new file mode 100644

@@ -0,0 +1,6 @@

+# This file is part of the fail2ban-systemd package to configure the use of

+# the systemd journal as the default backend.  You can remove this package

+# (along with the empty fail2ban meta-package) if you do not want to use the

+# journal backend

+[DEFAULT]

+backend=systemd

new file mode 100644

@@ -0,0 +1,25 @@

+From bfe0ca44db431d20ac2d155b6af1d0b9c431d4ac Mon Sep 17 00:00:00 2001

+From: Nitesh Kumar <kunitesh@vmware.com>

+Date: Wed, 15 Feb 2023 14:16:54 +0530

+Subject: [PATCH] Replace 2to3 binary name with 2to3-3.10

+

+---

+ fail2ban-2to3 | 2 +-

+ 1 file changed, 1 insertion(+), 1 deletion(-)

+

+diff --git a/fail2ban-2to3 b/fail2ban-2to3

+index 2015ed5..c8d955d 100755

+--- a/fail2ban-2to3

+@@ -5,7 +5,7 @@

+ 

+ set -eu

+ 

+-if 2to3 -w --no-diffs bin/* fail2ban;then

++if 2to3-3.11 -w --no-diffs bin/* fail2ban;then

+   echo "Success!" >&2

+   exit 0

+ else

+-- 

+2.17.1

+

new file mode 100644

@@ -0,0 +1,26 @@

+From a71a22c075c306d3ff252bf879ede69cc5e25477 Mon Sep 17 00:00:00 2001

+From: Nitesh Kumar <kunitesh@vmware.com>

+Date: Mon, 13 Feb 2023 22:51:58 +0530

+Subject: [PATCH] Set proper config path in include section

+

+---

+ config/jail.conf | 3 ++-

+ 1 file changed, 2 insertions(+), 1 deletion(-)

+

+diff --git a/config/jail.conf b/config/jail.conf

+index fe8db52..ae06348 100644

+--- a/config/jail.conf

+@@ -33,7 +33,8 @@

+ [INCLUDES]

+ 

+ #before = paths-distro.conf

+-before = paths-debian.conf

++#before = paths-debian.conf

++before = paths-common.conf

+ 

+ # The DEFAULT allows a global definition of the options. They can be overridden

+ # in each jail afterwards.

+-- 

+2.17.1

+

new file mode 100644

@@ -0,0 +1,220 @@

+Summary:        Daemon to ban hosts that cause multiple authentication errors

+Name:           fail2ban

+Version:        1.0.2

+Release:        1%{?dist}

+License:        GPLv2+

+Group:          Productivity/Networking/Security

+Vendor:         VMware, Inc.

+Distribution:   Photon

+URL:            http://fail2ban.sourceforge.net

+

+Source0: https://github.com/%{name}/%{name}/archive/refs/tags/%{name}-%{version}.tar.gz

+%define sha512 %{name}=688a84361b5794e1658f53d2d200ce752fe1e3320ddb1742c32c4b4b82a79ace16ae464e7ea3eeb94a0e862bcac73c2d3a0e61dd7b28e179a4c857f950d74dbb

+

+Source1: 00-fail2ban-systemd.conf

+

+Patch0: 0001-Set-proper-config-path-in-include-section.patch

+Patch1: 0001-Replace-2to3-binary-name-with-2to3-3.11.patch

+

+BuildArch: noarch

+

+BuildRequires: python3-devel

+BuildRequires: python3-setuptools

+BuildRequires: python3-tools

+BuildRequires: sqlite-devel

+BuildRequires: systemd-devel

+

+%if 0%{?with_check}

+BuildRequires: python3-systemd

+%endif

+

+Requires: systemd

+Requires: python3-systemd

+Requires: nftables

+Requires: perl

+Requires: whois

+Requires(post): systemd

+Requires(preun): systemd

+Requires(postun): systemd

+

+# Default components

+Requires: %{name} = %{version}-%{release}

+Requires: %{name}-sendmail = %{version}-%{release}

+Requires: %{name}-systemd = %{version}-%{release}

+

+%description

+Fail2Ban scans log files and bans IP addresses that makes too many password

+failures. It updates firewall rules to reject the IP address. These rules can

+be defined by the user. Fail2Ban can read multiple log files such as sshd or

+Apache web server ones.

+

+The main package contains the core server components for Fail2Ban with minimal

+dependencies.  You can install this directly if you want to have a small

+installation and know what you are doing.

+

+%package hostsdeny

+Summary:  Hostsdeny (tcp_wrappers) support for Fail2Ban

+Group:    Productivity/Networking/Security

+Requires: %{name} = %{version}-%{release}

+Requires: ed

+Requires: tcp_wrappers

+

+%description hostsdeny

+This package enables support for manipulating tcp_wrapper's /etc/hosts.deny

+files.

