ports/164702: rc.d script for sshguard

[Jo Rhett]

>Number:         164702
>Category:       ports
>Synopsis:       rc.d script for sshguard
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Feb 02 05:20:07 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Jo Rhett
>Release:        8.2
>Organization:
Net Consonance
>Environment:
FreeBSD triceratops.netconsonance.com 8.2-RELEASE-p3 FreeBSD 8.2-RELEASE-p3 #0: Tue Sep 27 18:07:27 UTC 2011     root at i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  i386
>Description:
SSHguard installs a line to have syslog write to SSHguard, which isn't always the best way to do it and doesn't provide any ability to change options in how it runs.  The "fix" is an rc.d script which provides access to allow of SSHguard's features using freebsd standard controls.


>How-To-Repeat:

>Fix:
#!/bin/sh
# PROVIDE: sshguard
# REQUIRE: DAEMON syslogd
# BEFORE: LOGIN
# KEYWORD: shutdown
#
# Add the following line to /etc/rc.conf to enable SSHguard:
#  sshguard_enable="YES"
#
# Optional lines to change the configuration
#  sshguard_flags="-a 40 -p 420 -s 1200"
#  sshguard_logfile="/var/log/auth.log"
#  sshguard_whitelist="-w /usr/local/etc/sshguard.whitelist"

. /etc/rc.subr

# Set some defaults
sshguard_enable=${sshguard_enable:-"NO"}
sshguard_flags=${sshguard_flags:-"-a 40 -p 420 -s 1200"}
sshguard_logfile=${sshguard_logfile:-"/var/log/auth.log"}

name=sshguard
rcvar=`set_rcvar`
load_rc_config $name
command=/usr/local/sbin/sshguard
pidfile=/var/run/sshguard.pid
command_args="-i ${pidfile} -l ${sshguard_logfile} ${sshguard_whitelist} &"

run_rc_command "$1"

>Release-Note:
>Audit-Trail:
>Unformatted: