From 3030fbe27f47d20d7b511f02edf83251b8234761029b0e62b5ca9a80412f3be3 Mon Sep 17 00:00:00 2001 From: Lars Vogdt Date: Wed, 25 Jun 2014 15:39:26 +0000 Subject: [PATCH 1/3] - update to 0.8.13: + Fixes: - action firewallcmd-ipset had non-working actioncheck. Removed. redhat bug #1046816. - filter pureftpd - added _daemon which got removed. Added + New Features: - filter nagios - detects unauthorized access to the nrpe daemon (Ivo Truxa) - filter sendmail-{auth,reject} (jserrachinha and cepheid666 and fab23). + Enhancements: - filter asterisk now supports syslog format - filter pureftpd - added all translations of "Authentication failed for user" - filter dovecot - lip= was optional and extended TLS errors can occur. Thanks Noel Butler. - removed fix-for-upstream-firewallcmd-ipset.conf.patch : fixed upstream - split out nagios-plugins-fail2ban package OBS-URL: https://build.opensuse.org/package/show/security/fail2ban?expand=0&rev=46 --- fail2ban-0.8.12.tar.bz2 | 3 -- fail2ban-0.8.13.tar.bz2 | 3 ++ fail2ban.changes | 23 ++++++++++++++ fail2ban.spec | 31 ++++++++++++++++--- fix-for-upstream-firewallcmd-ipset.conf.patch | 23 -------------- 5 files changed, 52 insertions(+), 31 deletions(-) delete mode 100644 fail2ban-0.8.12.tar.bz2 create mode 100644 fail2ban-0.8.13.tar.bz2 delete mode 100644 fix-for-upstream-firewallcmd-ipset.conf.patch diff --git a/fail2ban-0.8.12.tar.bz2 b/fail2ban-0.8.12.tar.bz2 deleted file mode 100644 index 4cebe8b..0000000 --- a/fail2ban-0.8.12.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2cdd7cbbf8b770715ce0068aec9dd8857388cd4d690fd5211907d7f2f3bdcde4 -size 169644 diff --git a/fail2ban-0.8.13.tar.bz2 b/fail2ban-0.8.13.tar.bz2 new file mode 100644 index 0000000..169ef85 --- /dev/null +++ b/fail2ban-0.8.13.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f709a6a180553bbb20b7c27d686703d930d50ea99aeed47e70df427b6de494d3 +size 188068 diff --git a/fail2ban.changes b/fail2ban.changes index 92b7ba0..24f0bb6 100644 --- a/fail2ban.changes +++ b/fail2ban.changes @@ -1,3 +1,26 @@ +------------------------------------------------------------------- +Wed Jun 25 15:13:37 UTC 2014 - lars@linux-schulserver.de + +- update to 0.8.13: + + Fixes: + - action firewallcmd-ipset had non-working actioncheck. Removed. + redhat bug #1046816. + - filter pureftpd - added _daemon which got removed. Added + + + New Features: + - filter nagios - detects unauthorized access to the nrpe daemon (Ivo Truxa) + - filter sendmail-{auth,reject} (jserrachinha and cepheid666 and fab23). + + + Enhancements: + - filter asterisk now supports syslog format + - filter pureftpd - added all translations of "Authentication failed for + user" + - filter dovecot - lip= was optional and extended TLS errors can occur. + Thanks Noel Butler. +- removed fix-for-upstream-firewallcmd-ipset.conf.patch : fixed + upstream +- split out nagios-plugins-fail2ban package + ------------------------------------------------------------------- Tue Feb 18 00:03:12 UTC 2014 - jengelh@inai.de diff --git a/fail2ban.spec b/fail2ban.spec index 58dfd11..b6c3323 100644 --- a/fail2ban.spec +++ b/fail2ban.spec @@ -17,7 +17,7 @@ Name: fail2ban -Version: 0.8.12 +Version: 0.8.13 Release: 0 Url: http://www.fail2ban.org/ Summary: Bans IP addresses that make too many authentication failures @@ -36,8 +36,6 @@ Source4: %{name}.service Source5: %{name}.tmpfiles Source6: sfw-fail2ban.conf Source7: f2b-restart.conf -# PATCH-FIX-UPSTREAM fix-for-upstream-firewallcmd-ipset.conf.patch rh#1046816 -Patch0: fix-for-upstream-firewallcmd-ipset.conf.