diff mbox series

[meta-security,scarthgap] fail2ban: update to 1.1.0+

Message ID 20250909065853.1959573-1-yi.zhao@windriver.com
State New
Headers show
Series [meta-security,scarthgap] fail2ban: update to 1.1.0+ | expand

Commit Message

Yi Zhao Sept. 9, 2025, 6:58 a.m. UTC 
From: Rasmus Villemoes <rasmus.villemoes@prevas.dk>

Current 1.0.2 version does not work with scarthgap or later releases,
as the asynchat module has been removed (as scheduled) from python's
stdlib as of v3.12.

fail2ban 1.1.0 also does not work out-of-the-box, as the distutils
module which the pyinotify and systemd backends depend has also been
removed.

So update the recipe to point at commit ac62658c10f4, which fixes
those two backends to no longer depend on distutils.

Upstream's out-of-the-box ban action now uses the 'nft'
command. People can still override and customize that in
jail.conf/jail.local, but to make the recipe useful without
customizing things back to use iptables, change the dependency
iptables->nftables.

Since 1.1.0, fail2ban has been python3-only, so the recipe becomes
somewhat simpler since the whole do_compile preparation step can be
removed.

Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
 ...fail2ban_1.0.2.bb => python3-fail2ban_git.bb} | 16 ++++------------
 1 file changed, 4 insertions(+), 12 deletions(-)
 rename dynamic-layers/meta-python/recipes-security/fail2ban/{python3-fail2ban_1.0.2.bb => python3-fail2ban_git.bb} (89%)
diff mbox series

Patch

diff --git a/dynamic-layers/meta-python/recipes-security/fail2ban/python3-fail2ban_1.0.2.bb b/dynamic-layers/meta-python/recipes-security/fail2ban/python3-fail2ban_git.bb
similarity index 89%
rename from dynamic-layers/meta-python/recipes-security/fail2ban/python3-fail2ban_1.0.2.bb
rename to dynamic-layers/meta-python/recipes-security/fail2ban/python3-fail2ban_git.bb
index bf5f87d..1d0fb62 100644
--- a/dynamic-layers/meta-python/recipes-security/fail2ban/python3-fail2ban_1.0.2.bb
+++ b/dynamic-layers/meta-python/recipes-security/fail2ban/python3-fail2ban_git.bb
@@ -11,12 +11,14 @@  LIC_FILES_CHKSUM = "file://COPYING;md5=ecabc31e90311da843753ba772885d9f"
 
 DEPENDS = "python3-native"
 
-SRCREV = "e1d3006b0330e9777705a7baafe3989d442ed120"
+SRCREV = "ac62658c10f492911f8a0037a0bcf97c8521cd78"
 SRC_URI = "git://github.com/fail2ban/fail2ban.git;branch=master;protocol=https \
            file://initd \
            file://run-ptest \
            "
 
+PV = "1.1.0+git"
+
 UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+)"
 
 inherit update-rc.d ptest setuptools3_legacy
@@ -26,16 +28,6 @@  SYSTEMD_SERVICE:${PN} = "fail2ban.service"
 
 S = "${WORKDIR}/git"
 
-do_compile () {
-    cd ${S}
-
-    #remove symlink to python3
-    # otherwise 2to3 is run against it
-    rm -f bin/fail2ban-python
-
-    ./fail2ban-2to3
-}
-
 do_install:append () {
     rm  -f ${D}/${bindir}/fail2ban-python
     install -d ${D}/${sysconfdir}/fail2ban
@@ -66,7 +58,7 @@  INITSCRIPT_PARAMS = "defaults 25"
 
 INSANE_SKIP:${PN}:append = "already-stripped"
 
-RDEPENDS:${PN} = "${VIRTUAL-RUNTIME_base-utils-syslog} iptables python3-core python3-pyinotify"
+RDEPENDS:${PN} = "${VIRTUAL-RUNTIME_base-utils-syslog} nftables python3-core python3-pyinotify"
 RDEPENDS:${PN} += "python3-sqlite3"
 RDEPENDS:${PN} += " python3-logging python3-fcntl python3-json"
 RDEPENDS:${PN}-ptest = "python3-core python3-io python3-modules python3-fail2ban"