fail2ban vs. logrotate

Mikkel L. Ellertson mellertson at
Tue Oct 25 13:37:35 UTC 2011

Hash: SHA1

On 10/25/2011 12:23 AM, Andre Speelmans wrote:
>> It sounds like fail2ban still has the old log file open. You need to
>> have logrotate tell fail2ban that the log file has changed.
> Change the config file for logrotate so that it does not create a new
> file, but that it uses copy-and-truncate. The exact syntax is easily
> found in the man-page.
>> Logrotate already does this will other services when it rotates
>> their log file. I am surprised the .rpm did not include the files
>> for logrotate to automatically sent the proper signal to fail2ban.
> /var/log/secure is not a daemon specific file, but a general log-file
> and as such does not have a (daemon-) specific rpm. And a general file
> can't send signals to all kinds of daemons that may, or may not run on
> a system.

I was referring to the fail2ban RPM. This has to be a problem for
just about any installation that uses logrotate.

- -- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
Version: GnuPG v1.4.11 (GNU/Linux)


More information about the users mailing list