fail2ban vs. logrotate
Mikkel L. Ellertson
mellertson at gmail.com
Tue Oct 25 13:37:35 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/25/2011 12:23 AM, Andre Speelmans wrote:
>> It sounds like fail2ban still has the old log file open. You need to
>> have logrotate tell fail2ban that the log file has changed.
>
> Change the config file for logrotate so that it does not create a new
> file, but that it uses copy-and-truncate. The exact syntax is easily
> found in the man-page.
>
>> Logrotate already does this will other services when it rotates
>> their log file. I am surprised the .rpm did not include the files
>> for logrotate to automatically sent the proper signal to fail2ban.
>
> /var/log/secure is not a daemon specific file, but a general log-file
> and as such does not have a (daemon-) specific rpm. And a general file
> can't send signals to all kinds of daemons that may, or may not run on
> a system.
I was referring to the fail2ban RPM. This has to be a problem for
just about any installation that uses logrotate.
Mikkel
- --
Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk6mu58ACgkQqbQrVW3JyMQW3QCeJqMJhzTQ6iEsAt8Yo/b5h1Yo
ax4AmwVlI7NSLBXarL243k/YJEwl1fWi
=xXE+
-----END PGP SIGNATURE-----
More information about the users
mailing list