-ref outputs "out") "/etc/fail2ban")))))
+ (string-append #$output "/etc/fail2ban")))))
(add-after 'fix-default-config 'set-action-dependencies
(lambda* (#:key inputs #:allow-other-keys)
;; deleting things that are not feasible to fix
;; or won't be used any way
(with-directory-excursion "config/action.d"
(for-each delete-file
- '("apf.conf" "bsd-ipfw.conf"
+ '("apf.conf"
+ "bsd-ipfw.conf"
"dshield.conf"
"ipfilter.conf"
"ipfw.conf"
@@ -6329,74 +6330,60 @@ (define (make-suite str)
"shorewall.conf"
"shorewall-ipset-proto6.conf"
"ufw.conf")))
- (let* ((lookup-cmd (lambda (i)
- (search-input-file inputs i)))
- (bin (lambda (i)
- (lookup-cmd (string-append "/bin/" i))))
- (sbin (lambda (i)
- (lookup-cmd (string-append "/sbin/" i))))
- (ip (sbin "ip"))
- (sendmail (sbin "sendmail")))
- (substitute* (find-files "config/action.d" "\\.conf$")
- ;; TODO: deal with geoiplookup ..
- (("(awk|curl|dig|jq)" all cmd)
- (bin cmd))
- (("(cat|echo|grep|head|printf|wc) " all cmd)
- (string-append (bin cmd) " "))
- ((" (date|rm|sed|tail|touch|tr) " all cmd)
- (string-append " "
- (bin cmd) " "))
- (("cut -d")
- (string-append (bin "cut") " -d"))
- (("`date`")
- (string-append "`"
- (bin "date") "`"))
- (("id -")
- (string-append (bin "id") " -"))
- (("ip -([46]) addr" all ver)
- (string-append ip " -" ver " addr"))
- (("ip route")
- (string-append ip " route"))
- (("ipset ")
- (string-append (sbin "ipset") " "))
- (("(iptables|ip6tables) <" all cmd)
- (string-append (sbin cmd) " <"))
- (("/usr/bin/nsupdate")
- (bin "nsupdate"))
- (("mail -E")
- (string-append sendmail " -E"))
- (("nftables = nft")
- (string-append "nftables = "
- (sbin "nft")))
- (("perl -e")
- (string-append (bin "perl") " -e"))
- (("/usr/sbin/sendmail")
- sendmail)
- (("test -e")
- (string-append (bin "test") " -e"))
- (("_whois = whois")
- (string-append "_whois = "
- (bin "whois")))))
+ (define (lookup dir file)
+ (search-input-file inputs (string-append "/" dir "/" file)))
+
+ (substitute* (find-files "config/action.d" "\\.conf$")
+ ;; TODO: deal with geoiplookup ..
+ (("(awk|curl|dig|jq)" all cmd)
+ (lookup "bin" cmd))
+ (("(cat|echo|grep|head|printf|wc) " all cmd)
+ (string-append (lookup "bin" cmd) " "))
+ ((" (date|rm|sed|tail|touch|tr) " all cmd)
+ (string-append " " (lookup "bin" cmd) " "))
+ (("cut -d")
+ (string-append (lookup "bin" "cut") " -d"))
+ (("`date`")
+ (string-append "`" (lookup "bin" "date") "`"))
+ (("id -")
+ (string-append (lookup "bin" "id") " -"))
+ (("ip (route|-[46] addr)" all rest)
+ (string-append (lookup "sbin" "ip") rest))
+ (("ipset ")
+ (string-append (lookup "sbin" "ipset") " "))
+ (("(iptables|ip6tables) <" all cmd)
+ (string-append (lookup "sbin" cmd) " <"))
+ (("/usr/bin/nsupdate")
+ (lookup "bin" "nsupdate"))
+ (("mail -E")
+ (string-append (lookup "sbin" "sendmail") " -E"))
+ (("nftables = nft")
+ (string-append "nftables = " (lookup "sbin" "nft")))
+ (("perl -e")
+ (string-append (lookup "bin" "perl") " -e"))
+ (("/usr/sbin/sendmail")
+ (lookup "sbin" "sendmail"))
+ (("test -e")
+ (string-append (lookup "bin" "test") " -e"))
+ (("_whois = whois")
+ (string-append "_whois = " (lookup "bin" "whois"))))
+
(substitute* "config/jail.conf"
(("before = paths-debian.conf")
"before = paths-guix.conf"))))
(add-after 'install 'copy-man-pages
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((man (string-append (assoc-ref outputs "out") "/man"))
- (install-man (lambda (m)
- (lambda (f)
- (install-file (string-append f "." m)
- (string-append man "/man"
- m)))))
- (install-man1 (install-man "1"))
- (install-man5 (install-man "5")))
- (with-directory-excursion "man"
- (for-each install-man1
- '("fail2ban" "fail2ban-client" "fail2ban-python"
- "fail2ban-regex" "fail2ban-server"
- "fail2ban-testcases"))
- (for-each install-man5
- '("jail.conf")))))))))
+ (lambda _
+ (define (install-man m)
+ (lambda (f)
+ (install-file (string-append f "." m)
+ (string-append #$output "man/man" m))))
+
+ (with-directory-excursion "man"
+ (for-each (install-man "1")
+ '("fail2ban" "fail2ban-client" "fail2ban-python"
+ "fail2ban-regex" "fail2ban-server"
+ "fail2ban-testcases"))
+ ((install-man "5") "jail.conf")))))))
(native-inputs (list python-setuptools python-wheel))
(inputs (list gawk
coreutils-minimal
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sat, 03 May 2025 14:05:02 GMT) Full text and rfc822 format available.Message #68 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v2 6/6] gnu: fail2ban: Improve snippet. Date: Sat, 3 May 2025 16:00:02 +0200
* gnu/packages/admin.scm (fail2ban)
[source]<modules>: Remove (srfi srfi-26).
<snippet>: Use gexp. Move substitute* patches...
[arguments]<phases>: ...to phases 'patch-setup.py and 'disable-some-tests.
