networking - fail2ban will not start on some installs (x64)

sguazt marco.guazzone at gmail.com
Tue Jul 9 09:21:39 UTC 2013 

On Tue, Jul 9, 2013 at 10:56 AM, Ed Greshko <Ed.Greshko at greshko.com> wrote:

> On 07/09/13 15:48, sguazt wrote:
> >
> >
> >
> > On Tue, Jul 9, 2013 at 8:51 AM, Cristian Sava <csava at central.ucv.ro<mailto:
> csava at central.ucv.ro>> wrote:
> >
> >     On Tue, 2013-07-09 at 09:48 +0300, Cristian Sava wrote:
> >     > On installs where iface reported by "route" command is not the
> same with
> >     > ifcfg-iface (pxpy instead of enpxsy or ethx) fail2ban will not
> start.
> >     > Does not matter if biosdevname=0 or net.ifnames=0 on the kernel
> line.
> >     > Tested this on real hardware and on VirualBox too.
> >     >
> >     > >From /var/log/messages:
> >     > fail2ban-client[2804]: ERROR  Directory /var/run/fail2ban exists
> but not accessible for writing
> >     >
> >     > Fail2ban is ok on any other install.
> >     I forgot to add that is about F19 installs.
> >
> >     C.Sava
> >
> >
> > Hello,
> >
> > Similar problem here on a F19 x86_64.
> >
> > $ systemctl status fail2ban
> >
> > fail2ban.service - Fail2ban Service
> >    Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled)
> >    Active: failed (Result: start-limit) since Tue 2013-07-09 08:59:40
> CEST; 45min ago
> >   Process: 1024 ExecStart=/usr/bin/fail2ban-client -x start
> (code=exited, status=255)
> >
> > Jul 09 08:59:40 wildcat systemd[1]: fail2ban.service: control process
> exited, code=exited status=255
> > Jul 09 08:59:40 wildcat systemd[1]: Failed to start Fail2ban Service.
> > Jul 09 08:59:40 wildcat systemd[1]: Unit fail2ban.service entered failed
> state.
> > Jul 09 08:59:40 wildcat systemd[1]: fail2ban.service holdoff time over,
> scheduling restart.
> > Jul 09 08:59:40 wildcat systemd[1]: Stopping Fail2ban Service...
> > Jul 09 08:59:40 wildcat systemd[1]: Starting Fail2ban Service...
> > Jul 09 08:59:40 wildcat systemd[1]: fail2ban.service start request
> repeated too quickly, refusing to start.
> > Jul 09 08:59:40 wildcat systemd[1]: Failed to start Fail2ban Service.
> > Jul 09 08:59:40 wildcat systemd[1]: Unit fail2ban.service entered failed
> state.
> >
> > $ less /var/log/messages
> > Jul  9 08:59:39 localhost fail2ban-client[1024]: ERROR  Directory
> /var/run/fail2ban exists but not accessible for writing
> > Jul  9 08:59:40 localhost systemd[1]: fail2ban.service: control process
> exited, code=exited status=255
> > Jul  9 08:59:40 localhost systemd[1]: Failed to start Fail2ban Service.
> > Jul  9 08:59:40 localhost systemd[1]: Unit fail2ban.service entered
> failed state.
> > ...
> > Jul  9 08:59:40 localhost systemd[1]: fail2ban.service holdoff time
> over, scheduling restart.
> > Jul  9 08:59:40 localhost systemd[1]: Stopping Fail2ban Service...
> > Jul  9 08:59:40 localhost systemd[1]: Starting Fail2ban Service...
> > Jul  9 08:59:40 localhost systemd[1]: fail2ban.service start request
> repeated too quickly, refusing to start.
> > Jul  9 08:59:40 localhost systemd[1]: Failed to start Fail2ban Service.
> > Jul  9 08:59:40 localhost systemd[1]: Unit fail2ban.service entered
> failed state.
> >
>
> Have you checked /var/log/audit/audit.log for AVC (selinux) entries?
>
>

Yes.

No AVC entry.
The only entries I found are:
type=SERVICE_START msg=audit(1373353179.495:389): pid=1 uid=0
auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='
comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=?
res=failed'
type=SERVICE_START msg=audit(1373353179.595:390): pid=1 uid=0
auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='
comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=?
res=success'
type=SERVICE_STOP msg=audit(1373353179.595:391): pid=1 uid=0
auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='
comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=?
res=success'
type=SERVICE_START msg=audit(1373353180.002:393): pid=1 uid=0
auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='
comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=?
res=failed'
type=SERVICE_START msg=audit(1373353180.102:406): pid=1 uid=0
auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='
comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=?
res=success'
type=SERVICE_STOP msg=audit(1373353180.102:407): pid=1 uid=0
auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='
comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=?
res=success'

-- Marco
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20130709/ee13d007/attachment.html>

More information about the users mailing list