From 8007a025391a768d9fa512fd0dcf8a8612191a27 Mon Sep 17 00:00:00 2001
From: Cyril Jaquier <cyril.jaquier@fail2ban.org>
Date: Tue, 15 Dec 2009 22:57:54 +0000
Subject: [PATCH] - Patch to make log file descriptors cloexec to stop leaking
 file descriptors on fork/exec. Thanks to Jonathan Underwood.
 https://bugzilla.redhat.com/show_bug.cgi?id=230191#c24

git-svn-id: https://fail2ban.svn.sourceforge.net/svnroot/fail2ban/branches/FAIL2BAN-0_8@757 a942ae1a-1317-0410-a47c-b1dcaea8d605
---
 server/filter.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/server/filter.py b/server/filter.py
index 66bd5f35..52a99e28 100644
--- a/server/filter.py
+++ b/server/filter.py
@@ -31,7 +31,7 @@ from datedetector import DateDetector
 from mytime import MyTime
 from failregex import FailRegex, Regex, RegexException
 
-import logging, re, os
+import logging, re, os, fcntl
 
 # Gets the instance of the logger.
 logSys = logging.getLogger("fail2ban.filter")
@@ -469,6 +469,9 @@ class FileContainer:
 	
 	def open(self):
 		self.__handler = open(self.__filename)
+		# Set the file descriptor to be FD_CLOEXEC
+		fd = self.__handler.fileno()
+		fcntl.fcntl(fd, fcntl.F_SETFD, fd | fcntl.FD_CLOEXEC)
 		firstLine = self.__handler.readline()
 		# Computes the MD5 of the first line.
 		myHash = md5.new(firstLine).digest()