---
gnu/packages/admin.scm | 26 +++++++++++---------------
1 file changed, 11 insertions(+), 15 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index b808a3b6c5..7492de3a32 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6277,23 +6277,19 @@ (define-public fail2ban
"'usr/share/doc/fail2ban'"))))
(add-after 'unpack 'disable-some-tests
(lambda _
- (define (make-suite str)
- (string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
+ (define (make-suite-regex tests)
+ (string-append "tests.addTest\\(loadTests\\(("
+ (string-join tests "|")
+ ")\\)\\)"))
;; disable tests performing unacceptable side-effects
(substitute* "fail2ban/tests/utils.py"
- (((make-suite "actiontestcase.CommandActionTest"))
- "")
- (((make-suite "misctestcase.SetupTest"))
- "")
- (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
- "")
- (((make-suite "filtertestcase.IgnoreIPDNS"))
- "")
- (((make-suite "filtertestcase.GetFailures"))
- "")
- (((make-suite "fail2banclienttestcase.Fail2banServerTest"))
- "")
- (((make-suite "servertestcase.ServerConfigReaderTests"))
+ (((make-suite-regex (list "actiontestcase.CommandActionTest"
+ "misctestcase.SetupTest"
+ "filtertestcase.DNSUtilsNetworkTests"
+ "filtertestcase.IgnoreIPDNS"
+ "filtertestcase.GetFailures"
+ "fail2banclienttestcase.Fail2banServerTest"
+ "servertestcase.ServerConfigReaderTests")))
""))))
(add-before 'install 'fix-default-config
(lambda _
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 04 May 2025 08:58:09 GMT) Full text and rfc822 format available.Message #71 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v3 0/6] Fix fail2ban build Date: Sun, 4 May 2025 10:56:20 +0200
I think the fail2ban tests were broken before the Python <at> 3.10 update. The -basic test runs properly, but the other tests do not. I focussed on fixing the -basic test because I don't understand why the other tests fail (socket is not found, but when I try it in real conditions, it is). The main issue was that the paths-debian.conf in jail.conf was substituted after the wheel was built, so the change didn't make it in the output. Probably related to the migration to the pyproject-build-system. So now the -basic test passes, but the -simple and -extension tests don't, but I guess it's because tests rather than the package are broken. Ready to be merged IMHO. Nicolas Graves (6): gnu: fail2ban: Move file deletion to source snippet. gnu: fail2ban: Move setup and test patches to phases. gnu: fail2ban: Update to 1.1.0. gnu: fail2ban: Improve style. gnu: fail2ban: Improve style. gnu: fail2ban: Improve snippet. gnu/local.mk | 6 - gnu/packages/admin.scm | 327 ++++++++---------- .../fail2ban-0.11.2_CVE-2021-32749.patch | 155 --------- ...2ban-0.11.2_fix-setuptools-drop-2to3.patch | 64 ---- .../fail2ban-0.11.2_fix-test-suite.patch | 48 --- .../fail2ban-python310-server-action.patch | 27 -- .../fail2ban-python310-server-actions.patch | 25 -- .../fail2ban-python310-server-jails.patch | 25 -- 8 files changed, 149 insertions(+), 528 deletions(-) delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch delete mode 100644 gnu/packages/patches/fail2ban-python310-server-action.patch delete mode 100644 gnu/packages/patches/fail2ban-python310-server-actions.patch delete mode 100644 gnu/packages/patches/fail2ban-python310-server-jails.patch -- 2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 04 May 2025 08:58:10 GMT) Full text and rfc822 format available.Message #74 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v3 1/6] gnu: fail2ban: Move file deletion to source snippet. Date: Sun, 4 May 2025 10:56:21 +0200
* gnu/packages/admin.scm (fail2ban)
[arguments]<phases>: Move multiple file deletion from here...
[source]<snippet>: ...to here.
---
gnu/packages/admin.scm | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 1d0ec121ff..216776e62c 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6185,6 +6185,15 @@ (define-public fail2ban
(modules '((guix build utils)))
(snippet
'(begin
+ ;; Replacing those by our own paths-guix.conf
+ (with-directory-excursion "config"
+ (for-each delete-file
+ '("paths-arch.conf"
+ "paths-debian.conf"
+ "paths-fedora.conf"
+ "paths-freebsd.conf"
+ "paths-opensuse.conf"
+ "paths-osx.conf")))
;; Get rid of absolute file names.
(substitute* "setup.py"
(("/etc/fail2ban")
@@ -6248,14 +6257,6 @@ (define-public fail2ban
(lambda* (#:key inputs #:allow-other-keys)
;; deleting things that are not feasible to fix
;; or won't be used any way
- (with-directory-excursion "config"
- (for-each delete-file
- '("paths-arch.conf"
- "paths-debian.conf"
- "paths-fedora.conf"
- "paths-freebsd.conf"
- "paths-opensuse.conf"
- "paths-osx.conf")))
(with-directory-excursion "config/action.d"
(for-each delete-file
'("apf.conf"
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 04 May 2025 08:59:02 GMT) Full text and rfc822 format available.Message #77 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v3 6/6] gnu: fail2ban: Improve snippet. Date: Sun, 4 May 2025 10:56:26 +0200
* gnu/packages/admin.scm (fail2ban)
[source]<modules>: Remove (srfi srfi-26).
<snippet>: Use gexp. Move substitute* patches...
[arguments]<phases>: ...to phases 'patch-setup.py and 'disable-some-tests.
---
gnu/packages/admin.scm | 26 +++++++++++---------------
1 file changed, 11 insertions(+), 15 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index e508340ef0..8fee710c7f 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6218,23 +6218,19 @@ (define-public fail2ban
"'usr/share/doc/fail2ban'"))))
(add-after 'unpack 'disable-some-tests
(lambda _
- (define (make-suite str)
- (string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
+ (define (make-suite-regex tests)
+ (string-append "tests.addTest\\(loadTests\\(("
+ (string-join tests "|")
+ ")\\)\\)"))
;; disable tests performing unacceptable side-effects
(substitute* "fail2ban/tests/utils.py"
- (((make-suite "actiontestcase.CommandActionTest"))
- "")
- (((make-suite "misctestcase.SetupTest"))
- "")
- (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
- "")
- (((make-suite "filtertestcase.IgnoreIPDNS"))
- "")
- (((make-suite "filtertestcase.GetFailures"))
- "")
- (((make-suite "fail2banclienttestcase.Fail2banServerTest"))
- "")
- (((make-suite "servertestcase.ServerConfigReaderTests"))
+ (((make-suite-regex (list "actiontestcase.CommandActionTest"
+ "misctestcase.SetupTest"
+ "filtertestcase.DNSUtilsNetworkTests"
+ "filtertestcase.IgnoreIPDNS"
+ "filtertestcase.GetFailures"
+ "fail2banclienttestcase.Fail2banServerTest"
+ "servertestcase.ServerConfigReaderTests")))
""))))
(add-before 'build 'fix-default-config
(lambda _
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 04 May 2025 08:59:03 GMT) Full text and rfc822 format available.Message #80 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v3 2/6] gnu: fail2ban: Move setup and test patches to phases. Date: Sun, 4 May 2025 10:56:22 +0200
* gnu/packages/admin.scm (fail2ban)
[source]<snippet>: Move setup and test substitutions...
[arguments]<phases>: ...to phases 'patch-setup.py and
'disable-some-tests.
---
gnu/packages/admin.scm | 71 +++++++++++++++++++++---------------------
1 file changed, 35 insertions(+), 36 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 216776e62c..d47a1935c3 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6193,42 +6193,7 @@ (define-public fail2ban
"paths-fedora.conf"
"paths-freebsd.conf"
"paths-opensuse.conf"
- "paths-osx.conf")))
- ;; Get rid of absolute file names.
- (substitute* "setup.py"
- (("/etc/fail2ban")
- "etc/fail2ban")
- (("/var/lib/fail2ban")
- "var/lib/fail2ban")
- (("\"/usr/bin/\"")
- "\"usr/bin/\"")
- (("\"/usr/lib/fail2ban/\"")
- "\"usr/lib/fail2ban/\"")
- (("'/usr/share/doc/fail2ban'")
- "'usr/share/doc/fail2ban'"))
- ;; disable tests performing unacceptable side-effects
- (let ((make-suite (lambda (t)
- (string-append
- "tests.addTest.unittest.makeSuite."
- t ".."))))
