From nobody@FreeBSD.org  Wed May  2 16:58:43 2012
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9AAD11065670
	for <freebsd-gnats-submit@FreeBSD.org>; Wed,  2 May 2012 16:58:43 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 85E1D8FC12
	for <freebsd-gnats-submit@FreeBSD.org>; Wed,  2 May 2012 16:58:43 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id q42Gwh8q044528
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 2 May 2012 16:58:43 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id q42Gwgg3044524;
	Wed, 2 May 2012 16:58:42 GMT
	(envelope-from nobody)
Message-Id: <201205021658.q42Gwgg3044524@red.freebsd.org>
Date: Wed, 2 May 2012 16:58:42 GMT
From: julien tayon <julien@tayon.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [fix included] fail2ban will never ever start with the given rc.d script
X-Send-Pr-Version: www-3.1
X-GNATS-Notify: theis@gmx.at

>Number:         167530
>Category:       ports
>Synopsis:       [patch] security/py-fail2ban will never ever start with the given rc.d script
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-python
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed May 02 17:00:24 UTC 2012
>Closed-Date:    Mon Oct 28 07:36:33 UTC 2013
>Last-Modified:  Mon Oct 28 07:36:33 UTC 2013
>Originator:     julien tayon
>Release:        8.3
>Organization:
me myself & I 
>Environment:
FreeBSD lupin 8.3-RELEASE FreeBSD 8.3-RELEASE #0: Mon Apr  9 21:23:18 UTC 2012     root@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  amd64

>Description:
fail2ban dont start 

because  /usr/local/etc/rc.d/fail2ban  never could have ever worked 

(anyone has ever tried to make it start ? )
>How-To-Repeat:
service fail2ban start
Ctrl+C (service is not backgrounded :/)


ps aux | grep fail[2] &> /dev/null && echo "QA tested!" || echo "Baka!"


>Fix:


vi /usr/local/etc/rc.d/fail2ban

#!/bin/sh
#
# PROVIDE: fail2ban
# REQUIRE: DAEMON
# KEYWORD: shutdown

# Add the following lines to /etc/rc.conf to enable fail2ban:
# fail2ban_enable="YES"
# fail2ban_flags="<set as needed>"

fail2ban_enable=${fail2ban_enable-"NO"}
fail2ban_pidfile=${fail2ban_pidfile-"/var/run/fail2ban/fail2ban.pid"}

. /etc/rc.subr

name="fail2ban"
rcvar=fail2ban_enable
pidfile="${fail2ban_pidfile}"

server="/usr/local/bin/fail2ban-server"
command_interpreter="/usr/local/bin/python2.7"
client="/usr/local/bin/fail2ban-client"

extra_commands="reload jailstatus"

load_rc_config ${name}

start_cmd="${server} -b ${fail2ban_flags} start"
stop_cmd="${server} ${fail2ban_flags} stop"
reload_cmd="${server} ${fail2ban_flags} reload"
jailstatus_cmd="${server} ${fail2ban_flags} status"

run_rc_command "$1"


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->freebsd-python 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Wed May 2 18:35:39 UTC 2012 
Responsible-Changed-Why:  
freebsd-python@ wants this port PRs (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=167530 
State-Changed-From-To: open->feedback 
State-Changed-By: edwin 
State-Changed-When: Wed May 2 18:35:45 UTC 2012 
State-Changed-Why:  
Awaiting maintainers feedback (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=167530 

From: Edwin Groothuis <edwin@FreeBSD.org>
To: theis@gmx.at
Cc: bug-followup@FreeBSD.org
Subject: Re: ports/167530: [patch] security/py-fail2ban will never ever start with the given rc.d script
Date: Wed, 2 May 2012 18:35:43 UT

 Maintainer of security/py-fail2ban,
 
 Please note that PR ports/167530 has just been submitted.
 
 If it contains a patch for an upgrade, an enhancement or a bug fix
 you agree on, reply to this email stating that you approve the patch
 and a committer will take care of it.
 
