fail2ban/asyncserver.start_selinux.patch

From 20c717c25c5d180b720bec6902475f07b02f8b87 Mon Sep 17 00:00:00 2001
From: Jonathan G. Underwood <jonathan.underwood@gmail.com>
Date: Sun, 3 Jan 2010 02:16:09 +0000
Subject: [PATCH] Set socket file descriptor in AsyncServer.start to be CLOEXEC

https://bugzilla.redhat.com/show_bug.cgi?id=522767
---
 server/asyncserver.py |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/server/asyncserver.py b/server/asyncserver.py
index 35cebf1..96b62d0 100644
--- a/server/asyncserver.py
+++ b/server/asyncserver.py
@@ -26,7 +26,7 @@ __license__ = "GPL"
 
 from pickle import dumps, loads, HIGHEST_PROTOCOL
 from common import helpers
-import asyncore, asynchat, socket, os, logging, sys, traceback
+import asyncore, asynchat, socket, os, logging, sys, traceback, fcntl
 
 # Gets the instance of the logger.
 logSys = logging.getLogger("fail2ban.server")
@@ -126,6 +126,8 @@ class AsyncServer(asyncore.dispatcher):
 				raise AsyncServerException("Server already running")
 		# Creates the socket.
 		self.create_socket(socket.AF_UNIX, socket.SOCK_STREAM)
+		fd = self.fileno()
+		fcntl.fcntl(fd, fcntl.F_SETFD, fd | fcntl.FD_CLOEXEC)
 		self.set_reuse_addr()
 		try:
 			self.bind(sock)
-- 
1.6.5.2