From 14018c2de1a1b4244fda239ee318f0b5d81dea57 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Wed, 11 Dec 2013 21:14:17 +0100
Subject: [PATCH] fail2ban: Fix preStart action

Creating /run/fail2ban didn't work since it didn't have write
permission to /run.  Now it does.

Reported by Thomas Bereknyei.
---
 nixos/modules/services/security/fail2ban.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nixos/modules/services/security/fail2ban.nix b/nixos/modules/services/security/fail2ban.nix
index 395a5df8af0..ae1fd22d23e 100644
--- a/nixos/modules/services/security/fail2ban.nix
+++ b/nixos/modules/services/security/fail2ban.nix
@@ -106,7 +106,7 @@ in
         serviceConfig =
           { ExecStart = "${pkgs.fail2ban}/bin/fail2ban-server -f";
             ReadOnlyDirectories = "/";
-            ReadWriteDirectories = "/run/fail2ban /var/tmp";
+            ReadWriteDirectories = "/run /var/tmp";
             CapabilityBoundingSet = "CAP_DAC_READ_SEARCH CAP_NET_ADMIN CAP_NET_RAW";
           };