fail2ban vs. logrotate

Tom Rivers tom at
Tue Oct 25 20:25:59 UTC 2011

On 10/25/2011 4:12 PM, Mike Wohlgemuth wrote:
> On 10/25/2011 11:12 AM, Mikkel L. Ellertson wrote:
>> It looks like you would have to modify the syslog logrotate script
>> and add a second command in the postrotate section after it restarts
>> syslogd. Does fail2ban accept a SIGHUP to close and reopen the log file?
> That was my first thought, but I don't see any way to get fail2ban to
> reopen the log file without also forgetting the current ban list.

For what it's worth, I have been using fail2ban and logrotate together 
in a vanilla configuration for some time now and have never experienced 
this problem.  Right now it is running without incident on RHEL 5.7 and 
F14.  Are you sure you didn't tweak something, either on purpose or by 
accident, when you configured things?  If you haven't, then perhaps 
something has changed and that is why it no longer works as expected.


More information about the users mailing list