On Fri, 2024-05-03 at 16:52 -0500, Richard Shaw wrote:
On Fri, May 3, 2024 at 4:13 PM Patrick O'Callaghan
<pocallaghan(a)gmail.com>
wrote:
> On Fri, 2024-05-03 at 13:08 -0400, Tom Rivers via users wrote:
> > Until the fix is available, I've been able to get it running
> > until
> > the
> > next system reboot by doing the following:
> >
> > # setenforce 0
> > # systemctl start fail2ban
> >
> > ... wait a minute ...
> >
> > # setenforce 1
> >
>
> That seems to work. Looks like a problem with SElinux labelling.
>
More or less, basically from what I can tell with F40 that the link
from
/var/run->/run for compatibility was dropped and the selinux context
in the
fail2ban package needed to be updated (and it was) but my assumption
is
that installation of the new package would take care of it.
# ls -lZ /var/run/fail2ban/fail2ban.sock
srwx------. 1 root root system_u:object_r:var_run_t:s0 0 May 3 22:10
/var/run/fail2ban/fail2ban.sock
Running restorecon on that (and the directory itself) leaves it
unchanged, so presumably it's incorrect in the database.
poc