Update fail2ban build and rc.
This commit is contained in:
parent
efc565a55f
commit
3b36bd8376
3 changed files with 36 additions and 36 deletions
|
|
@ -1,5 +1,5 @@
|
||||||
# These are the common settings used in rc.d scripts, but there may be more per script.
|
# These are the common settings used in rc.d scripts, but there may be more per script:
|
||||||
# ENVIRONMENT=() # Extra environment passed to $EXEC. Must be an array.
|
# SERVICE_ENVIRONMENT=() # Extra environment passed to $SERVICE_EXEC. Must be an array.
|
||||||
# EXTRA_ARGS=() # Extra arguments passed to $EXEC. Must be an array.
|
# SERVICE_EXTRA_ARGS=() # Extra arguments passed to $SERVICE_EXEC. Must be an array.
|
||||||
SLAY_DELAY="10" # Delay between the SIGTERM and SIGKILL on a 'stop'. Default: 2s.
|
SLAY_DELAY="10" # Delay between the SIGTERM and SIGKILL on a 'stop'. Default: 2s.
|
||||||
# RESTART_DELAY="" # Delay between stopping and starting on a 'restart'. Default: 2s.
|
# RESTART_DELAY="" # Delay between stopping and starting on a 'restart'. Default: 2s.
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# Version: 0.6.11
|
# Version: 0.6.12
|
||||||
# Copyright (c) 2005-2022:
|
# Copyright (c) 2005-2022:
|
||||||
# Darren 'Tadgy' Austin <darren (at) afterdark.org.uk>
|
# Darren 'Tadgy' Austin <darren (at) afterdark.org.uk>
|
||||||
# Licensed under the terms of the GNU General Public License version 3.
|
# Licensed under the terms of the GNU General Public License version 3.
|
||||||
|
|
@ -79,10 +79,10 @@ done
|
||||||
(( ${BUILD_FORCE:-0} != 1 )) && {
|
(( ${BUILD_FORCE:-0} != 1 )) && {
|
||||||
while read -r PKG; do
|
while read -r PKG; do
|
||||||
check_installed "$PKG" && die "Conflicting package installed: $PKG"
|
check_installed "$PKG" && die "Conflicting package installed: $PKG"
|
||||||
done < <(printf "%s\\n" "${BUILD_CONFLICTS[@]}")
|
done < <(printf "%s " "${BUILD_CONFLICTS[@]}")
|
||||||
while read -r PKG; do
|
while read -r PKG; do
|
||||||
check_installed "$PKG" || die "Required package not installed: $PKG"
|
check_installed "$PKG" || die "Required package not installed: $PKG"
|
||||||
done < <(printf "%s\\n" "${BUILD_REQUIRES[@]}")
|
done < <(printf "%s " "${BUILD_REQUIRES[@]}")
|
||||||
}
|
}
|
||||||
|
|
||||||
# Gather some system information.
|
# Gather some system information.
|
||||||
|
|
|
||||||
|
|
@ -1,24 +1,24 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# Version: 0.3.1
|
# Version: 0.4.0
|
||||||
# Copyright (c) 2005-2022:
|
# Copyright (c) 2005-2022:
|
||||||
# Darren 'Tadgy' Austin <darren (at) afterdark.org.uk>
|
# Darren 'Tadgy' Austin <darren (at) afterdark.org.uk>
|
||||||
# Licensed under the terms of the GNU General Public License version 3.
|
# Licensed under the terms of the GNU General Public License version 3.
|
||||||
|
|
||||||
EXEC="%BUILD_PREFIX%/bin/fail2ban-client"
|
SERVICE_EXEC="%BUILD_PREFIX%/bin/fail2ban-client"
|
||||||
ARGS=('-x' 'start')
|
SERVICE_ARGS=('-x' 'start')
|
||||||
PIDFILE="/run/fail2ban.pid"
|
SERVICE_PIDFILE="/run/fail2ban.pid"
