What about changing the socket path to e.g. /var/run/fail2ban/fail2ban.sock so that regular users cannot create that file (no write permission in that directory)? It's also much cleaner not to clutter /tmp with sockets...
— Wouter -- :wq mail [EMAIL PROTECTED] web http://uwstopia.nl the day that you stop running · is the day that you arrive — morcheeba
signature.asc
Description: Digital signature