On Sat, Dec 09, 2006 at 02:46:48PM -0500, Yaroslav Halchenko wrote: > Hi Ross, > > Thank you for taking a moment to help me with this NEWS entry. > > > The NEWS.Debian for the recent changes refers to > > /etc/defaults/fail2ban. I think that's a typo, and > > /etc/default/fail2ban is intended. > indeed... and 10:31:15 seems to be not that late an night, so I am not > sure how that slipped through my fingers ;-) > > > I think even with that correction, the current description is somewhat > > confusing. > Agree -- I like your wording better. So, I hate to, but IMHO I should > simply replace old entry instead of adding another one. Otherwise it > would bring more confusion and/or unnecessary warning for those who > already upgraded to post 0.7.1-1. What would you say about few > changes I've introduced in your tentative entry. I hope I didn't screw > it up too bad
Sounds good, except for the last sentence (see below). I have a feeling policy may frown on rewriting NEWS or changelogs after the fact, but this certainly seems like a good case in which to do so. The only possible drawback I can see is that people who upgraded and got the old NEWS will not get the new NEWS (if they use apt-listchanges). On the other hand, it will be much less confusing for people who are still at .6 to see only a single NEWS entry. > > > fail2ban 0.7 is a complete rewrite of the 0.6 version, and if you > customized any of provided configuration or startup files > (/etc/default/fail2ban, /etc/fail2ban.conf, /etc/init.d/fail2ban), > please read further. The configuration scheme has changed upstream: > 0.7 ignores /etc/fail2ban.conf and instead uses a split configuration > under /etc/fail2ban/. To retain your customizations, for example to > monitor anything other than sshd, you will need to set them under that > new directory; use *.local files for customizations. Please see > /usr/share/doc/fail2ban/README.Debian.gz and > http://fail2ban.sourceforge.net for further description of new > configuration scheme. Detailed documentation is under development (see > #400416). When you are satisfied with the new settings, please delete > /etc/fail2ban.conf to avoid confusion. Fail2ban 0.7 uses > client/server architecture and fail2ban-client is to substitute > fail2ban command to provide an interface between the user and > fail2ban-server. That is why some command line parameters present in > fail2ban 0.6 are invalid in fail2ban-client. Such change affects > /etc/default/fail2ban; you should review that file if you customized > it. Please enable sections as directed in README.Debian.gz mentioned > above. You must use newly shipped init.d/fail2ban, or otherwise fail2ban > will not start. That helps me understand what changes to look for in those files. > > This note was rewritten to provide less clarifies and replaces the > previous NEWS item since version 0.7.5-2. > That sentence doesn't parse in English. Here's what I think you mean: "This note was rewritten in release 0.7.5-2 to clarify its meaning." > > > Here is a possible revised wording: > > > This note clarifies and replaces the previous NEWS item. fail2ban 0.7 > > is a complete rewrite of the 0.6 version. The configuration scheme > > has changed [upstream?]: 0.7 ignores /etc/fail2ban.conf and instead > > uses a split configuration under /etc/fail2ban/. To retain your > > customizations, for example to monitor anything other than sshd, you > > will need to set them under that new directory; use *.local files for > > customizations. When you are satisfied with the new settings, please > > delete /etc/fail2ban.conf to avoid confusion. Also, the changes may > > affect /etc/default/fail2ban [how?]; you should review that file if > > you customized it. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