|
||||||
|
|
||||||
# Allow configuration in /etc/default to override.
|
# Allow configuration in /etc/default to override.
|
||||||
# Additional available variables:
|
# Additional available variables:
|
||||||
# ENVIRONMENT=() # Extra environment passed to $EXEC. Must be an array.
|
# SERVICE_ENVIRONMENT=() # Extra environment passed to $SERVICE_EXEC. Must be an array.
|
||||||
# EXTRA_ARGS=() # Extra arguments passed to $EXEC. Must be an array.
|
# SERVICE_EXTRA_ARGS=() # Extra arguments passed to $SERVICE_EXEC. Must be an array.
|
||||||
# SLAY_DELAY="" # Delay between the SIGTERM and SIGKILL on a 'stop'. Default: 2s.
|
# SLAY_DELAY="" # Delay between the SIGTERM and SIGKILL on a 'stop'. Default: 2s.
|
||||||
# RESTART_DELAY="" # Delay between stopping and starting on a 'restart'. Default: 2s.
|
# RESTART_DELAY="" # Delay between stopping and starting on a 'restart'. Default: 2s.
|
||||||
# shellcheck disable=SC1090
|
# shellcheck disable=SC1090
|
||||||
[[ -e "/etc/default/${0##*rc.}" ]] && { source "/etc/default/${0##*rc.}" || return 1 2>/dev/null || exit 1; }
|
[[ -e "/etc/default/${0##*rc.}" ]] && { source "/etc/default/${0##*rc.}" || return 1 2>/dev/null || exit 1; }
|
||||||
|
|
||||||
error() {
|
error() {
|
||||||
printf "%s: %s: %s\\n" "${BASH_SOURCE[0]##*/}" "${EXEC##*/}" "$*" >&2
|
printf "%s: %s\\n" "${BASH_SOURCE[0]##*/}" "$*" >&2
|
||||||
}
|
}
|
||||||
|
|
||||||
checkconfigured() {
|
checkconfigured() {
|
||||||
|
|
@ -26,46 +26,46 @@ checkconfigured() {
|
||||||
# can start correctly, before actually trying to start it. A return value of 0 means the
|
# can start correctly, before actually trying to start it. A return value of 0 means the
|
||||||
# tests were passed and the daemon should be started. Any other value prevents the
|
# tests were passed and the daemon should be started. Any other value prevents the
|
||||||
# daemon from being started, and an error message will be emitted.
|
# daemon from being started, and an error message will be emitted.
|
||||||
${ENVIRONMENT:+declare ${ENVIRONMENT[*]};} "$EXEC" --test >/dev/null 2>&1 || return 1
|
${SERVICE_ENVIRONMENT:+declare ${SERVICE_ENVIRONMENT[*]};} "$SERVICE_EXEC" --test >/dev/null 2>&1 || return 1
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
checkstatus() {
|
checkstatus() {
|
||||||
# shellcheck disable=SC2155
|
# shellcheck disable=SC2155
|
||||||
local RUNPIDS="$({ pgrep -f "$EXEC"; pgrep -F "$PIDFILE" 2>/dev/null; } | sort -u )"
|
local RUNPIDS="$({ pgrep -f "$SERVICE_EXEC"; pgrep -F "$SERVICE_PIDFILE" 2>/dev/null; } | sort -u )"
|
||||||
if [[ -n "$RUNPIDS" ]]; then
|
if [[ -n "$RUNPIDS" ]]; then
|
||||||
printf "%s: %s: %s" "${BASH_SOURCE[0]##*/}" "${EXEC##*/}" "running"
|
printf "%s: %s: %s" "${BASH_SOURCE[0]##*/}" "${SERVICE_EXEC##*/}" "running"
|
||||||
if [[ -n "$PIDFILE" ]]; then
|
if [[ -n "$SERVICE_PIDFILE" ]]; then
|
||||||
if [[ ! -e "$PIDFILE" ]]; then
|
if [[ ! -e "$SERVICE_PIDFILE" ]]; then
|
||||||
printf "%s" ", but .pid file does not exist"
|
printf "%s" ", but .pid file does not exist"
|
||||||
elif ! grep "\<$(<"$PIDFILE")\>" <<<"$RUNPIDS" >/dev/null 2>&1; then
|
elif ! grep "\<$(<"$SERVICE_PIDFILE")\>" <<<"$RUNPIDS" >/dev/null 2>&1; then
|
||||||
printf "%s" ", but .pid file is stale"
|
printf "%s" ", but .pid file is stale"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