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch %if 0%{?suse_version} >= 1230 @@ -65,7 +63,7 @@ These rules can be defined by the user. Fail2Ban can read multiple log files such as sshd or Apache web server ones. %package -n SuSEfirewall2-fail2ban -Summary: systemd files for integrating fail2ban into SuSEfirewall2 +Summary: Files for integrating fail2ban into SuSEfirewall2 via systemd Group: Productivity/Networking/Security BuildArch: noarch Requires: SuSEfirewall2 @@ -76,9 +74,24 @@ This package ships systemd files which will cause fail2ban to be ordered in relation to SuSEfirewall2 such that the two can be run concurrently within reason, i.e. SFW will always run first because it does a table flush. +%package -n nagios-plugins-fail2ban +Summary: Check fail2ban server and how many IPs are currently banned +Group: System/Monitoring +%define nagios_plugindir %{_prefix}/lib/nagios/plugins + +%description -n nagios-plugins-fail2ban +This plugin checks if the fail2ban server is running and how many IPs are +currently banned. You can use this plugin to monitor all the jails or just a +specific jail. + +How to use +---------- +Just have to run the following command: + $ ./check_fail2ban --help + + %prep %setup -%patch0 -p1 # correct doc-path sed -i -e 's|/usr/share/doc/fail2ban|%{_docdir}/%{name}|' setup.py @@ -120,6 +133,7 @@ install -Dm0644 "%_sourcedir/sfw-fail2ban.conf" \ install -Dm0644 "%_sourcedir/f2b-restart.conf" \ "%buildroot/%_unitdir/fail2ban.service.d/SuSEfirewall2.conf" %endif +install -Dm755 files/nagios/check_fail2ban %{buildroot}/%{nagios_plugindir}/check_fail2ban %pre %if 0%{?suse_version} >= 1230 @@ -186,4 +200,11 @@ systemd-tmpfiles --create /usr/lib/tmpfiles.d/%{name}.conf %_unitdir/fail2ban.service.d %endif +%files -n nagios-plugins-fail2ban +%defattr(-,root,root) +%doc files/nagios/README COPYING +%dir %{_prefix}/lib/nagios +%dir %{nagios_plugindir} +%{nagios_plugindir}/check_fail2ban + %changelog diff --git a/fix-for-upstream-firewallcmd-ipset.conf.patch b/fix-for-upstream-firewallcmd-ipset.conf.patch deleted file mode 100644 index 5cffb45..0000000 --- a/fix-for-upstream-firewallcmd-ipset.conf.patch +++ /dev/null @@ -1,23 +0,0 @@ -diff -ur fail2ban-0.8.12.orig/config/action.d/firewallcmd-ipset.conf fail2ban-0.8.12/config/action.d/firewallcmd-ipset.conf ---- fail2ban-0.8.12.orig/config/action.d/firewallcmd-ipset.conf 2014-01-16 09:20:14.000000000 +0100 -+++ fail2ban-0.8.12/config/action.d/firewallcmd-ipset.conf 2014-01-23 22:43:53.115263616 +0100 -@@ -25,8 +25,6 @@ - ipset flush fail2ban- - ipset destroy fail2ban- - --actioncheck = firewall-cmd --direct --get-chains ipv4 filter | grep -q '^fail2ban-$' -- - actionban = ipset add fail2ban- timeout -exist - - actionunban = ipset del fail2ban- -exist -diff -ur fail2ban-0.8.12.orig/THANKS fail2ban-0.8.12/THANKS ---- fail2ban-0.8.12.orig/THANKS 2014-01-21 21:59:49.000000000 +0100 -+++ fail2ban-0.8.12/THANKS 2014-01-23 22:43:53.115263616 +0100 -@@ -30,6 +30,7 @@ - Daniel B. - Daniel Black - David Nutter -+Derek Atkins - Eric Gerbier - Enrico Labedzki - ftoppi From 6be289add438264702641c5afb07131d52329c8b08a09404a427608e6364135f Mon Sep 