- (substitute* "fail2ban/tests/utils.py"
- (((make-suite "actiontestcase.CommandActionTest"))
- "")
- (((make-suite "misctestcase.SetupTest"))
- "")
- (((make-suite
- "filtertestcase.DNSUtilsNetworkTests"))
- "")
- (((make-suite "filtertestcase.IgnoreIPDNS"))
- "")
- (((make-suite "filtertestcase.GetFailures"))
- "")
- (((make-suite
- "fail2banclienttestcase.Fail2banServerTest"))
- "")
- (((make-suite
- "servertestcase.ServerConfigReaderTests"))
- "")))))
+ "paths-osx.conf")))))
(patches (search-patches
"fail2ban-0.11.2_fix-setuptools-drop-2to3.patch"
"fail2ban-python310-server-action.patch"
@@ -6243,6 +6208,40 @@ (define-public fail2ban
(add-before 'build 'invoke-2to3
(lambda _
(invoke "./fail2ban-2to3")))
+ (add-after 'unpack 'patch-setup.py
+ (lambda _
+ ;; Get rid of absolute file names.
+ (substitute* "setup.py"
+ (("/etc/fail2ban")
+ "etc/fail2ban")
+ (("/var/lib/fail2ban")
+ "var/lib/fail2ban")
+ (("\"/usr/bin/\"")
+ "\"usr/bin/\"")
+ (("\"/usr/lib/fail2ban/\"")
+ "\"usr/lib/fail2ban/\"")
+ (("'/usr/share/doc/fail2ban'")
+ "'usr/share/doc/fail2ban'"))))
+ (add-after 'unpack 'disable-some-tests
+ (lambda _
+ (define (make-suite str)
+ (string-append "tests.addTest.unittest.makeSuite." str ".."))
+ ;; disable tests performing unacceptable side-effects
+ (substitute* "fail2ban/tests/utils.py"
+ (((make-suite "actiontestcase.CommandActionTest"))
+ "")
+ (((make-suite "misctestcase.SetupTest"))
+ "")
+ (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
+ "")
+ (((make-suite "filtertestcase.IgnoreIPDNS"))
+ "")
+ (((make-suite "filtertestcase.GetFailures"))
+ "")
+ (((make-suite "fail2banclienttestcase.Fail2banServerTest"))
+ "")
+ (((make-suite "servertestcase.ServerConfigReaderTests"))
+ ""))))
(add-before 'install 'fix-default-config
(lambda* (#:key outputs #:allow-other-keys)
(substitute* '("config/paths-common.conf"
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 04 May 2025 08:59:03 GMT) Full text and rfc822 format available.Message #83 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v3 5/6] gnu: fail2ban: Improve style. Date: Sun, 4 May 2025 10:56:25 +0200
* gnu/packages/admin.scm (fail2ban):
[arguments]<phases>: Rewrite phases 'set-action-dependencies and
copy-man-pages for readability.
---
gnu/packages/admin.scm | 121 ++++++++++++++++++-----------------------
1 file changed, 54 insertions(+), 67 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index c9dd154313..e508340ef0 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6237,21 +6237,22 @@ (define (make-suite str)
(((make-suite "servertestcase.ServerConfigReaderTests"))
""))))
(add-before 'build 'fix-default-config
- (lambda* (#:key outputs #:allow-other-keys)
+ (lambda _
(substitute* '("config/paths-common.conf"
"fail2ban/tests/utils.py"
"fail2ban/client/configreader.py"
"fail2ban/client/fail2bancmdline.py"
"fail2ban/client/fail2banregex.py")
(("/etc/fail2ban")
- (string-append (assoc-ref outputs "out") "/etc/fail2ban")))))
+ (string-append #$output "/etc/fail2ban")))))
(add-after 'fix-default-config 'set-action-dependencies
(lambda* (#:key inputs #:allow-other-keys)
;; deleting things that are not feasible to fix
;; or won't be used any way
(with-directory-excursion "config/action.d"
(for-each delete-file
- '("apf.conf" "bsd-ipfw.conf"
+ '("apf.conf"
+ "bsd-ipfw.conf"
"dshield.conf"
"ipfilter.conf"
"ipfw.conf"
@@ -6270,74 +6271,60 @@ (define (make-suite str)
"shorewall.conf"
"shorewall-ipset-proto6.conf"
"ufw.conf")))
- (let* ((lookup-cmd (lambda (i)
- (search-input-file inputs i)))
- (bin (lambda (i)
- (lookup-cmd (string-append "/bin/" i))))
- (sbin (lambda (i)
- (lookup-cmd (string-append "/sbin/" i))))
- (ip (sbin "ip"))
- (sendmail (sbin "sendmail")))
- (substitute* (find-files "config/action.d" "\\.conf$")
- ;; TODO: deal with geoiplookup ..
- (("(awk|curl|dig|jq)" all cmd)
- (bin cmd))
- (("(cat|echo|grep|head|printf|wc) " all cmd)
- (string-append (bin cmd) " "))
- ((" (date|rm|sed|tail|touch|tr) " all cmd)
- (string-append " "
- (bin cmd) " "))
- (("cut -d")
- (string-append (bin "cut") " -d"))
- (("`date`")
- (string-append "`"
- (bin "date") "`"))
- (("id -")
- (string-append (bin "id") " -"))
- (("ip -([46]) addr" all ver)
- (string-append ip " -" ver " addr"))
- (("ip route")
- (string-append ip " route"))
- (("ipset ")
- (string-append (sbin "ipset") " "))
- (("(iptables|ip6tables) <" all cmd)
- (string-append (sbin cmd) " <"))
- (("/usr/bin/nsupdate")
- (bin "nsupdate"))
- (("mail -E")
- (string-append sendmail " -E"))
- (("nftables = nft")
- (string-append "nftables = "
- (sbin "nft")))
- (("perl -e")
- (string-append (bin "perl") " -e"))
- (("/usr/sbin/sendmail")
- sendmail)
- (("test -e")
- (string-append (bin "test") " -e"))
- (("_whois = whois")
- (string-append "_whois = "
- (bin "whois")))))
+ (define (lookup dir file)
+ (search-input-file inputs (string-append "/" dir "/" file)))
+
+ (substitute* (find-files "config/action.d" "\\.conf$")
+ ;; TODO: deal with geoiplookup ..
+ (("(awk|curl|dig|jq)" all cmd)
+ (lookup "bin" cmd))
+ (("(cat|echo|grep|head|printf|wc) " all cmd)
+ (string-append (lookup "bin" cmd) " "))
+ ((" (date|rm|sed|tail|touch|tr) " all cmd)
+ (string-append " " (lookup "bin" cmd) " "))
+ (("cut -d")
+ (string-append (lookup "bin" "cut") " -d"))
+ (("`date`")
+ (string-append "`" (lookup "bin" "date") "`"))
+ (("id -")
+ (string-append (lookup "bin" "id") " -"))
+ (("ip (route|-[46] addr)" all rest)
+ (string-append (lookup "sbin" "ip") rest))
+ (("ipset ")
+ (string-append (lookup "sbin" "ipset") " "))
+ (("(iptables|ip6tables) <" all cmd)
+ (string-append (lookup "sbin" cmd) " <"))
+ (("/usr/bin/nsupdate")
+ (lookup "bin" "nsupdate"))
+ (("mail -E")
+ (string-append (lookup "sbin" "sendmail") " -E"))
+ (("nftables = nft")
+ (string-append "nftables = " (lookup "sbin" "nft")))
+ (("perl -e")
+ (string-append (lookup "bin" "perl") " -e"))
+ (("/usr/sbin/sendmail")
+ (lookup "sbin" "sendmail"))
+ (("test -e")
+ (string-append (lookup "bin" "test") " -e"))
+ (("_whois = whois")
+ (string-append "_whois = " (lookup "bin" "whois"))))
+
(substitute* "config/jail.conf"
(("before = paths-debian\\.conf")
"before = paths-guix.conf"))))
(add-after 'install 'copy-man-pages
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((man (string-append (assoc-ref outputs "out") "/man"))
- (install-man (lambda (m)
- (lambda (f)
- (install-file (string-append f "." m)
- (string-append man "/man"
- m)))))
- (install-man1 (install-man "1"))
- (install-man5 (install-man "5")))
- (with-directory-excursion "man"
- (for-each install-man1
- '("fail2ban" "fail2ban-client" "fail2ban-python"
- "fail2ban-regex" "fail2ban-server"
- "fail2ban-testcases"))
- (for-each install-man5
- '("jail.conf")))))))))
+ (lambda _
+ (define (install-man m)
+ (lambda (f)
+ (install-file (string-append f "." m)
+ (string-append #$output "man/man" m))))
+
+ (with-directory-excursion "man"
+ (for-each (install-man "1")
+ '("fail2ban" "fail2ban-client" "fail2ban-python"
+ "fail2ban-regex" "fail2ban-server"
+ "fail2ban-testcases"))
+ ((install-man "5") "jail.conf")))))))
(native-inputs (list python-setuptools python-wheel))
(inputs (list gawk
coreutils-minimal
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 04 May 2025 08:59:04 GMT) Full text and rfc822 format available.Message #86 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v3 4/6] gnu: fail2ban: Improve style. Date: Sun, 4 May 2025 10:56:24 +0200
* gnu/packages/admin.scm (fail2ban): Use gexps and run guix style.
