Fail2ban do not want to start

Support for security such as Firewalls and securing linux
Post Reply
nikohal
Posts: 5
Joined: 2014/11/06 16:09:36

Fail2ban do not want to start

Post by nikohal » 2014/11/08 10:41:06

Hi, in my server fail2ban not working. It's CentOS 7 server.
Here is what it says:
[root@ttccsrv2 log]# systemctl start fail2ban
Job for fail2ban.service failed. See 'systemctl status fail2ban.service' and 'journalctl -xn' for details.
[root@ttccsrv2 log]# journalctl -xn
-- Logs begin at pe 2014-11-07 09:15:09 EET, end at pe 2014-11-07 15:34:34 EET. --
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:34 ttccsrv2.eu fail2ban-client[4859]: ERROR No file(s) found for glob /var/log/nginx/error.log
marras 07 15:34:34 ttccsrv2.eu fail2ban-client[4859]: ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail
And here is what journalctl -xn gives:
-- Logs begin at pe 2014-11-07 09:15:09 EET, end at pe 2014-11-07 15:38:52 EET. --
marras 07 15:38:52 ttccsrv2.eu fail2ban-client[5362]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:38:52 ttccsrv2.eu fail2ban-client[5362]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:38:52 ttccsrv2.eu fail2ban-client[5362]: ERROR No file(s) found for glob /var/log/nginx/error.log
marras 07 15:38:52 ttccsrv2.eu fail2ban-client[5362]: ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail
marras 07 15:38:52 ttccsrv2.eu systemd[1]: fail2ban.service: control process exited, code=exited status=255
marras 07 15:38:52 ttccsrv2.eu systemd[1]: Failed to start Fail2ban Service.
-- Subject: Unit fail2ban.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/li ... temd-devel
--
-- Unit fail2ban.service has failed.
--
-- The result is failed.
marras 07 15:38:52 ttccsrv2.eu systemd[1]: Unit fail2ban.service entered failed state.
marras 07 15:38:52 ttccsrv2.eu systemd[1]: fail2ban.service holdoff time over, scheduling restart.
marras 07 15:38:52 ttccsrv2.eu systemd[1]: Stopping Fail2ban Service...
-- Subject: Unit fail2ban.service has begun shutting down
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/li ... temd-devel
--
-- Unit fail2ban.service has begun shutting down.
marras 07 15:38:52 ttccsrv2.eu systemd[1]: Starting Fail2ban Service...
-- Subject: Unit fail2ban.service has begun with start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/li ... temd-devel
--
-- Unit fail2ban.service has begun starting up.
Regards, Niko

lightman47
Posts: 1026
Joined: 2014/05/21 20:16:00
Location: Central New York, USA

Re: Fail2ban do not want to start

Post by lightman47 » 2014/11/10 12:48:36

Page says to call the client, never the server directly??

http://www.fail2ban.org/wiki/index.php/README

It's been a while so I don't remember what I did/how I did it ... but mine started first time without issue.
Multple login IDs are not your friend when asking for help!

nikohal
Posts: 5
Joined: 2014/11/06 16:09:36

Re: Fail2ban do not want to start

Post by nikohal » 2014/12/14 16:20:04

Hi,
I try to do that, but I get same issue.

Regards, Niko

lightman47
Posts: 1026
Joined: 2014/05/21 20:16:00
Location: Central New York, USA

Re: Fail2ban do not want to start

Post by lightman47 » 2014/12/23 19:15:30

OK - next question is where you got your fail2ban.

On my CentOS 6 machine (althought it's not installed there), it is available in the epel repo. On my CentOS7 machine (on which it IS installed), I'd love to say I got it from the repo - - - but can't swear to it. Many of my installations seem to "hook into" and update from repos after I install them, and I'm not smart enough to know how to tell or why it happens. For exactly that reason, I can't tell you if it's in the CentOS7 repo.

Where I am headed:

ALWAYS get software from the repos whenever possible - it's built for your installation (non-generic) and the latest despite seemingly conflicting version numbers.

If fail2ban is available in the repo and THAT isn't where you got yours, I'd try an un-install / reinstall from repo but be careful of dependemcies that will un-install most of your system!! If that becomes the case, CANCEL ==> rpm has options that will allow you to un-install without yanking system dependencies, but try yum erase first (never with the "-y" on a remove!). I use 'rpm -e --nodeps {packagename}'. (Oh - you're settings should survive unless you explicitely delete them).

If this doesn't help, apologies. It's all that comes to mind that may help.
Multple login IDs are not your friend when asking for help!

rjt69
Posts: 27
Joined: 2013/07/12 18:03:14
Location: Omaha, NE
Contact:

Re: Fail2ban do not want to start

Post by rjt69 » 2014/12/28 03:40:07

ERROR No file(s) found for glob /var/log/nginx/error.log
Have you confirmed via

Code: Select all

ls -laZ /var/log/nginx/
exists?

What is the security context?

Try

Code: Select all

restorecon -R /var/log/

Post Reply

Return to “CentOS 7 - Security Support”