17 00:00:00 2001 From: Johannes Weberhofer Date: Thu, 21 Aug 2014 13:18:17 +0000 Subject: [PATCH 2/3] Accepting request 245601 from home:weberho:BACKPORTS:webserver Updated patch information in the .changes and the spec file OBS-URL: https://build.opensuse.org/request/show/245601 OBS-URL: https://build.opensuse.org/package/show/security/fail2ban?expand=0&rev=47 --- 0.8.14.tar.gz | 3 + fail2ban-0.8.13.tar.bz2 | 3 - fail2ban-opensuse-locations.patch | 256 ++++++++++++++++++++++++++++++ fail2ban.changes | 14 ++ fail2ban.spec | 7 +- 5 files changed, 278 insertions(+), 5 deletions(-) create mode 100644 0.8.14.tar.gz delete mode 100644 fail2ban-0.8.13.tar.bz2 create mode 100644 fail2ban-opensuse-locations.patch diff --git a/0.8.14.tar.gz b/0.8.14.tar.gz new file mode 100644 index 0000000..9bdd071 --- /dev/null +++ b/0.8.14.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:2d579d9f403eb95064781ffb28aca2b258ca55d7a2ba056a8fa2b3e6b79721f2 +size 228121 diff --git a/fail2ban-0.8.13.tar.bz2 b/fail2ban-0.8.13.tar.bz2 deleted file mode 100644 index 169ef85..0000000 --- a/fail2ban-0.8.13.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f709a6a180553bbb20b7c27d686703d930d50ea99aeed47e70df427b6de494d3 -size 188068 diff --git a/fail2ban-opensuse-locations.patch b/fail2ban-opensuse-locations.patch new file mode 100644 index 0000000..532ef37 --- /dev/null +++ b/fail2ban-opensuse-locations.patch @@ -0,0 +1,256 @@ +diff -ur fail2ban-0.8.14.orig/config/jail.conf fail2ban-0.8.14/config/jail.conf +--- fail2ban-0.8.14.orig/config/jail.conf 2014-08-19 22:23:33.000000000 +0200 ++++ fail2ban-0.8.14/config/jail.conf 2014-08-20 17:39:21.428256837 +0200 +@@ -80,7 +80,7 @@ + enabled = false + filter = pam-generic + action = iptables-allports[name=pam,protocol=all] +-logpath = /var/log/secure ++logpath = /var/log/messages + + + [xinetd-fail] +@@ -97,7 +97,7 @@ + filter = sshd + action = iptables[name=SSH, port=ssh, protocol=tcp] + sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"] +-logpath = /var/log/sshd.log ++logpath = /var/log/messages + maxretry = 5 + + +@@ -106,7 +106,7 @@ + enabled = false + filter = sshd-ddos + action = iptables[name=SSHDDOS, port=ssh, protocol=tcp] +-logpath = /var/log/sshd.log ++logpath = /var/log/messages + maxretry = 2 + + +@@ -135,7 +135,7 @@ + filter = gssftpd + action = iptables[name=GSSFTPd, port=ftp, protocol=tcp] + sendmail-whois[name=GSSFTPd, dest=you@example.com] +-logpath = /var/log/daemon.log ++logpath = /var/log/messages + maxretry = 6 + + +@@ -144,7 +144,7 @@ + enabled = false + filter = pure-ftpd + action = iptables[name=pureftpd, port=ftp, protocol=tcp] +-logpath = /var/log/pureftpd.log ++logpath = /var/log/messages + maxretry = 6 + + +@@ -153,7 +153,7 @@ + enabled = false + filter = wuftpd + action = iptables[name=wuftpd, port=ftp, protocol=tcp] +-logpath = /var/log/daemon.log ++logpath = /var/log/messages + maxretry = 6 + + +@@ -162,7 +162,7 @@ + enabled = false + filter = sendmail-auth + action = iptables-multiport[name=sendmail-auth, port="submission,465,smtp", protocol=tcp] +-logpath = /var/log/mail.log ++logpath = /var/log/mail + + + [sendmail-reject] +@@ -170,7 +170,7 @@ + enabled = false + filter = sendmail-reject + action = iptables-multiport[name=sendmail-auth, port="submission,465,smtp", protocol=tcp] +-logpath = /var/log/mail.log ++logpath = /var/log/mail + + + # This jail forces the backend to "polling". +@@ -181,7 +181,7 @@ + backend = polling + action = iptables[name=sasl, port=smtp, protocol=tcp] + sendmail-whois[name=sasl, dest=you@example.com] +-logpath = /var/log/mail.log ++logpath = /var/log/mail + + + # ASSP SMTP Proxy Jail +@@ -202,7 +202,7 @@ + action = hostsdeny[daemon_list=sshd] + sendmail-whois[name=SSH, dest=you@example.com] + ignoreregex = for myuser from +-logpath = /var/log/sshd.log ++logpath = /var/log/messages + + + # Here we use blackhole routes for not requiring any additional kernel support +@@ -212,7 +212,7 @@ + enabled = false + filter = sshd + action = route +-logpath = /var/log/sshd.log ++logpath = /var/log/messages + maxretry = 5 + + +@@ -226,7 +226,7 @@ + enabled = false + filter = sshd + action = iptables-ipset-proto4[name=SSH, port=ssh, protocol=tcp] +-logpath = /var/log/sshd.log ++logpath = /var/log/messages + maxretry = 5 + + +@@ -235,7 +235,7 @@ + enabled = false + filter = sshd + action = iptables-ipset-proto6[name=SSH, port=ssh, protocol=tcp, bantime=600] +-logpath = /var/log/sshd.log ++logpath = /var/log/messages + maxretry = 5 + + +@@ -329,7 +329,7 @@ + enabled = false + filter = cyrus-imap + action = iptables-multiport[name=cyrus-imap,port="143,993"] +-logpath = /var/log/mail*log ++logpath = /var/log/mail + + + [courierlogin] +@@ -337,7 +337,7 @@ + enabled = false + filter = courierlogin + action = iptables-multiport[name=courierlogin,port="25,110,143,465,587,993,995"] +-logpath = /var/log/mail*log ++logpath = /var/log/mail + + + [couriersmtp] +@@ -345,7 +345,7 @@ + enabled = false + filter = couriersmtp + action = iptables-multiport[name=couriersmtp,port="25,465,587"] +-logpath = /var/log/mail*log ++logpath = /var/log/mail + + + [qmail-rbl] +@@ -361,7 +361,7 @@ + enabled = false + filter = sieve + action = iptables-multiport[name=sieve,port="25,465,587"] +-logpath = /var/log/mail*log ++logpath = /var/log/mail + + + # Do not ban anybody. Just report information about the remote host. +@@ -396,7 +396,8 @@ + filter = apache-badbots + action = iptables-multiport[name=BadBots, port="http,https"] + sendmail-buffered[name=BadBots, lines=5, dest=you@example.com] +-logpath = /var/www/*/logs/access_log ++logpath = /var/log/apache/access_log ++ /var/log/apache2/*/access_log + bantime = 172800 + maxretry = 1 + +@@ -466,7 +467,7 @@ + enabled = false + action = iptables-multiport[name=php-url-open, port="http,https"] + filter = php-url-fopen +-logpath = /var/www/*/logs/access_log ++logpath = /var/log/apache/access_log + maxretry = 1 + + +@@ -500,7 +501,7 @@ + filter = sshd + action = ipfw[localhost=192.168.0.1] + sendmail-whois[name="SSH,IPFW", dest=you@example.com] +-logpath = /var/log/auth.log ++logpath = /var/log/messages + ignoreip = 168.192.0.1 + + +@@ -531,7 +532,7 @@ + filter = named-refused + action = iptables-multiport[name=Named, port="domain,953", protocol=tcp] + sendmail-whois[name=Named, dest=you@example.com] +-logpath = /var/log/named/security.log ++logpath = /var/lib/named/log/security.log + ignoreip = 168.192.0.1 + + +@@ -601,7 +602,7 @@ + filter = mysqld-auth + action = iptables[name=mysql, port=3306, protocol=tcp] + sendmail-whois[name=MySQL, dest=root, sender=fail2ban@example.com] +-logpath = /var/log/mysqld.log ++logpath = /var/log/mysql/mysqld.log + maxretry = 5 + + +@@ -610,7 +611,7 @@ + enabled = false + filter = mysqld-auth + action = iptables[name=mysql, port=3306, protocol=tcp] +-logpath = /var/log/daemon.log ++logpath = /var/log/mysql/mysqld.log + maxretry = 5 + + +@@ -637,7 +638,7 @@ + enabled = false + filter = sshd + action = pf +-logpath = /var/log/sshd.log ++logpath = /var/log/messages + maxretry = 5 + + +@@ -723,7 +724,7 @@ + enabled = false + filter = dovecot + action = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,465,sieve", protocol=tcp] +-logpath = /var/log/mail.log ++logpath = /var/log/mail + + + [dovecot-auth] +@@ -731,7 +732,7 @@ + enabled = false + filter = dovecot + action = iptables-multiport[name=dovecot-auth, port="pop3,pop3s,imap,imaps,submission,465,sieve", protocol=tcp] +-logpath = /var/log/secure ++logpath = /var/log/mail + + + [solid-pop3d] +@@ -739,7 +740,7 @@ + enabled = false + filter = solid-pop3d + action = iptables-multiport[name=solid-pop3, port="pop3,pop3s", protocol=tcp] +-logpath = /var/log/mail.log ++logpath = /var/log/mail + + + [selinux-ssh] +@@ -761,7 +762,7 @@ + action = iptables[name=SSH, port=ssh, protocol=tcp] + sendmail-whois[name=SSH, dest=you@example.com, sender=fail2ban@example.com, sendername="Fail2Ban"] + blocklist_de[email="fail2ban@example.com", apikey="xxxxxx", service=%(filter)s] +-logpath = /var/log/sshd.log ++logpath = /var/log/messages + maxretry = 20 + + diff --git a/fail2ban.changes b/fail2ban.changes index 24f0bb6..7858f0d 100644 --- a/fail2ban.changes +++ b/fail2ban.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Wed Aug 20 15:44:54 UTC 2014 - jweberhofer@weberhofer.at + +- update to 0.8.14 + * minor fixes for claimed Python 2.4 and 2.5 compatibility + * Handle case when inotify watch is auto deleted on file deletion to stop + error messages + * tests - fixed few "leaky" file descriptors when files were not closed while + being removed physically + * grep in mail*-whois-lines.conf now also matches end of line to work with + the recidive filter +- add fail2ban-opensuse-locations.patch to fix default locations as suggested + in bnc#878028 + ------------------------------------------------------------------- Wed Jun 25 15:13:37 UTC 2014 - lars@linux-schulserver.de diff --git a/fail2ban.spec b/fail2ban.spec index b6c3323..a5908a9 100644 --- a/fail2ban.spec +++ b/fail2ban.spec @@ -17,14 +17,14 @@ Name: fail2ban -Version: 0.8.13 +Version: 0.8.14 Release: 0 Url: http://www.fail2ban.org/ Summary: Bans IP addresses that make too many authentication failures License: GPL-2.0+ Group: Productivity/Networking/Security -Source0: https://github.com/%{name}/%{name}/releases/download/%{version}/%{name}-%{version}.tar.bz2 +Source0: https://github.com/fail2ban/fail2ban/archive/%{version}.tar.gz %if 0%{?suse_version} < 1230 # the init-script requires lsof Requires: lsof @@ -36,6 +36,8 @@ Source4: %{name}.service Source5: %{name}.tmpfiles Source6: sfw-fail2ban.conf Source7: f2b-restart.conf +# PATCH-FIX-OPENSUSE fail2ban-opensuse-locations.patch bnc#878028 jweberhofer@weberhoferat -- update default locations for logfiles +Patch100: fail2ban-opensuse-locations.