---
gnu/packages/admin.scm | 338 ++++++++++++++++++++---------------------
1 file changed, 164 insertions(+), 174 deletions(-)
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index c6dc8ff43c..c9dd154313 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6173,182 +6173,172 @@ (define-public fail2ban
(package
(name "fail2ban")
(version "1.1.0")
- (source (origin
- (method git-fetch)
- (uri (git-reference
- (url "https://github.com/fail2ban/fail2ban")
- (commit version)))
- (file-name (git-file-name name version))
- (sha256
- (base32
- "0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
- (modules '((guix build utils)))
- (snippet
- '(begin
- ;; Replacing those by our own paths-guix.conf
- (with-directory-excursion "config"
- (for-each delete-file
- '("paths-arch.conf"
- "paths-debian.conf"
- "paths-fedora.conf"
- "paths-freebsd.conf"
- "paths-opensuse.conf"
- "paths-osx.conf")))))
- (patches (search-patches "fail2ban-paths-guix-conf.patch"))))
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/fail2ban/fail2ban")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
+ (modules '((guix build utils)))
+ (snippet #~(begin
+ ;; Replacing those by our own paths-guix.conf
+ (with-directory-excursion "config"
+ (for-each delete-file
+ '("paths-arch.conf" "paths-debian.conf"
+ "paths-fedora.conf" "paths-freebsd.conf"
+ "paths-opensuse.conf" "paths-osx.conf")))))
+ (patches (search-patches "fail2ban-paths-guix-conf.patch"))))
(build-system pyproject-build-system)
(arguments
- '(#:phases (modify-phases %standard-phases
- (add-after 'unpack 'avoid-external-binary-in-/bin
- (lambda _
- (delete-file "fail2ban/setup.py")
- (substitute* '("bin/fail2ban-testcases"
- "setup.py")
- ((".*updatePyExec.*") ""))))
- (add-after 'unpack 'patch-setup.py
- (lambda _
- ;; Get rid of absolute file names.
- (substitute* "setup.py"
- (("/etc/fail2ban")
- "etc/fail2ban")
- (("/var/lib/fail2ban")
- "var/lib/fail2ban")
- (("\"/usr/bin/\"")
- "\"usr/bin/\"")
- (("\"/usr/lib/fail2ban/\"")
- "\"usr/lib/fail2ban/\"")
- (("'/usr/share/doc/fail2ban'")
- "'usr/share/doc/fail2ban'"))))
- (add-after 'unpack 'disable-some-tests
- (lambda _
- (define (make-suite str)
- (string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
- ;; disable tests performing unacceptable side-effects
- (substitute* "fail2ban/tests/utils.py"
- (((make-suite "actiontestcase.CommandActionTest"))
- "")
- (((make-suite "misctestcase.SetupTest"))
- "")
- (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
- "")
- (((make-suite "filtertestcase.IgnoreIPDNS"))
- "")
- (((make-suite "filtertestcase.GetFailures"))
- "")
- (((make-suite "fail2banclienttestcase.Fail2banServerTest"))
- "")
- (((make-suite "servertestcase.ServerConfigReaderTests"))
- ""))))
- (add-before 'build 'fix-default-config
- (lambda* (#:key outputs #:allow-other-keys)
- (substitute* '("config/paths-common.conf"
- "fail2ban/tests/utils.py"
- "fail2ban/client/configreader.py"
- "fail2ban/client/fail2bancmdline.py"
- "fail2ban/client/fail2banregex.py")
- (("/etc/fail2ban")
- (string-append (assoc-ref outputs "out")
- "/etc/fail2ban")))))
- (add-after 'fix-default-config 'set-action-dependencies
- (lambda* (#:key inputs #:allow-other-keys)
- ;; deleting things that are not feasible to fix
- ;; or won't be used any way
- (with-directory-excursion "config/action.d"
- (for-each delete-file
- '("apf.conf"
- "bsd-ipfw.conf"
- "dshield.conf"
- "ipfilter.conf"
- "ipfw.conf"
- "firewallcmd-allports.conf"
- "firewallcmd-common.conf"
- "firewallcmd-ipset.conf"
- "firewallcmd-multiport.conf"
- "firewallcmd-new.conf"
- "firewallcmd-rich-logging.conf"
- "firewallcmd-rich-rules.conf"
- "osx-afctl.conf"
- "osx-ipfw.conf"
- "pf.conf"
- "nginx-block-map.conf"
- "npf.conf"
- "shorewall.conf"
- "shorewall-ipset-proto6.conf"
- "ufw.conf")))
- (let* ((lookup-cmd (lambda (i)
- (search-input-file inputs i)))
- (bin (lambda (i)
- (lookup-cmd (string-append "/bin/" i))))
- (sbin (lambda (i)
- (lookup-cmd (string-append "/sbin/" i))))
- (ip (sbin "ip"))
- (sendmail (sbin "sendmail")))
- (substitute* (find-files "config/action.d" "\\.conf$")
- ;; TODO: deal with geoiplookup ..
