[users] fail2ban upgrade challenge

Nils Breunese (Lemonbit) nils at lemonbit.nl
Wed Apr 23 17:05:57 CEST 2008


Nils Breunese (Lemonbit) wrote:

> John Thomas wrote:
>
>> John Thomas wrote:
>>> I don't know much.  I noticed the fail2ban.conf file has moved  
>>> socket= /tmp/fail2ban.sock to /var/run/fail2ban/fail2ban.sock and / 
>>> var/run/fail2ban/ does not exist.  I tried creating /var/run/ 
>>> fail2ban/, but that did not help.  I am guessing a permission  
>>> issue, but don't know where to start.
>>
>> I did a bit more digging and made some headway, I think the  
>> following works.
>>
>> 1. service fail2ban stop
>> 2. yum update
>> 3. mkdir /var/run/fail2ban
>> 4. service fail2ban start
>>
>> Also, I think there now an error in:
>> /etc/rc.d/init.d/fail2ban
>> the line:
>> rm -rf /tmp/fail2ban.sock # in case of unclean shutdown
>> should be:
>> rm -rf /var/run/fail2ban/fail2ban.sock # in case of unclean shutdown
>
> After upgrading to 0.8.2-2 I needed to manually kill the running  
> fail2ban daemon (using the old socket in /tmp), because service  
> failb2ban stop wouldn't stop it. After killing it I could start and  
> stop it normally (using the new socket in /var/run/fail2ban).

Another problem after the upgrade from 0.6 to fail2ban-0.8.2-2: sshd  
logs to /var/log/secure on CentOS, but fail2ban's packaged jail.conf  
has 'logpath = /var/log/sshd.log'. /var/log/sshd.log does not exist on  
my system and fail2ban is not blocking any login attempts. Could you  
please fix this? I manually changed the logpaths myself. fail2ban-0.6  
did monitor the correct log files.

Nils Breunese.



More information about the users mailing list