#15 Add pyinotify support

open
nobody
None
5
2010-01-02
2010-01-02
No

This patch adds pyinotify support to Fail2ban. It's a patch against
the FAIL2BAN-0_8 branch.

In particular this patch uses inotify support in preference to gamin
support when the jail type is set to auto. This patch is in large part
motivated by the large number of SElinux problems that using gamin
gives. In short, gamin was never designed to be used in the way that
fail2ban tries to use it - it was designed to have a single server per
UID, and targets the desktop user needs, rather than the system needs.
The gory details can be found discussed here:
https://bugzilla.redhat.com/show_bug.cgi?id=437633

Presently this patch favours inotify use over gamin. Longer term,
gamin should probably be removed from fail2ban.

Discussion

  • Add pyinotify support

     
    Attachments