- (("(awk|curl|dig|jq)" all cmd)
- (bin cmd))
- (("(cat|echo|grep|head|printf|wc) " all
- cmd)
- (string-append (bin cmd) " "))
- ((" (date|rm|sed|tail|touch|tr) " all
- cmd)
- (string-append " "
- (bin cmd) " "))
- (("cut -d")
- (string-append (bin "cut") " -d"))
- (("`date`")
- (string-append "`"
- (bin "date") "`"))
- (("id -")
- (string-append (bin "id") " -"))
- (("ip -([46]) addr" all ver)
- (string-append ip " -" ver " addr"))
- (("ip route")
- (string-append ip " route"))
- (("ipset ")
- (string-append (sbin "ipset") " "))
- (("(iptables|ip6tables) <" all cmd)
- (string-append (sbin cmd) " <"))
- (("/usr/bin/nsupdate")
- (bin "nsupdate"))
- (("mail -E")
- (string-append sendmail " -E"))
- (("nftables = nft")
- (string-append "nftables = " (sbin "nft")))
- (("perl -e")
- (string-append (bin "perl") " -e"))
- (("/usr/sbin/sendmail")
- sendmail)
- (("test -e")
- (string-append (bin "test") " -e"))
- (("_whois = whois")
- (string-append "_whois = " (bin "whois")))))
- (substitute* "config/jail.conf"
- (("before = paths-debian\\.conf")
- "before = paths-guix.conf"))))
- (add-after 'install 'copy-man-pages
- (lambda* (#:key outputs #:allow-other-keys)
- (let* ((man (string-append (assoc-ref outputs "out")
- "/man"))
- (install-man (lambda (m)
- (lambda (f)
- (install-file (string-append f
- "." m)
- (string-append man
- "/man" m)))))
- (install-man1 (install-man "1"))
- (install-man5 (install-man "5")))
- (with-directory-excursion "man"
- (for-each install-man1
- '("fail2ban"
- "fail2ban-client"
- "fail2ban-python"
- "fail2ban-regex"
- "fail2ban-server"
- "fail2ban-testcases"))
- (for-each install-man5
- '("jail.conf")))))))))
- (native-inputs
- (list python-setuptools python-wheel))
+ (list
+ #:phases
+ #~(modify-phases %standard-phases
+ (add-after 'unpack 'avoid-external-binary-in-/bin
+ (lambda _
+ (delete-file "fail2ban/setup.py")
+ (substitute* '("bin/fail2ban-testcases" "setup.py")
+ ((".*updatePyExec.*")
+ ""))))
+ (add-after 'unpack 'patch-setup.py
+ (lambda _
+ ;; Get rid of absolute file names.
+ (substitute* "setup.py"
+ (("/etc/fail2ban")
+ "etc/fail2ban")
+ (("/var/lib/fail2ban")
+ "var/lib/fail2ban")
+ (("\"/usr/bin/\"")
+ "\"usr/bin/\"")
+ (("\"/usr/lib/fail2ban/\"")
+ "\"usr/lib/fail2ban/\"")
+ (("'/usr/share/doc/fail2ban'")
+ "'usr/share/doc/fail2ban'"))))
+ (add-after 'unpack 'disable-some-tests
+ (lambda _
+ (define (make-suite str)
+ (string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
+ ;; disable tests performing unacceptable side-effects
+ (substitute* "fail2ban/tests/utils.py"
+ (((make-suite "actiontestcase.CommandActionTest"))
+ "")
+ (((make-suite "misctestcase.SetupTest"))
+ "")
+ (((make-suite "filtertestcase.DNSUtilsNetworkTests"))
+ "")
+ (((make-suite "filtertestcase.IgnoreIPDNS"))
+ "")
+ (((make-suite "filtertestcase.GetFailures"))
+ "")
+ (((make-suite "fail2banclienttestcase.Fail2banServerTest"))
+ "")
+ (((make-suite "servertestcase.ServerConfigReaderTests"))
+ ""))))
+ (add-before 'build 'fix-default-config
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* '("config/paths-common.conf"
+ "fail2ban/tests/utils.py"
+ "fail2ban/client/configreader.py"
+ "fail2ban/client/fail2bancmdline.py"
+ "fail2ban/client/fail2banregex.py")
+ (("/etc/fail2ban")
+ (string-append (assoc-ref outputs "out") "/etc/fail2ban")))))
+ (add-after 'fix-default-config 'set-action-dependencies
+ (lambda* (#:key inputs #:allow-other-keys)
+ ;; deleting things that are not feasible to fix
+ ;; or won't be used any way
+ (with-directory-excursion "config/action.d"
+ (for-each delete-file
+ '("apf.conf" "bsd-ipfw.conf"
+ "dshield.conf"
+ "ipfilter.conf"
+ "ipfw.conf"
+ "firewallcmd-allports.conf"
+ "firewallcmd-common.conf"
+ "firewallcmd-ipset.conf"
+ "firewallcmd-multiport.conf"
+ "firewallcmd-new.conf"
+ "firewallcmd-rich-logging.conf"
+ "firewallcmd-rich-rules.conf"
+ "osx-afctl.conf"
+ "osx-ipfw.conf"
+ "pf.conf"
+ "nginx-block-map.conf"
+ "npf.conf"
+ "shorewall.conf"
+ "shorewall-ipset-proto6.conf"
+ "ufw.conf")))
+ (let* ((lookup-cmd (lambda (i)
+ (search-input-file inputs i)))
+ (bin (lambda (i)
+ (lookup-cmd (string-append "/bin/" i))))
+ (sbin (lambda (i)
+ (lookup-cmd (string-append "/sbin/" i))))
+ (ip (sbin "ip"))
+ (sendmail (sbin "sendmail")))
+ (substitute* (find-files "config/action.d" "\\.conf$")
+ ;; TODO: deal with geoiplookup ..
+ (("(awk|curl|dig|jq)" all cmd)
+ (bin cmd))
+ (("(cat|echo|grep|head|printf|wc) " all cmd)
+ (string-append (bin cmd) " "))
+ ((" (date|rm|sed|tail|touch|tr) " all cmd)
+ (string-append " "
+ (bin cmd) " "))
+ (("cut -d")
+ (string-append (bin "cut") " -d"))
+ (("`date`")
+ (string-append "`"
+ (bin "date") "`"))
+ (("id -")
+ (string-append (bin "id") " -"))
+ (("ip -([46]) addr" all ver)
+ (string-append ip " -" ver " addr"))
+ (("ip route")
+ (string-append ip " route"))
+ (("ipset ")
+ (string-append (sbin "ipset") " "))
+ (("(iptables|ip6tables) <" all cmd)
+ (string-append (sbin cmd) " <"))
+ (("/usr/bin/nsupdate")
+ (bin "nsupdate"))
+ (("mail -E")
+ (string-append sendmail " -E"))
+ (("nftables = nft")
+ (string-append "nftables = "
+ (sbin "nft")))
+ (("perl -e")
+ (string-append (bin "perl") " -e"))
+ (("/usr/sbin/sendmail")
+ sendmail)
+ (("test -e")
+ (string-append (bin "test") " -e"))
+ (("_whois = whois")
+ (string-append "_whois = "
+ (bin "whois")))))
+ (substitute* "config/jail.conf"
+ (("before = paths-debian\\.conf")
+ "before = paths-guix.conf"))))
+ (add-after 'install 'copy-man-pages
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((man (string-append (assoc-ref outputs "out") "/man"))
+ (install-man (lambda (m)
+ (lambda (f)
+ (install-file (string-append f "." m)
+ (string-append man "/man"
+ m)))))
+ (install-man1 (install-man "1"))
+ (install-man5 (install-man "5")))
+ (with-directory-excursion "man"
+ (for-each install-man1
+ '("fail2ban" "fail2ban-client" "fail2ban-python"
+ "fail2ban-regex" "fail2ban-server"
+ "fail2ban-testcases"))
+ (for-each install-man5
+ '("jail.conf")))))))))
+ (native-inputs (list python-setuptools python-wheel))
(inputs (list gawk
coreutils-minimal
curl
--
2.49.0
guix-patches <at> gnu.org:bug#78066; Package guix-patches.
(Sun, 04 May 2025 08:59:04 GMT) Full text and rfc822 format available.Message #89 received at 78066 <at> debbugs.gnu.org (full text, mbox):
From: Nicolas Graves <ngraves <at> ngraves.fr> To: 78066 <at> debbugs.gnu.org Cc: Nicolas Graves <ngraves <at> ngraves.fr> Subject: [PATCH v3 3/6] gnu: fail2ban: Update to 1.1.0. Date: Sun, 4 May 2025 10:56:23 +0200
* gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch,
gnu/packages/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch,
gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch,
gnu/packages/patches/fail2ban-python310-server-action.patch,
gnu/packages/fail2ban-python310-server-actions.patch: Delete patches.
