diff --git a/client/fail2banreader.py b/client/fail2banreader.py index ee097bd6..6954b3bf 100644 --- a/client/fail2banreader.py +++ b/client/fail2banreader.py @@ -42,7 +42,8 @@ class Fail2banReader(ConfigReader): ConfigReader.read(self, "fail2ban") def getEarlyOptions(self): - opts = [["string", "socket", "/tmp/fail2ban.sock"]] + opts = [["string", "socket", "/tmp/fail2ban.sock"], + ["string", "pidfile", "/var/run/fail2ban/fail2ban.pid"]] return ConfigReader.getOptions(self, "Definition", opts) def getOptions(self): diff --git a/config/fail2ban.conf b/config/fail2ban.conf index f2f1b215..e759513b 100644 --- a/config/fail2ban.conf +++ b/config/fail2ban.conf @@ -40,3 +40,10 @@ logtarget = /var/log/fail2ban.log # socket = /var/run/fail2ban/fail2ban.sock +# Option: pidfile +# Notes.: Set the PID file. This is used to store the process ID of the +# fail2ban server. +# Values: FILE Default: /var/run/fail2ban/fail2ban.sock +# +pidfile = /var/run/fail2ban/fail2ban.pid + diff --git a/fail2ban-client b/fail2ban-client index 13d018e6..595144ef 100755 --- a/fail2ban-client +++ b/fail2ban-client @@ -62,6 +62,7 @@ class Fail2banClient: self.__conf["verbose"] = 1 self.__conf["interactive"] = False self.__conf["socket"] = None + self.__conf["pidfile"] = None def dispVersion(self): print "Fail2Ban v" + version @@ -84,6 +85,7 @@ class Fail2banClient: print "Options:" print " -c configuration directory" print " -s socket path" + print " -p pidfile path" print " -d dump configuration. For debugging" print " -i interactive mode" print " -v increase verbosity" @@ -119,6 +121,8 @@ class Fail2banClient: self.__conf["conf"] = opt[1] elif opt[0] == "-s": self.__conf["socket"] = opt[1] + elif opt[0] == "-p": + self.__conf["pidfile"] = opt[1] elif opt[0] == "-d": self.__conf["dump"] = True elif opt[0] == "-v": @@ -183,6 +187,7 @@ class Fail2banClient: return False # Start the server self.__startServerAsync(self.__conf["socket"], + self.__conf["pidfile"], self.__conf["force"]) try: # Wait for the server to start @@ -231,7 +236,7 @@ class Fail2banClient: # # Start the Fail2ban server in daemon mode. - def __startServerAsync(self, socket, force = False): + def __startServerAsync(self, socket, pidfile, force = False): # Forks the current process. pid = os.fork() if pid == 0: @@ -242,6 +247,9 @@ class Fail2banClient: # Set the socket path. args.append("-s") args.append(socket) + # Set the pidfile + args.append("-p") + args.append(pidfile) # Force the execution if needed. if force: args.append("-x") @@ -297,7 +305,7 @@ class Fail2banClient: # Reads the command line options. try: - cmdOpts = 'hc:s:xdviqV' + cmdOpts = 'hc:s:p:xdviqV' cmdLongOpts = ['help', 'version'] optList, args = getopt.getopt(self.__argv[1:], cmdOpts, cmdLongOpts) except getopt.GetoptError: @@ -328,9 +336,11 @@ class Fail2banClient: # Set socket path self.__configurator.readEarly() - socket = self.__configurator.getEarlyOptions() + conf = self.__configurator.getEarlyOptions() if self.__conf["socket"] == None: - self.__conf["socket"] = socket["socket"] + self.__conf["socket"] = conf["socket"] + if self.__conf["pidfile"] == None: + self.__conf["pidfile"] = conf["pidfile"] logSys.info("Using socket file " + self.__conf["socket"]) if self.__conf["dump"]: diff --git a/fail2ban-server b/fail2ban-server index 0f3410c9..81db58bd 100755 --- a/fail2ban-server +++ b/fail2ban-server @@ -54,6 +54,7 @@ class Fail2banServer: self.__conf["background"] = True self.__conf["force"] = False self.__conf["socket"] = "/var/run/fail2ban/fail2ban.sock" + self.__conf["pidfile"] = "/var/run/fail2ban/fail2ban.pid" def dispVersion(self): print "Fail2Ban v" + version @@ -81,6 +82,7 @@ class Fail2banServer: print " -b start in background" print " -f start in foreground" print " -s socket path" + print " -p pidfile path" print " -x force execution of the server (remove socket file)" print " -h, --help display this help message" print " -V, --version print the version" @@ -97,6 +99,8 @@ class Fail2banServer: self.__conf["background"] = False if opt[0] == "-s": self.__conf["socket"] = opt[1] + if opt[0] == "-p": + self.__conf["pidfile"] = opt[1] if opt[0] == "-x": self.__conf["force"] = True if opt[0] in ["-h", "--help"]: @@ -112,7 +116,7 @@ class Fail2banServer: # Reads the command line options. try: - cmdOpts = 'bfs:xhV' + cmdOpts = 'bfs:p:xhV' cmdLongOpts = ['help', 'version'] optList, args = getopt.getopt(self.__argv[1:], cmdOpts, cmdLongOpts) except getopt.GetoptError: @@ -123,7 +127,9 @@ class Fail2banServer: try: self.__server = Server(self.__conf["background"]) - self.__server.start(self.__conf["socket"], self.__conf["force"]) + self.__server.start(self.__conf["socket"], + self.__conf["pidfile"], + self.__conf["force"]) return True except Exception, e: logSys.exception(e) diff --git a/server/server.py b/server/server.py index d9532be2..3889c491 100644 --- a/server/server.py +++ b/server/server.py @@ -40,8 +40,6 @@ logSys = logging.getLogger("fail2ban.server") class Server: - PID_FILE = "/var/run/fail2ban/fail2ban.pid" - def __init__(self, daemon = False): self.__loggingLock = Lock() self.__lock = RLock() @@ -59,7 +57,7 @@ class Server: logSys.debug("Caught signal %d. Exiting" % signum) self.quit() - def start(self, sock, force = False): + def start(self, sock, pidfile, force = False): logSys.info("Starting Fail2ban v" + version.version) # Install signal handlers @@ -79,8 +77,8 @@ class Server: # Creates a PID file. try: - logSys.debug("Creating PID file %s" % Server.PID_FILE) - pidFile = open(Server.PID_FILE, 'w') + logSys.debug("Creating PID file %s" % pidfile) + pidFile = open(pidfile, 'w') pidFile.write("%s\n" % os.getpid()) pidFile.close() except IOError, e: @@ -94,8 +92,8 @@ class Server: logSys.error("Could not start server: %s", e) # Removes the PID file. try: - logSys.debug("Remove PID file %s" % Server.PID_FILE) - os.remove(Server.PID_FILE) + logSys.debug("Remove PID file %s" % pidfile) + os.remove(pidfile) except OSError, e: logSys.error("Unable to remove PID file: %s" % e) logSys.info("Exiting Fail2ban")