Syndicate content

How to find fail2ban errors when logs/errors don't make it anywhere?

Today I noticed that my fail2ban wasn't running.

Looking into it, I could see that an error was happening on startup. This pretty much always mean that something's wrong in the configuration files.

sudo systemctl start fail2ban
Job for fail2ban.service failed because the control process exited with error code.
See "systemctl status fail2ban.service" and "journalctl -xe" for details.

However, somehow, systemd would not show me the error with the status or checking the journal and it would not write anything to the /var/log/fail2ban.log file which stayed totally empty.

prompt % systemctl status fail2ban
● fail2ban.service - Fail2Ban Service
   Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
   Active: inactive (dead) (Result: exit-code) since Sat 2017-05-27 03:30:42 UTC; 9min ago
     Docs: man:fail2ban(1)
  Process: 15483 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)

May 27 03:30:42 m2osw.com systemd[1]: fail2ban.service: Control process exited, code=exited status=255
May 27 03:30:42 m2osw.com systemd[1]: Failed to start Fail2Ban Service.
May 27 03:30:42 m2osw.com systemd[1]: fail2ban.service: Unit entered failed state.
May 27 03:30:42 m2osw.com systemd[1]: fail2ban.service: Failed with result 'exit-code'.
May 27 03:30:42 m2osw.com systemd[1]: fail2ban.service: Service hold-off time over, scheduling restart.
May 27 03:30:42 m2osw.com systemd[1]: Stopped Fail2Ban Service.
May 27 03:30:42 m2osw.com systemd[1]: fail2ban.service: Start request repeated too quickly.
May 27 03:30:42 m2osw.com systemd[1]: Failed to start Fail2Ban Service.
May 27 03:36:50 m2osw.com systemd[1]: Stopped Fail2Ban Service.

In order to find the configuration error, I instead had to run the start process by hand. So first I made sure it was stopped, and then I ran the start command as found in the /etc/systemd/system/multi-user.target.wants/fail2ban.service file:

prompt % sudo /usr/bin/fail2ban-client stop
ERROR  Failed to access socket path: /var/run/fail2ban/fail2ban.sock. Is fail2ban running?

And then:

prompt % sudo /usr/bin/fail2ban-client -x start
ERROR  No file(s) found for glob /var/log/mail.log
ERROR  Failed during configuration: Have not found any log file for postfix jail

Now I can see why and where the error is happen.

We moved all the mail logs under /var/log/mail/... so the path needed to be updated to /var/log/mail/mail.log.

Once that was done, the normal systemctl command worked as expected:

prompt % sudo systemctl start fail2ban

Finally, this did not generate any error.

Syndicate content

Diverse Realty

Diverse Realty Team

Want a New Home?
Want to Sell Your House?

Call Alex at
+1 (916)
220 6482

Alexis Wilke, Realtor
Salesperson
Lic. # 02024063

Cory Marcus, Broker
Lic. # 01079165

     

Terms of Site Index

Find the page/content you are looking for with our index.

  • Mac OS/X

    The new system for Macintosh computers. This is based on FreeBSD, a Unix platform.

  • SSL

    Secure Socket Layer, this is a protocol used to transmit secure data between two computers. Both computers will first agree on an encryption secret code, then all the data sent back and forth will be encoded using that code. In order to make it secure, you generate two set of numbers (called keys) one that is public and one that is private. The public key sole purpose is to encrypt the data. The private key sole purpose is to decrypt the data.

  • UNICODE
  • brand
  • zlib

    The Z library is a compression library based on an algorithm that compresses at best in some automated and simle way. For better performance, the entire input file is necessary. Note that you can get better results with other methods, this one is excellent for streaming, however.