* gnu/local.mk: Deregister patches.
* gnu/packages/admin.scm (fail2ban): Update to 1.1.0.
[source]<snippet>: Use (srfi srfi-26) for readability.
<patches>: Deregister patches.
[build-system]: Switch to pyproject-build-system.
[arguments]<phases>: Remove phase 'invoke-2to3. Add phase
'avoid-external-binary-in-/bin to avoid creating a symlink to
python-wrapper binary during installation (current 'install phase
breaks otherwise). Run phases 'fix-default-config and
'set-action-dependencies before 'build phase (needed for pyproject).
[native-inputs]: Add python-setuptools, python-wheel.
---
gnu/local.mk | 6 -
gnu/packages/admin.scm | 30 ++--
.../fail2ban-0.11.2_CVE-2021-32749.patch | 155 ------------------
...2ban-0.11.2_fix-setuptools-drop-2to3.patch | 64 --------
.../fail2ban-0.11.2_fix-test-suite.patch | 48 ------
.../fail2ban-python310-server-action.patch | 27 ---
.../fail2ban-python310-server-actions.patch | 25 ---
.../fail2ban-python310-server-jails.patch | 25 ---
8 files changed, 14 insertions(+), 366 deletions(-)
delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch
delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch
delete mode 100644 gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch
delete mode 100644 gnu/packages/patches/fail2ban-python310-server-action.patch
delete mode 100644 gnu/packages/patches/fail2ban-python310-server-actions.patch
delete mode 100644 gnu/packages/patches/fail2ban-python310-server-jails.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index f6f95bbf10..5269bfe5ee 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1259,13 +1259,7 @@ dist_patch_DATA = \
%D%/packages/patches/expat-CVE-2024-45492.patch \
%D%/packages/patches/extempore-unbundle-external-dependencies.patch \
%D%/packages/patches/extundelete-e2fsprogs-1.44.patch \
- %D%/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch \
- %D%/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch \
- %D%/packages/patches/fail2ban-0.11.2_fix-test-suite.patch \
%D%/packages/patches/fail2ban-paths-guix-conf.patch \
- %D%/packages/patches/fail2ban-python310-server-action.patch \
- %D%/packages/patches/fail2ban-python310-server-actions.patch \
- %D%/packages/patches/fail2ban-python310-server-jails.patch \
%D%/packages/patches/faiss-tests-CMakeLists-find-googletest.patch \
%D%/packages/patches/falcosecurity-libs-shared-build.patch \
%D%/packages/patches/farstream-gupnp.patch \
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index d47a1935c3..c6dc8ff43c 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -6172,7 +6172,7 @@ (define-public sysdig
(define-public fail2ban
(package
(name "fail2ban")
- (version "0.11.2")
+ (version "1.1.0")
(source (origin
(method git-fetch)
(uri (git-reference
@@ -6181,7 +6181,7 @@ (define-public fail2ban
(file-name (git-file-name name version))
(sha256
(base32
- "00d9q8m284q2wy6q462nipzszplfbvrs9fhgn0y3imwsc24kv1db"))
+ "0lfakna6ad2xwz95sjxzkavipcsxiy7ybavkdkf9zzmspf2ws4yk"))
(modules '((guix build utils)))
(snippet
'(begin
@@ -6194,20 +6194,16 @@ (define-public fail2ban
"paths-freebsd.conf"
"paths-opensuse.conf"
"paths-osx.conf")))))
- (patches (search-patches
- "fail2ban-0.11.2_fix-setuptools-drop-2to3.patch"
- "fail2ban-python310-server-action.patch"
- "fail2ban-python310-server-actions.patch"
- "fail2ban-python310-server-jails.patch"
- "fail2ban-0.11.2_fix-test-suite.patch"
- "fail2ban-0.11.2_CVE-2021-32749.patch"
- "fail2ban-paths-guix-conf.patch"))))
- (build-system python-build-system)
+ (patches (search-patches "fail2ban-paths-guix-conf.patch"))))
+ (build-system pyproject-build-system)
(arguments
'(#:phases (modify-phases %standard-phases
- (add-before 'build 'invoke-2to3
+ (add-after 'unpack 'avoid-external-binary-in-/bin
(lambda _
- (invoke "./fail2ban-2to3")))
+ (delete-file "fail2ban/setup.py")
+ (substitute* '("bin/fail2ban-testcases"
+ "setup.py")
+ ((".*updatePyExec.*") ""))))
(add-after 'unpack 'patch-setup.py
(lambda _
;; Get rid of absolute file names.
@@ -6225,7 +6221,7 @@ (define-public fail2ban
(add-after 'unpack 'disable-some-tests
(lambda _
(define (make-suite str)
- (string-append "tests.addTest.unittest.makeSuite." str ".."))
+ (string-append "tests.addTest\\(loadTests\\(" str "\\)\\)"))
;; disable tests performing unacceptable side-effects
(substitute* "fail2ban/tests/utils.py"
(((make-suite "actiontestcase.CommandActionTest"))
@@ -6242,7 +6238,7 @@ (define (make-suite str)
"")
(((make-suite "servertestcase.ServerConfigReaderTests"))
""))))
- (add-before 'install 'fix-default-config
+ (add-before 'build 'fix-default-config
(lambda* (#:key outputs #:allow-other-keys)
(substitute* '("config/paths-common.conf"
"fail2ban/tests/utils.py"
@@ -6327,7 +6323,7 @@ (define (make-suite str)
(("_whois = whois")
(string-append "_whois = " (bin "whois")))))
(substitute* "config/jail.conf"
- (("before = paths-debian.conf")
+ (("before = paths-debian\\.conf")
"before = paths-guix.conf"))))
(add-after 'install 'copy-man-pages
(lambda* (#:key outputs #:allow-other-keys)
@@ -6351,6 +6347,8 @@ (define (make-suite str)
"fail2ban-testcases"))
(for-each install-man5
'("jail.conf")))))))))
+ (native-inputs
+ (list python-setuptools python-wheel))
(inputs (list gawk
coreutils-minimal
curl
diff --git a/gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch b/gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch
deleted file mode 100644
index d3c677918c..0000000000
--- a/gnu/packages/patches/fail2ban-0.11.2_CVE-2021-32749.patch
+++ /dev/null
@@ -1,155 +0,0 @@
-From 410a6ce5c80dd981c22752da034f2529b5eee844 Mon Sep 17 00:00:00 2001
-From: sebres <serg.brester <at> sebres.de>
-Date: Mon, 21 Jun 2021 17:12:53 +0200
-Subject: [PATCH] fixed possible RCE vulnerability, unset escape variable
- (default tilde) stops consider "~" char after new-line as composing escape
- sequence
-
----
- config/action.d/complain.conf | 2 +-
- config/action.d/dshield.conf | 2 +-
- config/action.d/mail-buffered.conf | 8 ++++----
- config/action.d/mail-whois-lines.conf | 2 +-
- config/action.d/mail-whois.conf | 6 +++---
- config/action.d/mail.conf | 6 +++---
- 6 files changed, 13 insertions(+), 13 deletions(-)
-
-diff --git a/config/action.d/complain.conf b/config/action.d/complain.conf
-index 3a5f882c9f..4d73b05859 100644
---- a/config/action.d/complain.conf
-+++ b/config/action.d/complain.conf
-@@ -102,7 +102,7 @@ logpath = /dev/null
- # Notes.: Your system mail command. Is passed 2 args: subject and recipient