printf "\\n"
|
printf "\\n"
|
||||||
else
|
else
|
||||||
printf "%s: %s: %s\\n" "${BASH_SOURCE[0]##*/}" "${EXEC##*/}" "stopped"
|
printf "%s: %s: %s\\n" "${BASH_SOURCE[0]##*/}" "${SERVICE_EXEC##*/}" "stopped"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
startdaemon() {
|
startdaemon() {
|
||||||
if [[ ! -e "$EXEC" ]]; then
|
if [[ ! -e "$SERVICE_EXEC" ]]; then
|
||||||
error "not found"
|
error "not found: $SERVICE_EXEC"
|
||||||
return 2
|
return 2
|
||||||
elif [[ ! -x "$EXEC" ]]; then
|
elif [[ ! -x "$SERVICE_EXEC" ]]; then
|
||||||
error "not executable"
|
error "not executable: $SERVICE_EXEC"
|
||||||
return 2
|
return 2
|
||||||
elif ! checkconfigured; then
|
elif ! checkconfigured; then
|
||||||
error "not started - pre-start checks failed"
|
error "not started - pre-start checks failed"
|
||||||
return 2
|
return 2
|
||||||
fi
|
fi
|
||||||
# shellcheck disable=SC2048,SC2086
|
# shellcheck disable=SC2048,SC2086
|
||||||
${ENVIRONMENT:+declare ${ENVIRONMENT[*]};} "$EXEC" ${ARGS[*]} ${EXTRA_ARGS[*]}
|
${SERVICE_ENVIRONMENT:+declare ${SERVICE_ENVIRONMENT[*]};} "$SERVICE_EXEC" ${SERVICE_ARGS[*]} ${SERVICE_EXTRA_ARGS[*]}
|
||||||
# shellcheck disable=SC2181
|
# shellcheck disable=SC2181
|
||||||
if (( $? != 0 )); then
|
if (( $? != 0 )); then
|
||||||
error "error starting daemon"
|
error "error starting '${SERVICE_EXEC##*/}'"
|
||||||
return 2
|
return 2
|
||||||
else
|
else
|
||||||
return 0
|
return 0
|
||||||
|
|
@ -73,15 +73,15 @@ startdaemon() {
|
||||||
}
|
}
|
||||||
|
|
||||||
stopdaemon() {
|
stopdaemon() {
|
||||||
kill -TERM "$(pgrep -f "$EXEC" | tr $'\n' " ")" >/dev/null 2>&1
|
kill -TERM "$(pgrep -f "$SERVICE_EXEC" | tr $'\n' " ")" >/dev/null 2>&1
|
||||||
[[ -e "$PIDFILE" ]] && {
|
[[ -e "$SERVICE_PIDFILE" ]] && {
|
||||||
sleep 0.5
|
sleep 0.5
|
||||||
kill -TERM "$(<"$PIDFILE")" >/dev/null 2>&1
|
kill -TERM "$(<"$SERVICE_PIDFILE")" >/dev/null 2>&1
|
||||||
}
|
}
|
||||||
sleep "${SLAY_DELAY:-2}"
|
sleep "${SLAY_DELAY:-2}"
|
||||||
checkstatus >/dev/null && {
|
checkstatus >/dev/null && {
|
||||||
error "failed to stop gracefully - slaying"
|
error "failed to stop gracefully - slaying"
|
||||||
kill -KILL "$({ cat "$PIDFILE"; pgrep -f "$EXEC"; } 2>/dev/null | sort -u | tr $'\n' " ")" >/dev/null 2>&1
|
kill -KILL "$({ cat "$SERVICE_PIDFILE"; pgrep -f "$SERVICE_EXEC"; } 2>/dev/null | sort -u | tr $'\n' " ")" >/dev/null 2>&1
|
||||||
}
|
}
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
@ -89,7 +89,7 @@ stopdaemon() {
|
||||||
case "$1" in
|
case "$1" in
|
||||||
'start')
|
'start')
|
||||||
if checkstatus >/dev/null; then
|
if checkstatus >/dev/null; then
|
||||||
error "already running"
|
error "${SERVICE_EXEC##*/}: already running"
|
||||||
printf " %s\\n" "Try: ${BASH_SOURCE[0]} status" >&2
|
printf " %s\\n" "Try: ${BASH_SOURCE[0]} status" >&2
|
||||||
RET=1
|
RET=1
|
||||||
else
|
else
|
||||||
|
|
@ -99,7 +99,7 @@ case "$1" in
|
||||||
;;
|
;;
|
||||||
'stop')
|
'stop')
|
||||||
if ! checkstatus >/dev/null; then
|
if ! checkstatus >/dev/null; then
|
||||||
error "not running"
|
error "${SERVICE_EXEC##*/}: not running"
|
||||||
printf " %s\\n" "Try: ${BASH_SOURCE[0]} status" >&2
|
printf " %s\\n" "Try: ${BASH_SOURCE[0]} status" >&2
|
||||||
RET=1
|
RET=1
|
||||||
else
|
else
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue