Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fail2ban unable to start in ubuntu 24.04 container #3685

Closed
AndMck opened this issue Feb 29, 2024 · 3 comments
Closed

Fail2ban unable to start in ubuntu 24.04 container #3685

AndMck opened this issue Feb 29, 2024 · 3 comments
Labels
3rd party issue

Comments

@AndMck
Copy link

AndMck commented Feb 29, 2024

Hi I'm trying to get fail2ban to run my ubuntu container (24.04) but getting error message ;

service fail2ban start

  • Starting Authentication failure monitor fail2ban
    2024-02-29 13:44:50,301 fail2ban [78]: ERROR Failed during configuration: Have not found any log file for sshd jail

I am not using systemd so i'm unsure if it will work as i was originally upgrading a pod because it had been flagged by our security team (debian buster) with critical vulnerabilities. I have also configured /etc/fail2ban/jail.local with my sshd settings, is that the correct location ? I saw mention that i should set backend = systemd but not sure as i'm not using systemd.
@AndMck
Copy link
Author

AndMck commented Feb 29, 2024

I have added backend = systemd and the error i now get is ;
service fail2ban start

  • Starting Authentication failure monitor fail2ban
    2024-02-29 14:07:55,591 fail2ban [348]: ERROR No module named 'asynchat'
    2024-02-29 14:08:25,956 fail2ban [347]: ERROR Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it

trying fail2ban client -x start also fails.....

@sebres
Copy link
Contributor

sebres commented Feb 29, 2024

I saw mention that i should set backend = systemd but not sure as i'm not using systemd.
I have added backend = systemd ...

Well, if your system does not use journal, then sshd wouldn't log to journal and this setting would be wrong in that case.
You have to ensure where sshd basically logging:

  • either to journal (you can also check it with journalctl), then this f2b-backend is correct.
  • or to log-file, then find it out in sshd- or rsyslog-settings, and set backend to auto and logpath to proper path to the log-file.

... and the error i now get is :
No module named 'asynchat'

Is python version 3.12+? (see #3487)

Then it is only possible with newer fail2ban version or if you install that modules manually, e. g, with pip as described in pyasynchat and pyasyncore

Otherwise I don't understand why this must be not found within ubuntu 24.04 (no matter container or not).
How you installed fail2ban there? Manually (from source or deb) or from apt?

@sebres sebres closed this as not planned Won't fix, can't repro, duplicate, stale Feb 29, 2024
@tiagocamargo tiagocamargo mentioned this issue Mar 13, 2024
Closed
@jmg-duarte
Copy link

I had this issue but installing from the .deb in the releases fixed it for me

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
3rd party issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sebres @jmg-duarte @AndMck