Mercurial > syslog2iptables

diff src/syslogconfig.cpp @ 31:601bc0e075e1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
gpl3
author carl
date Sun, 09 Sep 2007 10:59:15 -0700
parents 6465d8640489
children d2ceebcf6595
line wrap: on
line diff
--- a/src/syslogconfig.cpp	Sun Feb 12 11:34:37 2006 -0800
+++ b/src/syslogconfig.cpp	Sun Sep 09 10:59:15 2007 -0700
@@ -351,6 +351,12 @@
 			snprintf(buf, sizeof(buf), "syslog file %s cannot stat after open", file_name);
 			tokp->token_error(buf);
 		}
+		// specify that this fd gets closed on exec, so that selinux
+		// won't complain about iptables trying to read log files.
+		int oldflags = fcntl(fd, F_GETFD, 0);
+		if (oldflags >= 0) {
+			fcntl(fd, F_SETFD, oldflags | FD_CLOEXEC);
+		}
 	}
 }