- # Values: CMD
- #
--mailcmd = mail -s
-+mailcmd = mail -E 'set escape' -s
-
- # Option: mailargs
- # Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
-diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf
-index c128bef348..3d5a7a53a9 100644
---- a/config/action.d/dshield.conf
-+++ b/config/action.d/dshield.conf
-@@ -179,7 +179,7 @@ tcpflags =
- # Notes.: Your system mail command. Is passed 2 args: subject and recipient
- # Values: CMD
- #
--mailcmd = mail -s
-+mailcmd = mail -E 'set escape' -s
-
- # Option: mailargs
- # Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
-diff --git a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf
-index 325f185b2f..79b841049c 100644
---- a/config/action.d/mail-buffered.conf
-+++ b/config/action.d/mail-buffered.conf
-@@ -17,7 +17,7 @@ actionstart = printf %%b "Hi,\n
- The jail <name> has been started successfully.\n
- Output will be buffered until <lines> lines are available.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-
- # Option: actionstop
- # Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
-@@ -28,13 +28,13 @@ actionstop = if [ -f <tmpfile> ]; then
- These hosts have been banned by Fail2Ban.\n
- `cat <tmpfile>`
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest>
- rm <tmpfile>
- fi
- printf %%b "Hi,\n
- The jail <name> has been stopped.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-
- # Option: actioncheck
- # Notes.: command executed once before each actionban command
-@@ -55,7 +55,7 @@ actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
- These hosts have been banned by Fail2Ban.\n
- `cat <tmpfile>`
- \nRegards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary" <dest>
- rm <tmpfile>
- fi
-
-diff --git a/config/action.d/mail-whois-lines.conf b/config/action.d/mail-whois-lines.conf
-index 3a3e56b2c7..d2818cb9b9 100644
---- a/config/action.d/mail-whois-lines.conf
-+++ b/config/action.d/mail-whois-lines.conf
-@@ -72,7 +72,7 @@ actionunban =
- # Notes.: Your system mail command. Is passed 2 args: subject and recipient
- # Values: CMD
- #
--mailcmd = mail -s
-+mailcmd = mail -E 'set escape' -s
-
- # Default name of the chain
- #
-diff --git a/config/action.d/mail-whois.conf b/config/action.d/mail-whois.conf
-index 7fea34c40d..ab33b616dc 100644
---- a/config/action.d/mail-whois.conf
-+++ b/config/action.d/mail-whois.conf
-@@ -20,7 +20,7 @@ norestored = 1
- actionstart = printf %%b "Hi,\n
- The jail <name> has been started successfully.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-
- # Option: actionstop
- # Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
-@@ -29,7 +29,7 @@ actionstart = printf %%b "Hi,\n
- actionstop = printf %%b "Hi,\n
- The jail <name> has been stopped.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-
- # Option: actioncheck
- # Notes.: command executed once before each actionban command
-@@ -49,7 +49,7 @@ actionban = printf %%b "Hi,\n
- Here is more information about <ip> :\n
- `%(_whois_command)s`\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
-
- # Option: actionunban
- # Notes.: command executed when unbanning an IP. Take care that the
-diff --git a/config/action.d/mail.conf b/config/action.d/mail.conf
-index 5d8c0e154c..f4838ddcb6 100644
---- a/config/action.d/mail.conf
-+++ b/config/action.d/mail.conf
-@@ -16,7 +16,7 @@ norestored = 1
- actionstart = printf %%b "Hi,\n
- The jail <name> has been started successfully.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
-
- # Option: actionstop
- # Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
-@@ -25,7 +25,7 @@ actionstart = printf %%b "Hi,\n
- actionstop = printf %%b "Hi,\n
- The jail <name> has been stopped.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
-
- # Option: actioncheck
- # Notes.: command executed once before each actionban command
-@@ -43,7 +43,7 @@ actionban = printf %%b "Hi,\n
- The IP <ip> has just been banned by Fail2Ban after
- <failures> attempts against <name>.\n
- Regards,\n
-- Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
-+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
-
- # Option: actionunban
- # Notes.: command executed when unbanning an IP. Take care that the
diff --git a/gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch b/gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch
deleted file mode 100644
index b0b14364b1..0000000000
--- a/gnu/packages/patches/fail2ban-0.11.2_fix-setuptools-drop-2to3.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-From 5ac303df8a171f748330d4c645ccbf1c2c7f3497 Mon Sep 17 00:00:00 2001
-From: sebres <info <at> sebres.de>
-Date: Sun, 19 Sep 2021 18:49:18 +0200
-Subject: [PATCH] fix gh-3098: build fails with error in fail2ban setup
- command: use_2to3 is invalid (setuptools 58+)
-
----
- setup.py | 16 +---------------
- 1 file changed, 1 insertion(+), 15 deletions(-)
-
-diff --git a/setup.py b/setup.py
-index f4c2550f6f..98413273c5 100755
---- a/setup.py
-+++ b/setup.py
-@@ -48,7 +48,7 @@
- from glob import glob
-
- from fail2ban.setup import updatePyExec
--
-+from fail2ban.version import version
-
- source_dir = os.path.realpath(os.path.dirname(
- # __file__ seems to be overwritten sometimes on some python versions (e.g. bug of 2.6 by running under cProfile, etc.):
-@@ -112,22 +112,12 @@ def update_scripts(self, dry_run=False):
- # Wrapper to specify fail2ban own options:
- class install_command_f2b(install):
- user_options = install.user_options + [
-- ('disable-2to3', None, 'Specify to deactivate 2to3, e.g. if the install runs from fail2ban test-cases.'),
- ('without-tests', None, 'without tests files installation'),
- ]
- def initialize_options(self):
-- self.disable_2to3 = None
- self.without_tests = not with_tests
- install.initialize_options(self)
- def finalize_options(self):
-- global _2to3
-- ## in the test cases 2to3 should be already done (fail2ban-2to3):
-- if self.disable_2to3:
-- _2to3 = False
-- if _2to3:
-- cmdclass = self.distribution.cmdclass
-- cmdclass['build_py'] = build_py_2to3
-- cmdclass['build_scripts'] = build_scripts_2to3
- if self.without_tests:
- self.distribution.scripts.remove('bin/fail2ban-testcases')
-
-@@ -178,7 +168,6 @@ def run(self):
- if setuptools:
- setup_extra = {
- 'test_suite': "fail2ban.tests.utils.gatherTests",
-- 'use_2to3': True,
- }
- else:
- setup_extra = {}
-@@ -202,9 +191,6 @@ def run(self):
- ('/usr/share/doc/fail2ban', doc_files)
- )
-
--# Get version number, avoiding importing fail2ban.