+

+%package devel

+Summary:  Fail2Ban testcases

+Group:    Productivity/Networking/Security

+Requires: %{name} = %{version}-%{release}

+

+%description devel

+This package contains Fail2Ban's testscases and scripts.

+

+%package mail

+Summary:  Mail actions for Fail2Ban

+Group:    Productivity/Networking/Security

+Requires: %{name} = %{version}-%{release}

+Requires: sendmail

+

+%description mail

+This package installs Fail2Ban's mail actions.  These are an alternative

+to the default sendmail actions.

+

+%package sendmail

+Summary:  Sendmail actions for Fail2Ban

+Group:    Productivity/Networking/Security

+Requires: %{name} = %{version}-%{release}

+Requires: sendmail

+

+%description sendmail

+This package installs Fail2Ban's sendmail actions.  This is the default

+mail actions for Fail2Ban.

+

+%package systemd

+Summary:  Systemd journal configuration for Fail2Ban

+Group:    Productivity/Networking/Security

+Requires: %{name} = %{version}-%{release}

+

+%description systemd

+This package configures Fail2Ban to use the systemd journal for its log input

+by default.

+

+%prep

+%autosetup -p1

+

+%build

+bash ./%{name}-2to3

+%{py3_build}

+

+%install

+%{py3_install}

+ln -sfv python3 %{buildroot}%{_bindir}/%{name}-python

+

+mkdir -p %{buildroot}%{_unitdir} \

+         %{buildroot}%{_tmpfilesdir} \

+         %{buildroot}%{_mandir}/man{1,5} \

+         %{buildroot}%{_sysconfdir}/logrotate.d

+

+cp -p build/%{name}.service %{buildroot}%{_unitdir}

+

+install -p -m 644 man/*.1 %{buildroot}%{_mandir}/man1

+install -p -m 644 man/*.5 %{buildroot}%{_mandir}/man5

+install -p -m 644 files/%{name}-logrotate %{buildroot}%{_sysconfdir}/logrotate.d/%{name}

+install -d -m 0755 %{buildroot}/run/%{name}/

+install -d -m 0755 %{buildroot}%{_sharedstatedir}/%{name}/

+install -p -m 0644 files/%{name}-tmpfiles.conf %{buildroot}%{_tmpfilesdir}/%{name}.conf

+

+# Remove non-Linux actions, config files for other distros, installed doc

+rm -rf %{buildroot}%{_sysconfdir}/%{name}/action.d/*ipfw.conf \

+       %{buildroot}%{_sysconfdir}/%{name}/action.d/{ipfilter,pf,ufw}.conf \

+       %{buildroot}%{_sysconfdir}/%{name}/action.d/osx-*.conf \

+       %{buildroot}%{_sysconfdir}/%{name}/paths-{arch,debian,freebsd,opensuse,osx}.conf \

+       %{buildroot}%{_docdir}/%{name}

+

+# systemd journal configuration

+cp -p %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}/jail.d/

+

+%if 0%{?with_check}

+%check

+%{python3} bin/%{name}-testcases --verbosity=2 --no-network

+%endif

+

+%post

+%systemd_post %{name}.service

+

+%preun

+%systemd_preun %{name}.service

+

+%postun

+%systemd_postun_with_restart %{name}.service

+

+%clean

+rm -rf %{buildroot}

+

+%files

+%defattr(-,root,root)

+%{_bindir}/%{name}-client

+%{_bindir}/%{name}-python

+%{_bindir}/%{name}-regex

+%{_bindir}/%{name}-server

+%{python3_sitelib}/*

+%exclude %{python3_sitelib}/%{name}/tests

+%{_unitdir}/%{name}.service

+%{_mandir}/man1/%{name}.1*

+%{_mandir}/man1/%{name}-client.1*

+%{_mandir}/man1/%{name}-python.1*

+%{_mandir}/man1/%{name}-regex.1*

+%{_mandir}/man1/%{name}-server.1*

+%{_mandir}/man5/*.5*

+%config(noreplace) %{_sysconfdir}/%{name}/filter.d/*.conf

+%config(noreplace) %{_sysconfdir}/%{name}/action.d/*.conf

+%config(noreplace) %{_sysconfdir}/%{name}/action.d/smtp.py

+%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf

+%config(noreplace) %{_sysconfdir}/%{name}/filter.d/ignorecommands/apache-fakegooglebot

