fail2ban vs. logrotate

Andre Speelmans fedora-list at
Tue Oct 25 05:23:04 UTC 2011

> It sounds like fail2ban still has the old log file open. You need to
> have logrotate tell fail2ban that the log file has changed.

Change the config file for logrotate so that it does not create a new
file, but that it uses copy-and-truncate. The exact syntax is easily
found in the man-page.

> Logrotate already does this will other services when it rotates
> their log file. I am surprised the .rpm did not include the files
> for logrotate to automatically sent the proper signal to fail2ban.

/var/log/secure is not a daemon specific file, but a general log-file
and as such does not have a (daemon-) specific rpm. And a general file
can't send signals to all kinds of daemons that may, or may not run on
a system.

More information about the users mailing list