Mercurial > syslog2iptables

changeset 71:79f310d1bc46

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
RHEL7 systemd and /var/run on tmpfs
author Carl Byington <carl@five-ten-sg.com>
date Thu, 09 Feb 2017 12:44:31 -0800
parents e841d8422b74
children ea7b7a0d0039
files ChangeLog Makefile.am NEWS configure.in syslog2iptables.service.rc syslog2iptables.spec.in
diffstat 6 files changed, 87 insertions(+), 19 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Mon Dec 21 08:00:33 2015 -0800
+++ b/ChangeLog	Thu Feb 09 12:44:31 2017 -0800
@@ -1,3 +1,6 @@
+1.17 2017-02-09
+     RHEL7 systemd and /var/run on tmpfs
+
 1.16 2015-12-21
      good authentication prevents ip blocking for awhile
      fix default config regular expressions for geedy matching
--- a/Makefile.am	Mon Dec 21 08:00:33 2015 -0800
+++ b/Makefile.am	Thu Feb 09 12:44:31 2017 -0800
@@ -2,18 +2,24 @@
 
 SUBDIRS = src man html info
 hackdir = $(sysconfdir)
-hack_SCRIPTS = syslog2iptables
-sysconf_DATA = syslog2iptables.conf.make syslog2iptables.conf.top syslog2iptables.conf.bottom syslog2iptables.conf.httpd
+hack_SCRIPTS = syslog2iptables syslog2iptables.service
+hack_DATA = syslog2iptables.conf.make syslog2iptables.conf.top syslog2iptables.conf.bottom
+syslog2iptables.conf.httpd
 htmldir = ${datadir}/doc/@PACKAGE@-@VERSION@
 html_DATA = AUTHORS COPYING ChangeLog NEWS README
-CLEANFILES = syslog2iptables xml/syslog2iptables xml/Makefile
-EXTRA_DIST = syslog2iptables.conf.make syslog2iptables.conf.top syslog2iptables.conf.bottom syslog2iptables.conf.httpd syslog2iptables.spec xml/header.sgml xml/header.xml xml/Makefile.am xml/Makefile.in xml/syslog2iptables.in
+CLEANFILES = syslog2iptables syslog2iptables.service xml/syslog2iptables xml/Makefile
+EXTRA_DIST = syslog2iptables.rc syslog2iptables.service.rc $(hack_DATA) syslog2iptables.spec xml/header.sgml xml/header.xml xml/Makefile.am xml/Makefile.in xml/syslog2iptables.in
 
 syslog2iptables: syslog2iptables.rc
 	   cat syslog2iptables.rc     | \
 	       sed -e "s,SBINDIR,$(sbindir),g"  | \
 	       sed -e "s,SYSCONFDIR,$(sysconfdir),g" >>syslog2iptables
 
+syslog2iptables.service: syslog2iptables.service.rc
+	   cat syslog2iptables.rc     | \
+	       sed -e "s,SBINDIR,$(sbindir),g"  | \
+	       sed -e "s,SYSCONFDIR,$(sysconfdir),g" >>syslog2iptables.service
+
 chkconfig: syslog2iptables
 	   mv -f $(sysconfdir)/syslog2iptables /etc/rc.d/init.d
 	   /sbin/chkconfig --del syslog2iptables
--- a/NEWS	Mon Dec 21 08:00:33 2015 -0800
+++ b/NEWS	Thu Feb 09 12:44:31 2017 -0800
@@ -1,3 +1,4 @@
+1.17 2017-02-09 RHEL7 systemd and /var/run on tmpfs
 1.16 2015-12-19 good authentication prevents ip blocking for awhile
 1.15 2014-10-02 add script to build syslog2iptables.conf
 1.14 2014-06-10 Add exponential increase in penalty for repeat offenders.
--- a/configure.in	Mon Dec 21 08:00:33 2015 -0800
+++ b/configure.in	Thu Feb 09 12:44:31 2017 -0800
@@ -1,6 +1,6 @@
 