 The full text of the PR can be found at:
     http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/167530
 
 -- 
 Edwin Groothuis via the GNATS Auto Assign Tool
 edwin@FreeBSD.org

Date: Thu, 03 May 2012 08:40:40 +0200
From: Christoph Theis <theis@gmx.at>
To: julien tayon <julien@tayon.net>
Cc: bug-followup@FreeBSD.org
Subject: Re: fail2ban port bug issue

 Hello!
 
 Am 02.05.2012 20:21, schrieb julien tayon:
 > I just installed freebsd, and stumbled on a bug in the ports of
 > /usr/ports/security/py-fail2ban
 >
 > I filled a bug here http://www.freebsd.org/cgi/query-pr.cgi?pr=167530
 > the correction on the /etc/usr/local/etc/rc.d startup script is
 > included
 >
 >
 > But on irc everybody told me to contact you instead, I find this pretty weired.
 
 Indeed, that is strange. I know the script is working ,)
 
 If I read your suggested patch correctly you will start the server 
 (fail2ban-server) instead of the client. According to the manual (I'm no 
 expert on fail2ban, just maintaining the port) the server doesn't know 
 anything of the configuration. The client will read configuration and 
 send appropriate commands to the server. So unless there is a client 
 around the server would do nothing.
 
 Starting the client as "fail2ban-client start" the client will first 
 start the server, wait until the server is running and then proceed 
 configuring the server. If the script hangs and doesn't return the the 
 command prompt either the server did not start and the client still 
 waits (I don't know if there is a timeout) or there is a problem reading 
 configuration.
 
 The command is started by the python interpreter. "ps aux" may show only 
 the name of the interpreter, I had luck with "ps waux | grep fail"
 
 There shall be a unix socket /var/run/fail2ban/fail2ban.socket if the 
 server is running. You may check for that one, too.
 
 Else you may start the client with verbosity set (-v).
 
 
 Best regards
 
 Christoph

From: Kubilay Kocak <koobs.freebsd@gmail.com>
To: bug-followup@FreeBSD.org, theis@gmx.at
Cc: julien@tayon.net
Subject: Re: ports/167530: [patch] security/py-fail2ban will never ever start
 with the given rc.d script
Date: Thu, 24 Oct 2013 11:43:29 +1100

 Hi Christoph,
 
 Can you please clarify what needs to happen to progress or close this
 PR. It is currently in the feedback state for 180 months, but I'm not
 sure it's clear what Julien (submitter) needs to do, if anything.
 
 Some next steps could include:
 
 a) Close -> startup script works as intended
 b) Feedback -> Is this still an issue?
 c) Feedback -> Request an update to the proposed fix
 
 As maintainer the decision is yours as to how to proceed, please let us
 know so we can take care of it for you.
 
 Koobs

From: Kubilay Kocak <koobs.freebsd@gmail.com>
To: bug-followup@FreeBSD.org, theis@gmx.at
Cc: julien@tayon.net
Subject: Re: ports/167530: [patch] security/py-fail2ban will never ever start
 with the given rc.d script
Date: Thu, 24 Oct 2013 11:53:50 +1100

 18 months, apologies :)

From: Christoph Theis <theis@gmx.at>
To: koobs@FreeBSD.org, bug-followup@FreeBSD.org
Cc: julien@tayon.net
Subject: Re: ports/167530: [patch] security/py-fail2ban will never ever start
 with the given rc.d script
Date: Mon, 28 Oct 2013 08:00:17 +0100

 Hi all!
 
 Julien and me continued the discussion off-the-list and found out that 
 it was a mistake in the way fail2ban was installed. A proper 
 installation fixed the issue. So we can close this bug report.
 
 
 Christoph
 
 
State-Changed-From-To: feedback->closed 
State-Changed-By: koobs 
State-Changed-When: Mon Oct 28 07:36:32 UTC 2013 
State-Changed-Why:  
Maintainer reports issue is invalid, and has resolved with submitter 
offline. Thank you for the follow-up Christoph! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=167530 
>Unformatted:
