pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/py-denyhosts Import a package for DenyHosts v...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/276ee39e206f
branches:  trunk
changeset: 531598:276ee39e206f
user:      he <he%pkgsrc.org@localhost>
date:      Thu Aug 02 17:27:30 2007 +0000

description:
Import a package for DenyHosts version 2.6, ref.
  http://denyhosts.sourceforge.net/


DenyHosts is a script intended to be run by system administrators
to help thwart SSH server attacks (also known as dictionary based
attacks and brute force attacks).

In short, it does this by monitoring your syslog output for failed
login attempts and tweaking /etc/hosts.deny accordingly, and it can
optionally send and fetch lists of ssh probers from a central server.


Thanks to joerg@ for review and corrections.

diffstat:

 security/py-denyhosts/DESCR              |   7 ++
 security/py-denyhosts/Makefile           |  38 ++++++++++++++
 security/py-denyhosts/PLIST              |  82 ++++++++++++++++++++++++++++++++
 security/py-denyhosts/distinfo           |  10 +++
 security/py-denyhosts/files/denyhosts.sh |  35 +++++++++++++
 security/py-denyhosts/patches/patch-aa   |  43 ++++++++++++++++
 security/py-denyhosts/patches/patch-ab   |  13 +++++
 security/py-denyhosts/patches/patch-ac   |  15 +++++
 security/py-denyhosts/patches/patch-ad   |  10 +++
 security/py-denyhosts/patches/patch-ae   |  10 +++
 10 files changed, 263 insertions(+), 0 deletions(-)

diffs (truncated from 303 to 300 lines):