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch %if 0%{?suse_version} >= 1230 @@ -92,6 +94,7 @@ Just have to run the following command: %prep %setup +%patch100 -p1 # correct doc-path sed -i -e 's|/usr/share/doc/fail2ban|%{_docdir}/%{name}|' setup.py From baf2add4d948dea9201839f72bc70dc8e509728dfa9e6818a56481a6760532d0 Mon Sep 17 00:00:00 2001 From: Johannes Weberhofer Date: Thu, 21 Aug 2014 16:58:13 +0000 Subject: [PATCH 3/3] Accepting request 245651 from home:weberho:branches:security - Fixed check for %_unitdir to make fail2ban build under older systems, too. - Changed /usr to %{_prefix} in the spec file OBS-URL: https://build.opensuse.org/request/show/245651 OBS-URL: https://build.opensuse.org/package/show/security/fail2ban?expand=0&rev=48 --- fail2ban.changes | 6 ++++++ fail2ban.spec | 16 ++++++++-------- 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/fail2ban.changes b/fail2ban.changes index 7858f0d..1ae94ec 100644 --- a/fail2ban.changes +++ b/fail2ban.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Aug 21 16:50:20 UTC 2014 - jweberhofer@weberhofer.at + +- Fixed check for %_unitdir to make fail2ban build under older systems, too. +- Changed /usr to %{_prefix} in the spec file + ------------------------------------------------------------------- Wed Aug 20 15:44:54 UTC 2014 - jweberhofer@weberhofer.at diff --git a/fail2ban.spec b/fail2ban.spec index a5908a9..2898912 100644 --- a/fail2ban.spec +++ b/fail2ban.spec @@ -96,7 +96,7 @@ Just have to run the following command: %setup %patch100 -p1 # correct doc-path -sed -i -e 's|/usr/share/doc/fail2ban|%{_docdir}/%{name}|' setup.py +sed -i -e 's|%{_prefix}/share/doc/fail2ban|%{_docdir}/%{name}|' setup.py %build export CFLAGS="$RPM_OPT_FLAGS" @@ -127,10 +127,10 @@ install -m 644 %{SOURCE3} $RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d/fail2ban install -d -m755 $RPM_BUILD_ROOT/%{_unitdir} install -m644 %{SOURCE4} $RPM_BUILD_ROOT/%{_unitdir}/%{name}.service -install -d -m755 $RPM_BUILD_ROOT/usr/lib/tmpfiles.d/ -install -m644 %{SOURCE5} $RPM_BUILD_ROOT/usr/lib/tmpfiles.d/%{name}.conf +install -d -m755 $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d/ +install -m644 %{SOURCE5} $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d/%{name}.conf %endif -%if "%_unitdir" != "" +%if 0%{?_unitdir:1} install -Dm0644 "%_sourcedir/sfw-fail2ban.conf" \ "%buildroot/%_unitdir/SuSEfirewall2.service.d/fail2ban.conf" install -Dm0644 "%_sourcedir/f2b-restart.conf" \ @@ -146,7 +146,7 @@ install -Dm755 files/nagios/check_fail2ban %{buildroot}/%{nagios_plugindir}/chec %post %{fillup_only} %if 0%{?suse_version} >= 1230 -systemd-tmpfiles --create /usr/lib/tmpfiles.d/%{name}.conf +systemd-tmpfiles --create %{_prefix}/lib/tmpfiles.d/%{name}.conf %service_add_post %{name}.service %endif @@ -165,7 +165,7 @@ systemd-tmpfiles --create /usr/lib/tmpfiles.d/%{name}.conf %insserv_cleanup %endif -%if "%_unitdir" != "" +%if 0%{?_unitdir:1} %post -n SuSEfirewall2-fail2ban %_bindir/systemctl daemon-reload >/dev/null 2>&1 || : @@ -184,7 +184,7 @@ systemd-tmpfiles --create /usr/lib/tmpfiles.d/%{name}.conf %config %{_sysconfdir}/logrotate.d/fail2ban %if 0%{?suse_version} >= 1230 %{_unitdir}/%{name}.service -/usr/lib/tmpfiles.d/%{name}.conf +%{_prefix}/lib/tmpfiles.d/%{name}.conf %else %{_initrddir}/%{name} %{_sbindir}/rc%{name} @@ -196,7 +196,7 @@ systemd-tmpfiles --create /usr/lib/tmpfiles.d/%{name}.conf %doc %{_mandir}/man1/* %doc COPYING ChangeLog DEVELOP README.md TODO files/cacti -%if "%{?_unitdir}" != "" +%if 0%{?_unitdir:1} %files -n SuSEfirewall2-fail2ban %defattr(-,root,root) %_unitdir/SuSEfirewall2.service.d