Hi, On F19 the service fail2ban won't start via systemd with selinux in enforcing mode. The error in the message log indicates.... fail2ban-client[2804]: ERROR Directory /var/run/fail2ban exists but not accessible for writing But, if you execute the command in the service file from the command line.... [root@f18x log]# /usr/bin/fail2ban-client -x start 2013-07-09 18:46:10,558 fail2ban.server : INFO Starting Fail2ban v0.8.10 2013-07-09 18:46:10,559 fail2ban.server : INFO Starting in daemon mode It starts and you can see the files created in /var/run/fail2ban [root@f18x fail2ban]# pwd /var/run/fail2ban [root@f18x fail2ban]# ls fail2ban.pid fail2ban.sock And if you put selinux in permissive mode.... [root@f18x fail2ban]# pwd /var/run/fail2ban [root@f18x fail2ban]# ls [root@f18x fail2ban]# setenforce 0 [root@f18x fail2ban]# systemctl start fail2ban [root@f18x fail2ban]# ls fail2ban.pid fail2ban.sock So it is running with selinux placed in permissive mode..... But, no AVC are ever thrown to the audit log. How to figure out what is the culprit? -- The only thing worse than a poorly asked question is a cryptic answer. -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