diff -r 67e049e9e254 -r 276ee39e206f security/py-denyhosts/DESCR
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-denyhosts/DESCR       Thu Aug 02 17:27:30 2007 +0000
@@ -0,0 +1,7 @@
+DenyHosts is a script intended to be run by system administrators
+to help thwart SSH server attacks (also known as dictionary based
+attacks and brute force attacks).
+
+In short, it does this by monitoring your syslog output for failed
+login attempts and tweaking /etc/hosts.deny accordingly, and it can
+optionally send and fetch lists of ssh probers from a central server.
diff -r 67e049e9e254 -r 276ee39e206f security/py-denyhosts/Makefile
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-denyhosts/Makefile    Thu Aug 02 17:27:30 2007 +0000
@@ -0,0 +1,38 @@
+# $NetBSD: Makefile,v 1.1.1.1 2007/08/02 17:27:30 he Exp $
+#
+
+VER=           2.6
+DISTNAME=      DenyHosts-${VER}
+PKGNAME=       ${PYPKGPREFIX}-denyhosts-${VER}
+CATEGORIES=    sysutils
+MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=denyhosts/}
+
+MAINTAINER=    he%NetBSD.org@localhost
+HOMEPAGE=      http://denyhosts.sourceforge.net/
+COMMENT=       Watch auth log for invalid ssh login attempts and block hosts
+
+PKG_DESTDIR_SUPPORT=   user-destdir
+
+PYDISTUTILSPKG= yes
+PYTHON_VERSIONS_ACCEPTED=      24 23
+
+CONF_FILES+=   ${PREFIX}/share/denyhosts/denyhosts.cfg-dist \
+               ${PREFIX}/etc/denyhosts.conf
+
+SUBST_CLASSES+=        cf
+SUBST_STAGE.cf= post-configure
+SUBST_VARS.cf= VARBASE PREFIX VARBASE PKG_SYSCONFDIR PYTHONBIN
+SUBST_FILES.cf=        setup.py denyhosts.cfg-dist daemon-control-dist
+
+REPLACE_PYTHON=        plugins/test_deny.py
+REPLACE_PYTHON+= scripts/restricted_from_invalid.py
+REPLACE_PYTHON+= scripts/restricted_from_passwd.py
+
+RCD_SCRIPTS+=  denyhosts
+
+post-configure:
+       ${RM} ${WRKDIR}/${DISTNAME}/scripts/*.orig
+
+.include "../../lang/python/extension.mk"
+.include "../../lang/python/application.mk"
+.include "../../mk/bsd.pkg.mk"
diff -r 67e049e9e254 -r 276ee39e206f security/py-denyhosts/PLIST
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-denyhosts/PLIST       Thu Aug 02 17:27:30 2007 +0000
@@ -0,0 +1,82 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2007/08/02 17:27:30 he Exp $
+bin/denyhosts.py
+${PYSITELIB}/DenyHosts/__init__.py
+${PYSITELIB}/DenyHosts/__init__.pyc
+${PYSITELIB}/DenyHosts/__init__.pyo
+${PYSITELIB}/DenyHosts/allowedhosts.py
+${PYSITELIB}/DenyHosts/allowedhosts.pyc
+${PYSITELIB}/DenyHosts/allowedhosts.pyo
+${PYSITELIB}/DenyHosts/constants.py
+${PYSITELIB}/DenyHosts/constants.pyc
+${PYSITELIB}/DenyHosts/constants.pyo
+${PYSITELIB}/DenyHosts/counter.py
+${PYSITELIB}/DenyHosts/counter.pyc
+${PYSITELIB}/DenyHosts/counter.pyo
+${PYSITELIB}/DenyHosts/daemon.py
+${PYSITELIB}/DenyHosts/daemon.pyc
+${PYSITELIB}/DenyHosts/daemon.pyo
+${PYSITELIB}/DenyHosts/deny_hosts.py
+${PYSITELIB}/DenyHosts/deny_hosts.pyc
+${PYSITELIB}/DenyHosts/deny_hosts.pyo
+${PYSITELIB}/DenyHosts/denyfileutil.py
+${PYSITELIB}/DenyHosts/denyfileutil.pyc
+${PYSITELIB}/DenyHosts/denyfileutil.pyo
+${PYSITELIB}/DenyHosts/filetracker.py
+${PYSITELIB}/DenyHosts/filetracker.pyc
+${PYSITELIB}/DenyHosts/filetracker.pyo
+${PYSITELIB}/DenyHosts/lockfile.py
+${PYSITELIB}/DenyHosts/lockfile.pyc
+${PYSITELIB}/DenyHosts/lockfile.pyo
+${PYSITELIB}/DenyHosts/loginattempt.py
+${PYSITELIB}/DenyHosts/loginattempt.pyc
+${PYSITELIB}/DenyHosts/loginattempt.pyo
+${PYSITELIB}/DenyHosts/old-daemon.py
+${PYSITELIB}/DenyHosts/old-daemon.pyc
+${PYSITELIB}/DenyHosts/old-daemon.pyo
