Hi Ross, Thank you for taking a moment to help me with this NEWS entry.
> The NEWS.Debian for the recent changes refers to > /etc/defaults/fail2ban. I think that's a typo, and > /etc/default/fail2ban is intended. indeed... and 10:31:15 seems to be not that late an night, so I am not sure how that slipped through my fingers ;-) > I think even with that correction, the current description is somewhat > confusing. Agree -- I like your wording better. So, I hate to, but IMHO I should simply replace old entry instead of adding another one. Otherwise it would bring more confusion and/or unnecessary warning for those who already upgraded to post 0.7.1-1. What would you say about few changes I've introduced in your tentative entry. I hope I didn't screw it up too bad fail2ban 0.7 is a complete rewrite of the 0.6 version, and if you customized any of provided configuration or startup files (/etc/default/fail2ban, /etc/fail2ban.conf, /etc/init.d/fail2ban), please read further. The configuration scheme has changed upstream: 0.7 ignores /etc/fail2ban.conf and instead uses a split configuration under /etc/fail2ban/. To retain your customizations, for example to monitor anything other than sshd, you will need to set them under that new directory; use *.local files for customizations. Please see /usr/share/doc/fail2ban/README.Debian.gz and http://fail2ban.sourceforge.net for further description of new configuration scheme. Detailed documentation is under development (see #400416). When you are satisfied with the new settings, please delete /etc/fail2ban.conf to avoid confusion. Fail2ban 0.7 uses client/server architecture and fail2ban-client is to substitute fail2ban command to provide an interface between the user and fail2ban-server. That is why some command line parameters present in fail2ban 0.6 are invalid in fail2ban-client. Such change affects /etc/default/fail2ban; you should review that file if you customized it. Please enable sections as directed in README.Debian.gz mentioned above. You must use newly shipped init.d/fail2ban, or otherwise fail2ban will not start. This note was rewritten to provide less clarifies and replaces the previous NEWS item since version 0.7.5-2. > Here is a possible revised wording: > This note clarifies and replaces the previous NEWS item. fail2ban 0.7 > is a complete rewrite of the 0.6 version. The configuration scheme > has changed [upstream?]: 0.7 ignores /etc/fail2ban.conf and instead > uses a split configuration under /etc/fail2ban/. To retain your > customizations, for example to monitor anything other than sshd, you > will need to set them under that new directory; use *.local files for > customizations. When you are satisfied with the new settings, please > delete /etc/fail2ban.conf to avoid confusion. Also, the changes may > affect /etc/default/fail2ban [how?]; you should review that file if > you customized it. -- .-. =------------------------------ /v\ ----------------------------= Keep in touch // \\ (yoh@|www.)onerussian.com Yaroslav Halchenko /( )\ ICQ#: 60653192 Linux User ^^-^^ [175555]
pgp8Wu38KrghL.pgp
Description: PGP signature
