commit: e1d4d69e32832607488d8deee82b61e26f061c02 Author: Yixun Lan <dlan <AT> gentoo <DOT> org> AuthorDate: Sat Feb 13 15:52:47 2021 +0000 Commit: Yixun Lan <dlan <AT> gentoo <DOT> org> CommitDate: Sat Feb 13 15:56:11 2021 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e1d4d69e
app-admin/sshguard: install systemd unit file Closes: https://bugs.gentoo.org/588726 Package-Manager: Portage-3.0.13, Repoman-3.0.2 Signed-off-by: Yixun Lan <dlan <AT> gentoo.org> app-admin/sshguard/files/sshguard-2.4.1-conf.patch | 25 +++++++++++ app-admin/sshguard/sshguard-2.4.1-r1.ebuild | 49 ++++++++++++++++++++++ 2 files changed, 74 insertions(+) diff --git a/app-admin/sshguard/files/sshguard-2.4.1-conf.patch b/app-admin/sshguard/files/sshguard-2.4.1-conf.patch new file mode 100644 index 00000000000..8eb74a84db3 --- /dev/null +++ b/app-admin/sshguard/files/sshguard-2.4.1-conf.patch @@ -0,0 +1,25 @@ +diff --git a/examples/sshguard.conf.sample b/examples/sshguard.conf.sample +index 556f1ec..a483b1e 100644 +--- a/examples/sshguard.conf.sample ++++ b/examples/sshguard.conf.sample +@@ -6,14 +6,18 @@ + + #### REQUIRED CONFIGURATION #### + # Full path to backend executable (required, no default) +-#BACKEND="/usr/local/libexec/sshg-fw-iptables" ++# Example 1: iptables backend ++#BACKEND="/usr/libexec/sshg-fw-iptables" ++# Example 2: firewalld backend; for firewalld configuration instructions see ++# https://www.ctrl.blog/entry/how-to-sshguard-firewalld.html#sshguard-section-firewalld ++#BACKEND="/usr/libexec/sshg-fw-firewalld" + + # Space-separated list of log files to monitor. (optional, no default) + #FILES="/var/log/auth.log /var/log/authlog /var/log/maillog" + + # Shell command that provides logs on standard output. (optional, no default) + # Example 1: ssh and sendmail from systemd journal: +-#LOGREADER="LANG=C /usr/bin/journalctl -afb -p info -n1 -t sshd -t sendmail -o cat" ++#LOGREADER="LANG=C /bin/journalctl -afb -p info -n1 -t sshd -t sendmail -o cat" + # Example 2: ssh from os_log (macOS 10.12+) + #LOGREADER="/usr/bin/log stream --style syslog --predicate '(processImagePath contains \"sshd\")'" + diff --git a/app-admin/sshguard/sshguard-2.4.1-r1.ebuild b/app-admin/sshguard/sshguard-2.4.1-r1.ebuild new file mode 100644 index 00000000000..7def7a05797 --- /dev/null +++ b/app-admin/sshguard/sshguard-2.4.1-r1.ebuild @@ -0,0 +1,49 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit systemd +DESCRIPTION="protects hosts from brute force attacks against ssh" +HOMEPAGE="https://www.sshguard.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~x86" + +DEPEND=" + sys-devel/flex +" +RDEPEND=" + virtual/logger +" +DOCS=( + CHANGELOG.rst + CONTRIBUTING.rst + README.rst + examples/net.sshguard.plist + examples/whitelistfile.example +) +PATCHES=( + "${FILESDIR}"/${PN}-2.4.1-conf.patch +) + +src_prepare() { + default + sed -i -e "/ExecStartPre/s:/usr/sbin:/sbin:g" \ + -e "/ExecStart/s:/usr/local/sbin:/usr/sbin:g" \ + "${S}"/examples/${PN}.service || die +} + +src_install() { + default + + newinitd "${FILESDIR}"/${PN}.initd-r2 ${PN} + newconfd "${FILESDIR}"/${PN}.confd ${PN} + + insinto /etc + newins examples/sshguard.conf.sample sshguard.conf + + systemd_dounit "${S}"/examples/sshguard.service +}