+${PYSITELIB}/DenyHosts/plugin.py
+${PYSITELIB}/DenyHosts/plugin.pyc
+${PYSITELIB}/DenyHosts/plugin.pyo
+${PYSITELIB}/DenyHosts/prefs.py
+${PYSITELIB}/DenyHosts/prefs.pyc
+${PYSITELIB}/DenyHosts/prefs.pyo
+${PYSITELIB}/DenyHosts/purgecounter.py
+${PYSITELIB}/DenyHosts/purgecounter.pyc
+${PYSITELIB}/DenyHosts/purgecounter.pyo
+${PYSITELIB}/DenyHosts/python_version.py
+${PYSITELIB}/DenyHosts/python_version.pyc
+${PYSITELIB}/DenyHosts/python_version.pyo
+${PYSITELIB}/DenyHosts/regex.py
+${PYSITELIB}/DenyHosts/regex.pyc
+${PYSITELIB}/DenyHosts/regex.pyo
+${PYSITELIB}/DenyHosts/report.py
+${PYSITELIB}/DenyHosts/report.pyc
+${PYSITELIB}/DenyHosts/report.pyo
+${PYSITELIB}/DenyHosts/restricted.py
+${PYSITELIB}/DenyHosts/restricted.pyc
+${PYSITELIB}/DenyHosts/restricted.pyo
+${PYSITELIB}/DenyHosts/sync.py
+${PYSITELIB}/DenyHosts/sync.pyc
+${PYSITELIB}/DenyHosts/sync.pyo
+${PYSITELIB}/DenyHosts/util.py
+${PYSITELIB}/DenyHosts/util.pyc
+${PYSITELIB}/DenyHosts/util.pyo
+${PYSITELIB}/DenyHosts/version.py
+${PYSITELIB}/DenyHosts/version.pyc
+${PYSITELIB}/DenyHosts/version.pyo
+share/denyhosts/CHANGELOG.txt
+share/denyhosts/LICENSE.txt
+share/denyhosts/README.txt
+share/denyhosts/daemon-control-dist
+share/denyhosts/denyhosts.cfg-dist
+share/denyhosts/plugins/README.contrib
+share/denyhosts/plugins/shorewall_allow.sh
+share/denyhosts/plugins/shorewall_deny.sh
+share/denyhosts/plugins/test_deny.py
+share/denyhosts/scripts/restricted_from_invalid.py
+share/denyhosts/scripts/restricted_from_passwd.py
+share/denyhosts/setup.py
+share/examples/rc.d/denyhosts
+@dirrm share/denyhosts/scripts
+@dirrm share/denyhosts/plugins
+@dirrm share/denyhosts
+@dirrm ${PYSITELIB}/DenyHosts
diff -r 67e049e9e254 -r 276ee39e206f security/py-denyhosts/distinfo
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-denyhosts/distinfo    Thu Aug 02 17:27:30 2007 +0000
@@ -0,0 +1,10 @@
+$NetBSD: distinfo,v 1.1.1.1 2007/08/02 17:27:30 he Exp $
+
+SHA1 (DenyHosts-2.6.tar.gz) = 02143843cb7c37c986c222b7acc11f7b75eb7373
+RMD160 (DenyHosts-2.6.tar.gz) = cab4206af992f5405ed1c9b302341c7b5649c71a
+Size (DenyHosts-2.6.tar.gz) = 42667 bytes
+SHA1 (patch-aa) = 4bbb07f5918330a8dd828e8cfdf5bad3c4f50893
+SHA1 (patch-ab) = 3bb578421dc776cd42e769978d09872bc79098e8
+SHA1 (patch-ac) = 1b67c4da46c3205a3045a114863771290a74ba43
+SHA1 (patch-ad) = 744c65a2f4bec4c5553ba6c15f9ff0b45932e6fb
+SHA1 (patch-ae) = 16f53356508632a8e9f7e905e399614011f7b038
diff -r 67e049e9e254 -r 276ee39e206f security/py-denyhosts/files/denyhosts.sh
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-denyhosts/files/denyhosts.sh  Thu Aug 02 17:27:30 2007 +0000
@@ -0,0 +1,35 @@
+#!/bin/sh
+#
+# $NetBSD: denyhosts.sh,v 1.1.1.1 2007/08/02 17:27:30 he Exp $
+#
+# PROVIDE: denyhosts
+# REQUIRE: DAEMON
+#
+# You will need to set some variables in /etc/rc.conf to start denyhosts:
+#
+# denyhosts=YES
+
+if [ -f /etc/rc.subr ]
+then
+       . /etc/rc.subr
+fi
+
+name="denyhosts"
+rcvar=$name
+command=@PREFIX@/bin/denyhosts.py
+command_interpreter=@PYTHONBIN@
+command_args="--config @PKG_SYSCONFDIR@/denyhosts.conf --daemon"
+pidfile=@VARBASE@/run/denyhosts.pid
+required_files=@PKG_SYSCONFDIR@/denyhosts.conf
+
+if [ ! -f /etc/hosts.deny ]; then
+       touch /etc/hosts.deny
+fi
+
+if [ -f /etc/rc.subr ]; then
+       load_rc_config $name
+       run_rc_command "$1"
+else
+       echo -n " ${name}"
+       exec ${command} ${command_args}
+fi
diff -r 67e049e9e254 -r 276ee39e206f security/py-denyhosts/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-denyhosts/patches/patch-aa    Thu Aug 02 17:27:30 2007 +0000
