Re: What is broken with fail2ban

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

on my one system I see something even weirder...
setroubleshoot[58420]: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm. For complete SELinux messages. run sealert -l 892542a6-b3ea-48eb-b76f-cadffdbdbb84 Nov 02 22:21:27 rider.private.ccnr.ceb.private.cam.ac.uk python[58420]: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm.
Source Context system_u:system_r:fail2ban_client_t:s0 
Target Context                system_u:object_r:rpm_exec_t:s0
Target Objects                /usr/bin/rpm [ file ]
Source                        fail2ban-client
Source Path                   /usr/bin/python2.7

fail2ban wants to run rpm ???
unless some binaries I have mislabelled this would be suspicious, no?? 


On 20/08/16 13:46, Günther J. Niederwimmer wrote:

Hello List,

with CentOS 7.2 it is not longer possible to run fail2ban on a Server ?

I install a new CentOS 7.2 and the EPEL directory
yum install fail2ban

I don't change anything only I create a jail.local to enable the Filters
[sshd]
enabled = true
....
.....
When I start afterward fail2ban
systemctl status fail2ban is clean

But systemctl status firewalld is broken

● firewalld.service - firewalld - dynamic firewall daemon
    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor
preset: enabled)
    Active: active (running) since Sa 2016-08-20 12:08:27 CEST; 4min 50s ago
  Main PID: 13158 (firewalld)
    CGroup: /system.slice/firewalld.service
            └─13158 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Aug 20 12:12:23 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:23 ERROR:
NOT_ENABLED
Aug 20 12:12:24 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:24 ERROR:
NOT_ENABLED
Aug 20 12:12:25 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:25 ERROR:
NOT_ENABLED
Aug 20 12:12:27 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:27 ERROR:
NOT_ENABLED
Aug 20 12:12:27 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:27 ERROR:
NOT_ENABLED
Aug 20 12:12:28 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:28 ERROR:
NOT_ENABLED
Aug 20 12:12:29 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:29 ERROR:
NOT_ENABLED
Aug 20 12:12:30 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:30 ERROR:
NOT_ENABLED
Aug 20 12:12:31 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:31 ERROR:
NOT_ENABLED
Aug 20 12:12:31 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:31 ERROR:
NOT_ENABLED

Have any a Idea what is broken ?

ipset, iptables, fail2ban ?



_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux