On Tue, Jul 9, 2013 at 10:56 AM, Ed Greshko <Ed.Greshko@xxxxxxxxxxx> wrote:
On 07/09/13 15:48, sguazt wrote:
Have you checked /var/log/audit/audit.log for AVC (selinux) entries?>
>
>
> On Tue, Jul 9, 2013 at 8:51 AM, Cristian Sava <csava@xxxxxxxxxxxxxx <mailto:csava@xxxxxxxxxxxxxx>> wrote:
>
> On Tue, 2013-07-09 at 09:48 +0300, Cristian Sava wrote:
> > On installs where iface reported by "route" command is not the same with
> > ifcfg-iface (pxpy instead of enpxsy or ethx) fail2ban will not start.
> > Does not matter if biosdevname=0 or net.ifnames=0 on the kernel line.
> > Tested this on real hardware and on VirualBox too.
> >
> > >From /var/log/messages:
> > fail2ban-client[2804]: ERROR Directory /var/run/fail2ban exists but not accessible for writing
> >
> > Fail2ban is ok on any other install.
> I forgot to add that is about F19 installs.
>
> C.Sava
>
>
> Hello,
>
> Similar problem here on a F19 x86_64.
>
> $ systemctl status fail2ban
>
> fail2ban.service - Fail2ban Service
> Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled)
> Active: failed (Result: start-limit) since Tue 2013-07-09 08:59:40 CEST; 45min ago
> Process: 1024 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)
>
> Jul 09 08:59:40 wildcat systemd[1]: fail2ban.service: control process exited, code=exited status=255
> Jul 09 08:59:40 wildcat systemd[1]: Failed to start Fail2ban Service.
> Jul 09 08:59:40 wildcat systemd[1]: Unit fail2ban.service entered failed state.
> Jul 09 08:59:40 wildcat systemd[1]: fail2ban.service holdoff time over, scheduling restart.
> Jul 09 08:59:40 wildcat systemd[1]: Stopping Fail2ban Service...
> Jul 09 08:59:40 wildcat systemd[1]: Starting Fail2ban Service...
> Jul 09 08:59:40 wildcat systemd[1]: fail2ban.service start request repeated too quickly, refusing to start.
> Jul 09 08:59:40 wildcat systemd[1]: Failed to start Fail2ban Service.
> Jul 09 08:59:40 wildcat systemd[1]: Unit fail2ban.service entered failed state.
>
> $ less /var/log/messages
> Jul 9 08:59:39 localhost fail2ban-client[1024]: ERROR Directory /var/run/fail2ban exists but not accessible for writing
> Jul 9 08:59:40 localhost systemd[1]: fail2ban.service: control process exited, code=exited status=255
> Jul 9 08:59:40 localhost systemd[1]: Failed to start Fail2ban Service.
> Jul 9 08:59:40 localhost systemd[1]: Unit fail2ban.service entered failed state.
> ...
> Jul 9 08:59:40 localhost systemd[1]: fail2ban.service holdoff time over, scheduling restart.
> Jul 9 08:59:40 localhost systemd[1]: Stopping Fail2ban Service...
> Jul 9 08:59:40 localhost systemd[1]: Starting Fail2ban Service...
> Jul 9 08:59:40 localhost systemd[1]: fail2ban.service start request repeated too quickly, refusing to start.
> Jul 9 08:59:40 localhost systemd[1]: Failed to start Fail2ban Service.
> Jul 9 08:59:40 localhost systemd[1]: Unit fail2ban.service entered failed state.
>
Yes.
No AVC entry.
The only entries I found are:
type=SERVICE_START msg=audit(1373353179.495:389): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
type=SERVICE_START msg=audit(1373353179.595:390): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1373353179.595:391): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1373353180.002:393): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
type=SERVICE_START msg=audit(1373353180.102:406): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1373353180.102:407): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1373353179.495:389): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
type=SERVICE_START msg=audit(1373353179.595:390): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1373353179.595:391): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1373353180.002:393): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
type=SERVICE_START msg=audit(1373353180.102:406): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1373353180.102:407): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="fail2ban" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
-- Marco
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
