diff --git a/fail2ban-0.8.2-fd_cloexec.patch b/fail2ban-0.8.2-fd_cloexec.patch new file mode 100644 index 0000000..5c89f7f --- /dev/null +++ b/fail2ban-0.8.2-fd_cloexec.patch @@ -0,0 +1,22 @@ +--- fail2ban-0.8.2/server/filter.py.orig 2008-03-27 16:26:59.000000000 +0000 ++++ fail2ban-0.8.2/server/filter.py 2008-03-27 15:29:48.000000000 +0000 +@@ -428,6 +428,7 @@ + # is computed and compared to the previous hash of this line. + + import md5 ++import fcntl + + class FileContainer: + +@@ -455,6 +456,11 @@ + + def open(self): + self.__handler = open(self.__filename) ++ ++ # Set the file descriptor to be FD_CLOEXEC ++ fd = self.__handler.fileno() ++ fcntl.fcntl (self.__handler.fileno(), fcntl.F_SETFD, fd | fcntl.FD_CLOEXEC) ++ + firstLine = self.__handler.readline() + # Computes the MD5 of the first line. + myHash = md5.new(firstLine).digest() diff --git a/fail2ban.spec b/fail2ban.spec index 2baf359..416b86f 100644 --- a/fail2ban.spec +++ b/fail2ban.spec @@ -4,7 +4,7 @@ Summary: Ban IPs that make too many password failures Name: fail2ban Version: 0.8.2 -Release: 13%{?dist} +Release: 14%{?dist} License: GPL Group: System Environment/Daemons URL: http://fail2ban.sourceforge.net/ @@ -13,6 +13,7 @@ Source1: fail2ban-logrotate Patch0: fail2ban-0.8.1-init.patch Patch1: fail2ban-0.8.1-sshd.patch #Patch2: fail2ban-0.8.1-sock.patch +Patch3: fail2ban-0.8.2-fd_cloexec.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root BuildRequires: python-devel >= 2.3 BuildArch: noarch @@ -31,6 +32,7 @@ failures. It updates firewall rules to reject the IP address. %patch0 -p1 -b .init %patch1 -p1 -b .sshd #patch2 -p1 -b .sock +%patch3 -p1 -b .fd_cloexec %build python setup.py build @@ -80,6 +82,9 @@ fi %dir %{_localstatedir}/run/fail2ban %changelog +* Thu Mar 27 2008 Axel Thimm - 0.8.2-14 +- Close on exec fixes by Jonathan Underwood. + * Sun Mar 16 2008 Axel Thimm - 0.8.2-13 - Add %%{_localstatedir}/run/fail2ban (David Rees).