Fail2ban do not want to start

[nikohal]

Hi, in my server fail2ban not working. It's CentOS 7 server.
Here is what it says:

[root@ttccsrv2 log]# systemctl start fail2ban
Job for fail2ban.service failed. See 'systemctl status fail2ban.service' and 'journalctl -xn' for details.
[root@ttccsrv2 log]# journalctl -xn
-- Logs begin at pe 2014-11-07 09:15:09 EET, end at pe 2014-11-07 15:34:34 EET. --
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:33 ttccsrv2.eu fail2ban-client[4859]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:34:34 ttccsrv2.eu fail2ban-client[4859]: ERROR No file(s) found for glob /var/log/nginx/error.log
marras 07 15:34:34 ttccsrv2.eu fail2ban-client[4859]: ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail

And here is what journalctl -xn gives:

-- Logs begin at pe 2014-11-07 09:15:09 EET, end at pe 2014-11-07 15:38:52 EET. --
marras 07 15:38:52 ttccsrv2.eu fail2ban-client[5362]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:38:52 ttccsrv2.eu fail2ban-client[5362]: WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
marras 07 15:38:52 ttccsrv2.eu fail2ban-client[5362]: ERROR No file(s) found for glob /var/log/nginx/error.log
marras 07 15:38:52 ttccsrv2.eu fail2ban-client[5362]: ERROR Failed during configuration: Have not found any log file for nginx-http-auth jail
marras 07 15:38:52 ttccsrv2.eu systemd[1]: fail2ban.service: control process exited, code=exited status=255
marras 07 15:38:52 ttccsrv2.eu systemd[1]: Failed to start Fail2ban Service.
-- Subject: Unit fail2ban.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/li ... temd-devel
--
-- Unit fail2ban.service has failed.
--
-- The result is failed.
marras 07 15:38:52 ttccsrv2.eu systemd[1]: Unit fail2ban.service entered failed state.
marras 07 15:38:52 ttccsrv2.eu systemd[1]: fail2ban.service holdoff time over, scheduling restart.
marras 07 15:38:52 ttccsrv2.eu systemd[1]: Stopping Fail2ban Service...
-- Subject: Unit fail2ban.service has begun shutting down
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/li ... temd-devel
--
-- Unit fail2ban.service has begun shutting down.
marras 07 15:38:52 ttccsrv2.eu systemd[1]: Starting Fail2ban Service...
-- Subject: Unit fail2ban.service has begun with start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/li ... temd-devel
--
-- Unit fail2ban.service has begun starting up.

Regards, Niko

[lightman47]

Page says to call the client, never the server directly??

http://www.fail2ban.org/wiki/index.php/README

It's been a while so I don't remember what I did/how I did it ... but mine started first time without issue.

[nikohal]

Hi,
I try to do that, but I get same issue.

Regards, Niko

[lightman47]

OK - next question is where you got your fail2ban.

On my CentOS 6 machine (althought it's not installed there), it is available in the epel repo. On my CentOS7 machine (on which it IS installed), I'd love to say I got it from the repo - - - but can't swear to it. Many of my installations seem to "hook into" and update from repos after I install them, and I'm not smart enough to know how to tell or why it happens. For exactly that reason, I can't tell you if it's in the CentOS7 repo.

Where I am headed:

ALWAYS get software from the repos whenever possible - it's built for your installation (non-generic) and the latest despite seemingly conflicting version numbers.

If fail2ban is available in the repo and THAT isn't where you got yours, I'd try an un-install / reinstall from repo but be careful of dependemcies that will un-install most of your system!! If that becomes the case, CANCEL ==> rpm has options that will allow you to un-install without yanking system dependencies, but try yum erase first (never with the "-y" on a remove!). I use 'rpm -e --nodeps {packagename}'. (Oh - you're settings should survive unless you explicitely delete them).

If this doesn't help, apologies. It's all that comes to mind that may help.

[rjt69]

ERROR No file(s) found for glob /var/log/nginx/error.log

Have you confirmed via

Code: Select all

ls -laZ /var/log/nginx/

exists?

What is the security context?

Try

Code: Select all

restorecon -R /var/log/