Fail2Ban

Email Archive: fail2ban-commit (read-only)

2006:	_Jan	_Feb	_Mar	_Apr	_May	_Jun	_Jul (1)	_Aug (1)	_Sep	_Oct	_Nov	_Dec (24)
2007:	_Jan (31)	_Feb (17)	_Mar (14)	_Apr (5)	_May (14)	_Jun (8)	_Jul (9)	_Aug (14)	_Sep (4)	_Oct (5)	_Nov (3)	_Dec (14)
2008:	_Jan (6)	_Feb (5)	_Mar (29)	_Apr (6)	_May (12)	_Jun	_Jul (5)	_Aug (7)	_Sep	_Oct (5)	_Nov	_Dec
2009:	_Jan (7)	_Feb (8)	_Mar	_Apr	_May	_Jun	_Jul	_Aug (17)	_Sep (6)	_Oct	_Nov	_Dec (2)
2010:	_Jan	_Feb	_Mar (1)	_Apr	_May (1)	_Jun (3)	_Jul	_Aug	_Sep (4)	_Oct	_Nov	_Dec
2011:	_Jan	_Feb	_Mar (10)	_Apr	_May (1)	_Jun (2)	_Jul (3)	_Aug (9)	_Sep (1)	_Oct	_Nov	_Dec

[Fail2ban-commit] SF.net SVN: fail2ban:[784] branches/FAIL2BAN-0_8/server/action.py

From: <yarikoptic@us...> - 2011-09-24 02:28

Revision: 784
          http://fail2ban.svn.sourceforge.net/fail2ban/?rev=784&view=rev
Author:   yarikoptic
Date:     2011-09-24 02:28:45 +0000 (Sat, 24 Sep 2011)
Log Message:
-----------
BF: Lock server's executeCmd to prevent racing among iptables calls (Closes: #554162)

Many kudos go to Michael Saavedra for the solution and the patch.

Modified Paths:
--------------
    branches/FAIL2BAN-0_8/server/action.py

Modified: branches/FAIL2BAN-0_8/server/action.py
===================================================================
--- branches/FAIL2BAN-0_8/server/action.py	2011-08-07 02:41:08 UTC (rev 783)
+++ branches/FAIL2BAN-0_8/server/action.py	2011-09-24 02:28:45 UTC (rev 784)
@@ -25,11 +25,15 @@
 __license__ = "GPL"
 
 import logging, os
+import threading
 #from subprocess import call
 
 # Gets the instance of the logger.
 logSys = logging.getLogger("fail2ban.actions.action")
 
+# Create a lock for running system commands
+_cmd_lock = threading.Lock()
+
 ##
 # Execute commands.
 #
@@ -301,17 +305,21 @@
 	#@staticmethod
 	def executeCmd(realCmd):
 		logSys.debug(realCmd)
-		try:
-			# The following line gives deadlock with multiple jails
-			#retcode = call(realCmd, shell=True)
-			retcode = os.system(realCmd)
-			if retcode == 0:
-				logSys.debug("%s returned successfully" % realCmd)
-				return True
-			else:
-				logSys.error("%s returned %x" % (realCmd, retcode))
-		except OSError, e:
-			logSys.error("%s failed with %s" % (realCmd, e))
+		_cmd_lock.acquire()
+		try: # Try wrapped within another try needed for python version < 2.5
+			try:
+				# The following line gives deadlock with multiple jails
+				#retcode = call(realCmd, shell=True)
+				retcode = os.system(realCmd)
+				if retcode == 0:
+					logSys.debug("%s returned successfully" % realCmd)
+					return True
+				else:
+					logSys.error("%s returned %x" % (realCmd, retcode))
+			except OSError, e:
+				logSys.error("%s failed with %s" % (realCmd, e))
+		finally:
+			_cmd_lock.release()
 		return False
 	executeCmd = staticmethod(executeCmd)
 	

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.