 AC_PREREQ(2.59)
-AC_INIT(syslog2iptables,1.16,carl@five-ten-sg.com)
+AC_INIT(syslog2iptables,1.17,carl@five-ten-sg.com)
 AC_CONFIG_SRCDIR([config.h.in])
 AC_CONFIG_HEADER([config.h])
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/syslog2iptables.service.rc	Thu Feb 09 12:44:31 2017 -0800
@@ -0,0 +1,15 @@
+[Unit]
+Description = Syslog to iptables dynamic firewall
+After = syslog.target
+After = local-fs.target
+After = network.target
+
+[Service]
+Type = forking
+UMask = 0022
+User = root
+WorkingDirectory = SYSCONFDIR
+ExecStart = SBINDIR/syslog2iptables -d 3
+
+[Install]
+WantedBy = multi-user.target
--- a/syslog2iptables.spec.in	Mon Dec 21 08:00:33 2015 -0800
+++ b/syslog2iptables.spec.in	Thu Feb 09 12:44:31 2017 -0800
@@ -3,7 +3,7 @@
 Summary:            Syslog to iptables dynamic firewall
 Name:               @PACKAGE@
 Version:            @VERSION@
-Release:            3%{?dist}
+Release:            1%{?dist}
 License:            GPLv3+
 Group:              System Environment/Daemons
 Source:             http://www.five-ten-sg.com/%{name}/packages/%{name}-%{version}.tar.gz
@@ -15,6 +15,15 @@
 Requires:               iptables
 Requires:               coreutils
 BuildRequires:          gcc gcc-c++
+%if "%{?dist}" == ".el7"
+Requires(pre):  systemd-sysv, shadow-utils
+Requires(post): systemd-units
+Requires(preun):  systemd-units
+Requires(postun): systemd-units
+Requires:       coreutils
+Requires:       systemd-units
+BuildRequires:  systemd-units
+%endif
 
 
 %description
@@ -30,31 +39,59 @@
 
 
 %install
-rm -rf $RPM_BUILD_ROOT
-make DESTDIR=$RPM_BUILD_ROOT install
-mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
-mv -f $RPM_BUILD_ROOT%{_sysconfdir}/%{name}        $RPM_BUILD_ROOT/etc/rc.d/init.d
-rm -f $RPM_BUILD_ROOT%{_sysconfdir}/%{name}.conf
+rm -rf %{buildroot}
+make DESTDIR=%{buildroot} install
+%if "%{?dist}" == ".el7"
+install -m 644 -D %{buildroot}%{_sysconfdir}/%{name}.service \
+    %{buildroot}%{_unitdir}/%{name}.service
+%else
+install -m 755 -D %{buildroot}%{_sysconfdir}/%{name} \
+    %{buildroot}%{_initrddir}/%{name}
+%endif
+rm -f  %{buildroot}%{_sysconfdir}/%{name}
+rm -f  %{buildroot}%{_sysconfdir}/%{name}.service
 
 
 %clean
-rm -rf $RPM_BUILD_ROOT
+rm -rf %{buildroot}
 
 
 %pre
 
 
 %post
+if [ $1 = 1 ]; then
+    # initial install
+%if "%{?dist}" == ".el7"
+    /bin/systemctl daemon-reload &>/dev/null || :
+%else
 /sbin/chkconfig --add %{name}
+%endif
 (cd %{_sysconfdir}; ./%{name}.conf.make)
-
+fi
 
 %preun
-[ $1 = 0 ] && /sbin/service %{name} stop || :
+if [ $1 = 0 ]; then
+    # package removal, not upgrade
+%if "%{?dist}" == ".el7"
+    /bin/systemctl --no-reload disable %{name}.service &>/dev/null || :
+    /bin/systemctl stop %{name}.service &>/dev/null || :
+%else
+    /sbin/service %{name} stop || :
+    /sbin/chkconfig --del %{name}
+%endif
+fi
 
 
 %postun
-[ $1 = 0 ] && /sbin/chkconfig --del %{name} || :
+if [ $1 -ge 1 ]; then
+    # package upgrade, not uninstall
+%if "%{?dist}" == ".el7"
+    /bin/systemctl try-restart %{name}.service &>/dev/null || :
+%else
+    /sbin/service %{name} restart || :
+%endif
+fi
 
 
 %files
@@ -68,10 +105,17 @@
 %config(noreplace) %{_sysconfdir}/%{name}.conf.httpd
 %config(noreplace) %{_sysconfdir}/%{name}.conf.bottom
 %attr(750,root,root) %{_sysconfdir}/%{name}.conf.make
-/etc/rc.d/init.d/%{name}
+%if "%{?dist}" == ".el7"
+%{_unitdir}/%{name}.service
+%else
+%{_initrddir}/%{name}
+%endif
 
 
 %changelog
+* Thu Feb 09 2017 Carl Byington <carl@five-ten-sg.com> - 1.17-1
+- RHEL7 systemd and /var/run is on tmpfs
+
 * Mon Dec 21 2015 Carl Byington <carl@five-ten-sg.com> - 1.16-3
 - fix post uninstall script
 - allow config bucket count zero to disable a pattern