--# This is due to tests not functioning for python3 as 2to3 takes place later
--exec(open(join("fail2ban", "version.py")).read())
-
- setup(
- name = "fail2ban",
diff --git a/gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch b/gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch
deleted file mode 100644
index 91d973e72e..0000000000
--- a/gnu/packages/patches/fail2ban-0.11.2_fix-test-suite.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From 747d4683221b5584f9663695fb48145689b42ceb Mon Sep 17 00:00:00 2001
-From: sebres <info <at> sebres.de>
-Date: Mon, 4 Jan 2021 02:42:38 +0100
-Subject: [PATCH] fixes century selector of %ExY and %Exy in datepattern for
- tests, considering interval from 2005 (alternate now) to now; + better
- grouping algorithm for resulting century RE
-
----
- fail2ban/server/strptime.py | 24 ++++++++++++++++++++++--
- 1 file changed, 22 insertions(+), 2 deletions(-)
-
-diff --git a/fail2ban/server/strptime.py b/fail2ban/server/strptime.py
-index 1464a96d1f..39fc795865 100644
---- a/fail2ban/server/strptime.py
-+++ b/fail2ban/server/strptime.py
-@@ -36,10 +36,30 @@ def _getYearCentRE(cent=(0,3), distance=3, now=(MyTime.now(), MyTime.alternateNo
- Thereby respect possible run in the test-cases (alternate date used there)
- """
- cent = lambda year, f=cent[0], t=cent[1]: str(year)[f:t]
-+ def grp(exprset):
-+ c = None
-+ if len(exprset) > 1:
-+ for i in exprset:
-+ if c is None or i[0:-1] == c:
-+ c = i[0:-1]
-+ else:
-+ c = None
-+ break
-+ if not c:
-+ for i in exprset:
-+ if c is None or i[0] == c:
-+ c = i[0]
-+ else:
-+ c = None
-+ break
-+ if c:
-+ return "%s%s" % (c, grp([i[len(c):] for i in exprset]))
-+ return ("(?:%s)" % "|".join(exprset) if len(exprset[0]) > 1 else "[%s]" % "".join(exprset)) \
-+ if len(exprset) > 1 else "".join(exprset)
- exprset = set( cent(now[0].year + i) for i in (-1, distance) )
- if len(now) and now[1]:
-- exprset |= set( cent(now[1].year + i) for i in (-1, distance) )
-- return "(?:%s)" % "|".join(exprset) if len(exprset) > 1 else "".join(exprset)
-+ exprset |= set( cent(now[1].year + i) for i in xrange(-1, now[0].year-now[1].year+1, distance) )
-+ return grp(sorted(list(exprset)))
-
- timeRE = TimeRE()
-
diff --git a/gnu/packages/patches/fail2ban-python310-server-action.patch b/gnu/packages/patches/fail2ban-python310-server-action.patch
deleted file mode 100644
index 723d7f7aa6..0000000000
--- a/gnu/packages/patches/fail2ban-python310-server-action.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 2b6bb2c1bed8f7009631e8f8c306fa3160324a49 Mon Sep 17 00:00:00 2001
-From: "Sergey G. Brester" <serg.brester <at> sebres.de>
-Date: Mon, 8 Feb 2021 17:19:24 +0100
-Subject: [PATCH] follow bpo-37324: :ref:`collections-abstract-base-classes`
- moved to the :mod:`collections.abc` module
-
-(since 3.10-alpha.5 `MutableMapping` is missing in collections module)
----
- fail2ban/server/action.py | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/fail2ban/server/action.py b/fail2ban/server/action.py
-index 3bc48fe046..f0f1e6f59a 100644
---- a/fail2ban/server/action.py
-+++ b/fail2ban/server/action.py
-@@ -30,7 +30,10 @@
- import threading
- import time
- from abc import ABCMeta
--from collections import MutableMapping
-+try:
-+ from collections.abc import MutableMapping
-+except ImportError:
-+ from collections import MutableMapping
-
- from .failregex import mapTag2Opt
- from .ipdns import DNSUtils
diff --git a/gnu/packages/patches/fail2ban-python310-server-actions.patch b/gnu/packages/patches/fail2ban-python310-server-actions.patch
deleted file mode 100644
index e31316d28b..0000000000
--- a/gnu/packages/patches/fail2ban-python310-server-actions.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 42dee38ad2ac5c3f23bdf297d824022923270dd9 Mon Sep 17 00:00:00 2001
-From: "Sergey G. Brester" <serg.brester <at> sebres.de>
-Date: Mon, 8 Feb 2021 17:25:45 +0100
-Subject: [PATCH] amend for `Mapping`
-
----
- fail2ban/server/actions.py | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py
-index b7b95b445a..897d907c1a 100644
---- a/fail2ban/server/actions.py
-+++ b/fail2ban/server/actions.py
-@@ -28,7 +28,10 @@
- import os
- import sys
- import time
--from collections import Mapping
-+try:
-+ from collections.abc import Mapping
-+except ImportError:
-+ from collections import Mapping
- try:
- from collections import OrderedDict
- except ImportError:
diff --git a/gnu/packages/patches/fail2ban-python310-server-jails.patch b/gnu/packages/patches/fail2ban-python310-server-jails.patch
deleted file mode 100644
index e5873c415e..0000000000
--- a/gnu/packages/patches/fail2ban-python310-server-jails.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 9f1d1f4fbd0804695a976beb191f2c49a2739834 Mon Sep 17 00:00:00 2001
-From: "Sergey G. Brester" <serg.brester <at> sebres.de>
-Date: Mon, 8 Feb 2021 17:35:59 +0100
-Subject: [PATCH] amend for `Mapping` (jails)
-
----
- fail2ban/server/jails.py | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/fail2ban/server/jails.py b/fail2ban/server/jails.py
-index 972a8c4bd2..27e12ddf65 100644
---- a/fail2ban/server/jails.py
-+++ b/fail2ban/server/jails.py
-@@ -22,7 +22,10 @@
- __license__ = "GPL"
-
- from threading import Lock
--from collections import Mapping
-+try:
-+ from collections.abc import Mapping
-+except ImportError:
-+ from collections import Mapping
-
- from ..exceptions import DuplicateJailException, UnknownJailException
- from .jail import Jail
--
2.49.0
Ludovic Courtès <ludo <at> gnu.org>:Rodion Goritskov <rodion <at> goritskov.com>:Message #94 received at 78066-done <at> debbugs.gnu.org (full text, mbox):
From: Ludovic Courtès <ludo <at> gnu.org> To: Nicolas Graves <ngraves <at> ngraves.fr> Cc: 78066-done <at> debbugs.gnu.org Subject: Re: [bug#78066] [PATCH v3 0/6] Fix fail2ban build Date: Tue, 06 May 2025 12:29:08 +0200
Nicolas Graves <ngraves <at> ngraves.fr> writes: > I think the fail2ban tests were broken before the Python <at> 3.10 update. > The -basic test runs properly, but the other tests do not. > > I focussed on fixing the -basic test because I don't understand why > the other tests fail (socket is not found, but when I try it in real > conditions, it is). > > The main issue was that the paths-debian.conf in jail.conf was > substituted after the wheel was built, so the change didn't make it in > the output. Probably related to the migration to the > pyproject-build-system. > > So now the -basic test passes, but the -simple and -extension tests > don't, but I guess it's because tests rather than the package are > broken. Ready to be merged IMHO. > > Nicolas Graves (6): > gnu: fail2ban: Move file deletion to source snippet. > gnu: fail2ban: Move setup and test patches to phases. > gnu: fail2ban: Update to 1.1.0. > gnu: fail2ban: Improve style. > gnu: fail2ban: Improve style. > gnu: fail2ban: Improve snippet. Applied, thanks! Ludo'.
Debbugs Internal Request <help-debbugs <at> gnu.org>
to internal_control <at> debbugs.gnu.org.
(Tue, 03 Jun 2025 11:24:39 GMT) Full text and rfc822 format available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.