+%config(noreplace) %{_sysconfdir}/%{name}/jail.conf

+%config(noreplace) %{_sysconfdir}/%{name}/paths-*.conf

+%exclude %{_sysconfdir}/%{name}/filter.d/sendmail-*.conf

+%exclude %{_sysconfdir}/%{name}/action.d/complain.conf

+%exclude %{_sysconfdir}/%{name}/action.d/hostsdeny.conf

+%exclude %{_sysconfdir}/%{name}/action.d/mail.conf

+%exclude %{_sysconfdir}/%{name}/action.d/mail-buffered.conf

+%exclude %{_sysconfdir}/%{name}/action.d/mail-whois.conf

+%exclude %{_sysconfdir}/%{name}/action.d/mail-whois-lines.conf

+%exclude %{_sysconfdir}/%{name}/action.d/sendmail-*.conf

+%exclude %{_sysconfdir}/%{name}/jail.d/*.conf

+%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}

+%{_tmpfilesdir}/%{name}.conf

+%dir %{_sharedstatedir}/%{name}

+%dir /run/%{name}/

+

+%files hostsdeny

+%defattr(-,root,root)

+%config(noreplace) %{_sysconfdir}/%{name}/action.d/hostsdeny.conf

+

+%files devel

+%defattr(-,root,root)

+%{_bindir}/%{name}-testcases

+%{_mandir}/man1/%{name}-testcases.1*

+%{python3_sitelib}/%{name}/tests

+

+%files mail

+%defattr(-,root,root)

+%config(noreplace) %{_sysconfdir}/%{name}/action.d/complain.conf

+%config(noreplace) %{_sysconfdir}/%{name}/action.d/mail.conf

+%config(noreplace) %{_sysconfdir}/%{name}/action.d/mail-buffered.conf

+%config(noreplace) %{_sysconfdir}/%{name}/action.d/mail-whois.conf

+%config(noreplace) %{_sysconfdir}/%{name}/action.d/mail-whois-lines.conf

+

+%files sendmail

+%defattr(-,root,root)

+%config(noreplace) %{_sysconfdir}/%{name}/action.d/sendmail-*.conf

+%config(noreplace) %{_sysconfdir}/%{name}/filter.d/sendmail-*.conf

+

+%files systemd

+%defattr(-,root,root)

+%config(noreplace) %{_sysconfdir}/%{name}/jail.d/00-%{name}-systemd.conf

+

+%changelog

+* Tue Feb 14 2023 Nitesh Kumar <kunitesh@vmware.com> 1.0.2-1

+- Initial version

new file mode 100644

@@ -0,0 +1,56 @@

+%global srcname  python-systemd

+

+Summary:       Python module wrapping libsystemd functionality

+Name:          python3-systemd

+Version:       235

+Release:       1%{?dist}

+License:       LGPLv2+

+URL:           https://github.com/systemd/python-systemd

+Group:         Development/Languages/Python

+Vendor:        VMware, Inc.

+Distribution:  Photon

+

+Source0: https://github.com/systemd/%{srcname}/archive/refs/tags/%{srcname}-%{version}.tar.gz

+%define sha512 %{srcname}=f1286a477200cc7b4d2c44b43452da576e8e660925711466659795775bcee44796688e1ede6cc22e61cb5b03e631c396d22f9a133327ae1147506bce09bab47f

+

+BuildRequires: systemd-devel

+BuildRequires: python3-devel

+BuildRequires: python3-setuptools

+

+%if 0%{?with_check}

+BuildRequires: python3-pytest

+%endif

+

+Requires: systemd-libs

+

+%description

+Python module for native access to the libsystemd facilities. Functionality

+includes sending of structured messages to the journal and reading journal

+files, querying machine and boot identifiers and a lists of message identifiers

+provided by systemd. Other functionality provided the library is also wrapped.

+

+%prep

+%autosetup -p1 -n %{srcname}-%{version}

+

+%build

+%{py3_build}

+

+%install

+%{py3_install}

+

+%if 0%{?with_check}

+%check

+make %{?_smp_mflags} check

+%endif

+

+%clean

+rm -rf %{buildroot}

+

+%files

+%defattr(-,root,root)

+%{python3_sitearch}/systemd/

+%{python3_sitearch}/systemd_python*.egg-info

+

+%changelog

+* Tue Feb 14 2023 Nitesh Kumar <kunitesh@vmware.com> 235-1

+- Initial build

@@ -4,7 +4,7 @@

 Name:           toybox

 Version:        0.8.8

-Release:        2%{?dist}

+Release:        3%{?dist}

 License:        BSD

 Summary:        Common Linux command line utilities in a single executable

 Url:            http://landley.net/toybox

@@ -12,13 +12,13 @@ Group:          Applications/System

 Vendor:         VMware, Inc.

