You are not logged in.

Pages: 1

#1 2014-10-27 18:36:31

tornadof3
Member
Registered: 2014-10-09
Posts: 14

fail2ban won't start

Hello

I've installed fail2ban, but it will not start:

[user@blacktower mail]$ sudo systemctl -l status fail2ban.service
● fail2ban.service - Fail2ban Service
   Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled)
  Drop-In: /etc/systemd/system/fail2ban.service.d
           └─capabilities.conf
   Active: failed (Result: start-limit) since Mon 2014-10-27 18:34:00 GMT; 20s ago
  Process: 11858 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=226/NAMESPACE)

Oct 27 18:34:00 blacktower systemd[1]: Failed to start Fail2ban Service.
Oct 27 18:34:00 blacktower systemd[1]: Unit fail2ban.service entered failed state.
Oct 27 18:34:00 blacktower systemd[1]: fail2ban.service holdoff time over, scheduling restart.
Oct 27 18:34:00 blacktower systemd[1]: Stopping Fail2ban Service...
Oct 27 18:34:00 blacktower systemd[1]: Starting Fail2ban Service...
Oct 27 18:34:00 blacktower systemd[1]: fail2ban.service start request repeated too quickly, refusing to start.
Oct 27 18:34:00 blacktower systemd[1]: Failed to start Fail2ban Service.
Oct 27 18:34:00 blacktower systemd[1]: Unit fail2ban.service entered failed state.

I understand the 226/NAMESPACE error might be something to do with /var/tmp. I don't think it is symlinking... I've tried doing an rm -rf /var/tmp/ but get a "device or resource is busy", but can't see what is occupying it. Any ideas?

Thanks

Offline

#2 2014-10-27 19:18:50

Spider.007
Member
Registered: 2004-06-20
Posts: 1,175

Re: fail2ban won't start

What did you put in /etc/systemd/system/fail2ban.service.d/capabilities.conf?

Offline

#3 2014-10-27 19:47:16

tornadof3
Member
Registered: 2014-10-09
Posts: 14

Re: fail2ban won't start

Thanks for your reply. Here's the capabilities.conf file:

[user@blacktower fail2ban.service.d]$ cat capabilities.conf 
[Service]
CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_NET_ADMIN CAP_NET_RAW
ReadOnlyDirectories=/
ReadWriteDirectories=/var/run/fail2ban /var/lib/fail2ban /var/spool/postfix/maildrop /tmp

Offline

#4 2014-10-27 19:50:19

tornadof3
Member
Registered: 2014-10-09
Posts: 14

Re: fail2ban won't start

I just realised from this file that /var/log was not in the write list, but fail2ban's log files appear to be there.... so I updated that list and tried a restart of fail2ban but still get the same error.

capabilities.conf now reads:

[user@blacktower fail2ban.service.d]$ cat capabilities.conf 
[Service]
CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_NET_ADMIN CAP_NET_RAW
ReadOnlyDirectories=/
ReadWriteDirectories=/var/run/fail2ban /var/lib/fail2ban /var/spool/postfix/maildrop /tmp /var/log

Last edited by tornadof3 (2014-10-27 19:51:57)

Offline

#5 2014-10-27 21:40:37

tornadof3
Member
Registered: 2014-10-09
Posts: 14

Re: fail2ban won't start

I don't know what the problem was, but I think it might have been config files in /etc/fail2ban. I tried commenting out some lines in the [sshd] section which appeared to be duplicates, and now it seems to start ok.

Thanks for looking.

Offline

Pages: 1

Board footer

Powered by FluxBB