@@ -0,0 +1,43 @@
+$NetBSD: patch-aa,v 1.1.1.1 2007/08/02 17:27:30 he Exp $
+
+--- denyhosts.cfg-dist.orig    2006-08-20 16:09:57.000000000 +0200
++++ denyhosts.cfg-dist
+@@ -9,11 +9,14 @@
+ # argument
+ #
+ # Redhat or Fedora Core:
+-SECURE_LOG = /var/log/secure
++#SECURE_LOG = /var/log/secure
+ #
+ # Mandrake, FreeBSD or OpenBSD: 
+ #SECURE_LOG = /var/log/auth.log
+ #
++# NetBSD:
++SECURE_LOG = @VARBASE@/log/authlog
++#
+ # SuSE:
+ #SECURE_LOG = /var/log/messages
+ #
+@@ -150,7 +153,7 @@ DENY_THRESHOLD_RESTRICTED = 1
+ # Note: it is recommended that you use an absolute pathname
+ # for this value (eg. /home/foo/denyhosts/data)
+ #
+-WORK_DIR = /usr/share/denyhosts/data
++WORK_DIR = @VARBASE@/db/denyhosts/data
+ #
+ #######################################################################
+ 
+@@ -192,10 +195,10 @@ HOSTNAME_LOOKUP=YES
+ # running at a time.
+ #
+ # Redhat/Fedora:
+-LOCK_FILE = /var/lock/subsys/denyhosts
++#LOCK_FILE = /var/lock/subsys/denyhosts
+ #
+-# Debian
+-#LOCK_FILE = /var/run/denyhosts.pid
++# Debian & NetBSD
++LOCK_FILE = @VARBASE@/run/denyhosts.pid
+ #
+ # Misc
+ #LOCK_FILE = /tmp/denyhosts.lock
diff -r 67e049e9e254 -r 276ee39e206f security/py-denyhosts/patches/patch-ab
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-denyhosts/patches/patch-ab    Thu Aug 02 17:27:30 2007 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ab,v 1.1.1.1 2007/08/02 17:27:30 he Exp $
+
+--- setup.py.orig      2006-04-05 01:53:02.000000000 +0200
++++ setup.py
+@@ -8,7 +8,7 @@ import sys
+ from glob import glob
+ 
+ 
+-libpath = "/usr/share/denyhosts"
++libpath = "@PREFIX@/share/denyhosts"
+ scriptspath = "%s/scripts" % libpath
+ pluginspath = "%s/plugins" % libpath
+ 
diff -r 67e049e9e254 -r 276ee39e206f security/py-denyhosts/patches/patch-ac
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-denyhosts/patches/patch-ac    Thu Aug 02 17:27:30 2007 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-ac,v 1.1.1.1 2007/08/02 17:27:30 he Exp $
+
+--- daemon-control-dist.orig   2006-04-22 01:04:43.000000000 +0200
++++ daemon-control-dist
+@@ -11,7 +11,7 @@
+ #### Edit these to suit your configuration ####
+ ###############################################
+ 
+-DENYHOSTS_BIN   = "/usr/bin/denyhosts.py"
++DENYHOSTS_BIN   = "@PREFIX@/bin/denyhosts.py"
+-DENYHOSTS_LOCK  = "/var/lock/subsys/denyhosts"
++DENYHOSTS_LOCK  = "@VARBASE@/db/denyhosts/lock"
+-DENYHOSTS_CFG   = "/usr/share/denyhosts/denyhosts.cfg"
++DENYHOSTS_CFG   = "@PREFIX@/etc/denyhosts.cfg"
+ 
diff -r 67e049e9e254 -r 276ee39e206f security/py-denyhosts/patches/patch-ad
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-denyhosts/patches/patch-ad    Thu Aug 02 17:27:30 2007 +0000
@@ -0,0 +1,10 @@
+$NetBSD: patch-ad,v 1.1.1.1 2007/08/02 17:27:30 he Exp $
+
+--- scripts/restricted_from_invalid.py.orig    2007-08-02 16:44:26.000000000 +0200
++++ scripts/restricted_from_invalid.py
+@@ -1,4 +1,4 @@
+-#!/bin/env python
++#!/usr/bin/env python
+ import os, sys
+ 
+ def usage():
diff -r 67e049e9e254 -r 276ee39e206f security/py-denyhosts/patches/patch-ae
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/py-denyhosts/patches/patch-ae    Thu Aug 02 17:27:30 2007 +0000
@@ -0,0 +1,10 @@
+$NetBSD: patch-ae,v 1.1.1.1 2007/08/02 17:27:30 he Exp $
+
+--- scripts/restricted_from_passwd.py.orig     2007-08-02 16:44:30.000000000 +0200
++++ scripts/restricted_from_passwd.py
+@@ -1,4 +1,4 @@
+-#!/bin/env python
++#!/usr/bin/env python



Home | Main Index | Thread Index | Old Index