 Distribution:   Photon

-Source0:        http://landley.net/toybox/downloads/%{name}-%{version}.tar.gz

+Source0: http://landley.net/toybox/downloads/%{name}-%{version}.tar.gz

 %define sha512  %{name}=3ffe4de6b17770ad9c43f98f2c69a110f94e5a85da909f8f770bbc9abaff42a524237b4ffaaa8b9800c8d31f0a8b6d3521f03bfdd0d1260fa421ef2525a34290

-Patch0:         %{name}-change-toys-path.patch

+Patch0: %{name}-change-toys-path.patch

-Source1:        config-%{name}

-Source2:        %{name}-toys

+Source1: config-%{name}

+Source2: %{name}-toys

 BuildRequires:  openssl-devel

 BuildRequires:  zlib-devel

@@ -43,7 +43,7 @@ Requires:   %{name} = %{version}-%{release}

 The package contains %{name} doc files.

 %prep

-%autosetup -p1 -n %{name}-%{version}

+%autosetup -p1

 %build

 cp %{SOURCE1} .config

@@ -279,6 +279,11 @@ mktoy %{_bindir}/mix

 %{_mktoy_}

 mktoy %{_bindir}/mkpasswd

+%triggerpostun -- mkpasswd

+[ $2 -eq 0 ] || exit 0

+%{_mktoy_}

+mktoy /usr/bin/mkpasswd

+

 %triggerpostun -- e2fsprogs

 [ $2 -eq 0 ] || exit 0

 %{_mktoy_}

@@ -543,7 +548,7 @@ mktoy %{_bindir}/which

 # elixir

 %ghost %{_bindir}/mix

-# expect

+# expect & mkpasswd

 %ghost %{_bindir}/mkpasswd

 # e2fsprogs

@@ -702,6 +707,8 @@ mktoy %{_bindir}/which

 %doc README LICENSE

 %changelog

+* Fri Feb 17 2023 Shreenidhi Shedi <sshedi@vmware.com> 0.8.8-3

+- Add rules for mkpasswd

 * Fri Jan 27 2023 Shreenidhi Shedi <sshedi@vmware.com> 0.8.8-2

 - Fix triggers

 * Sun Aug 21 2022 Vamsi Krishna Brahmajosyula <vbrahmajosyula@vmware.com> 0.8.8-1

new file mode 100644

@@ -0,0 +1,73 @@

+Summary:      Improved WHOIS client

+Name:         whois

+Version:      5.5.15

+Release:      1%{?dist}

+License:      GPLv2+

+URL:          https://github.com/rfc1036/whois

+Group:        Productivity/Networking/Other

+Vendor:       VMware, Inc.

+Distribution: Photon

+

+Source0: https://ftp.debian.org/debian/pool/main/w/%{name}/%{name}_%{version}.tar.xz

+%define sha512 %{name}=e173927fd3428d27bc8ab34b1a66b82d6a2cfc107245755868bdd33cb7eb1b8159e87774c3a751d9694e65b3d870b9904dc9a3c657dca385950c8a19be1fa61c

+

+BuildRequires:  pkg-config

+BuildRequires:  xz-devel

+BuildRequires:  make

+BuildRequires:  perl

+BuildRequires:  openssl-devel

+

+%description

+Searches for an object in a RFC 3912 database.

+

+This version of the WHOIS client tries to guess the right server to ask for

+the specified object. If no guess can be made it will connect to

+whois.networksolutions.com for NIC handles or whois.arin.net for IPv4

+addresses and network names.

+

+%package nls

+Summary:    Gettext catalogs for whois tools

+BuildArch:  noarch

+

+%description nls

+whois tools messages translated into different natural languages.

+

+%package -n mkpasswd

+Summary:   Encrypt a password with crypt(3) function using a salt

+Requires:  openssl

+Conflicts: expect

+

+%description -n mkpasswd

+mkpasswd tool encrypts a given password with the crypt(3) libc function

+using a given salt.

+

+%prep

+%autosetup -p1 -n %{name}

+

+%build

+%make_build HAVE_LIBIDN2=1 \

+            HAVE_ICONV=1 \

+            HAVE_CRYPT_GENSALT=1

+

+%install

+%make_install %{?_smp_mflags}

+

+%find_lang %{name}

+

+%files

+%defattr(-,root,root)

+%{_bindir}/whois

+%{_mandir}/man1/%{name}.*

+%{_mandir}/man5/%{name}.*

+

+%files nls -f %{name}.lang

+%defattr(-,root,root)

+

+%files -n mkpasswd

+%defattr(-,root,root)

+%{_bindir}/mkpasswd

+%{_mandir}/man1/mkpasswd.*

+

+%changelog

+* Tue Feb 14 2023 Nitesh Kumar <kunitesh@vmware.com> 5.5.15-1

+- Initial version, needed by fail2ban.