Bug 905097

Summary: fail2ban logs unicode BOM at beginning of syslog messages containing host names
Product: [Fedora] Fedora Reporter: Jonathan Kamens <h1k6zn2m>
Component: fail2banAssignee: Orion Poplawski <orion>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 18CC: Axel.Thimm, jonathan.underwood, orion
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-03-14 23:59:18 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jonathan Kamens 2013-01-28 15:16:11 UTC 
In Fedora 18, I've started seeing log messages that look like this in /var/log/messages:

/var/log/messages-20130106.gz:Jan  5 08:27:01 jik2 \357\273\277fail2ban.filter : WARNING Determined IP using DNS Reverse Lookup: mail.epackage.com.tw = ['220.130.160.43']

I've written out "\357\273\277" for illustrative purposes, but in syslog it's the actual eight-bit characters shown by those octal escape codes.

I think the actual problem is lower in the stack than fail2ban, but I suspect it's going to be very expensive and time-consuming to fix it lower down, and it's trivially easy to fix the problem within fail2ban:

--- /usr/share/fail2ban/server/failregex.py	2013/01/25 16:09:03	1.1
+++ /usr/share/fail2ban/server/failregex.py	2013/01/25 16:09:20
@@ -130,4 +130,4 @@
 			s = self._matchCache.string
 			r = self._matchCache.re
 			raise RegexException("No 'host' found in '%s' using '%s'" % (s, r))
-		return host
+		return str(host)
Comment 1 Jonathan Kamens 2013-03-13 19:49:26 UTC 
The fix for this that's in updates-testing right now works for me, and I just gave it positive karma. I'm confused, though, about why a comment wasn't added automatically here indicating that there was a fix in updates-testing.

Also, judging from the changelog, the person who built the update that's in testing is not the person to whom this bug is assigned. Shouldn't the bug be updated to reflect who did the fix?
Comment 2 Fedora Update System 2013-03-13 19:55:37 UTC 
fail2ban-0.8.8-3.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/FEDORA-2013-2525/fail2ban-0.8.8-3.fc18
Comment 3 Orion Poplawski 2013-03-13 19:56:52 UTC 
Forgot to link the bug.
Comment 4 Fedora Update System 2013-03-14 23:59:20 UTC 
fail2ban-0.8.8-3.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.