#
# spec file for package fail2ban
#
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


Name:           fail2ban
Version:        0.8.12
Release:        0
Url:            http://www.fail2ban.org/
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildArch:      noarch
Summary:        Bans IP addresses that make too many authentication failures
License:        GPL-2.0+
Group:          Productivity/Networking/Security
Source0:        https://github.com/%{name}/%{name}/releases/download/%{version}/%{name}-%{version}.tar.bz2
%if 0%{?suse_version} < 1230
# the init-script requires lsof
Requires:       lsof
Source1:        %{name}.init
%endif
Source2:        %{name}.sysconfig
Source3:        %{name}.logrotate
%if 0%{?suse_version} >= 1230
Source4:        %{name}.service
Source5:        %{name}.tmpfiles
%endif
# PATCH-FIX-UPSTREAM fix-for-upstream-firewallcmd-ipset.conf.patch rh#1046816
Patch0:         fix-for-upstream-firewallcmd-ipset.conf.patch
Requires:       cron
Requires:       iptables
Requires:       logrotate
Requires:       python >= 2.5
%if 0%{?suse_version} >= 1140 && 0%{?sles_version} == 0
Requires:       python-pyinotify
%endif
%if 0%{?suse_version} >= 1220
Requires:       python-gamin
%endif
%if 0%{?suse_version} >= 1230
%{?systemd_requires}
BuildRequires:  systemd
%endif
BuildRequires:  logrotate
BuildRequires:  python-devel

%description
Fail2ban scans log files like /var/log/messages and bans IP addresses
that makes too many password failures. It updates firewall rules to
reject the IP address, can send e-mails, or set host.deny entries.
These rules can be defined by the user. Fail2Ban can read multiple log
files such as sshd or Apache web server ones.

%prep
%setup
%patch0 -p1
# correct doc-path
sed -i -e 's|/usr/share/doc/fail2ban|%{_docdir}/%{name}|' setup.py

%build
export CFLAGS="$RPM_OPT_FLAGS"
python setup.py build
gzip man/*.1

%install
python setup.py install \
	--root=$RPM_BUILD_ROOT \
	--prefix=%{_prefix}
install -d -m755 $RPM_BUILD_ROOT/%{_mandir}/man1
for i in fail2ban-client fail2ban-regex fail2ban-server; do
	install -m644 man/${i}.1.gz $RPM_BUILD_ROOT/%{_mandir}/man1
done
install -d -m755 $RPM_BUILD_ROOT/%{_initrddir}
install -d -m755 $RPM_BUILD_ROOT/%{_sbindir}
%if 0%{?suse_version} < 1230
install -m755 %{SOURCE1} $RPM_BUILD_ROOT/%{_initrddir}/%{name}
ln -sf %{_initrddir}/%{name} ${RPM_BUILD_ROOT}%{_sbindir}/rc%{name}
%endif
install -d -m755 $RPM_BUILD_ROOT/var/adm/fillup-templates
install -m 644 %{SOURCE2} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.%{name}

install -d -m755 $RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d
install -m 644 %{SOURCE3}  $RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d/fail2ban

%if 0%{?suse_version} >= 1230
install -d -m755 $RPM_BUILD_ROOT/%{_unitdir}
install -m644 %{SOURCE4} $RPM_BUILD_ROOT/%{_unitdir}/%{name}.service

install -d -m755 $RPM_BUILD_ROOT/usr/lib/tmpfiles.d/
install -m644 %{SOURCE5} $RPM_BUILD_ROOT/usr/lib/tmpfiles.d/%{name}.conf
%endif

%pre
%if 0%{?suse_version} >= 1230
%service_add_pre %{name}.service
%endif

%post
%{fillup_only}
%if 0%{?suse_version} >= 1230
systemd-tmpfiles --create /usr/lib/tmpfiles.d/%{name}.conf
%service_add_post %{name}.service
%endif

%preun
%if 0%{?suse_version} >= 1230
%service_del_preun %{name}.service
%else
%stop_on_removal %{name}
%endif

%postun
%if 0%{?suse_version} >= 1230
%service_del_postun %{name}.service
%else
%restart_on_update %{name}
%insserv_cleanup
%endif

%files
%defattr(-, root, root)
%dir %{_sysconfdir}/%{name}
%dir %{_sysconfdir}/%{name}/action.d
%dir %{_sysconfdir}/%{name}/filter.d
%config(noreplace) %{_sysconfdir}/%{name}/*.conf
%config(noreplace) %{_sysconfdir}/%{name}/action.d/*.conf
%config(noreplace) %{_sysconfdir}/%{name}/filter.d/*.conf
%config %{_sysconfdir}/logrotate.d/fail2ban
%if 0%{?suse_version} >= 1230
%{_unitdir}/%{name}.service
/usr/lib/tmpfiles.d/%{name}.conf
%else
%{_initrddir}/%{name}
%{_sbindir}/rc%{name}
%dir %ghost /var/run/%{name}
%endif
%{_bindir}/%{name}*
%{_datadir}/%{name}
/var/adm/fillup-templates/sysconfig.%{name}
%doc %{_mandir}/man1/*
%doc COPYING ChangeLog DEVELOP README.md TODO files/cacti

%changelog