Re: [CentOS] What is broken with fail2ban

Wed, 02 Nov 2016 15:29:41 -0700 

on my one system I see something even weirder...
setroubleshoot[58420]: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm. For complete SELinux messages. run sealert -l 892542a6-b3ea-48eb-b76f-cadffdbdbb84 Nov 02 22:21:27 rider.private.ccnr.ceb.private.cam.ac.uk python[58420]: SELinux is preventing /usr/bin/python2.7 from getattr access on the file /usr/bin/rpm. 


Source Context                
system_u:system_r:fail2ban_client_t:s0

Target Context                system_u:object_r:rpm_exec_t:s0
Target Objects                /usr/bin/rpm [ file ]
Source                        fail2ban-client
Source Path                   /usr/bin/python2.7

fail2ban wants to run rpm ???

unless some binaries I have mislabelled this would be 
suspicious, no??



On 20/08/16 13:46, Günther J. Niederwimmer wrote:

Hello List,

with CentOS 7.2 it is not longer possible to run fail2ban on a Server ?

I install a new CentOS 7.2 and the EPEL directory
yum install fail2ban

I don't change anything only I create a jail.local to enable the Filters
[sshd]
enabled = true
....
.....
When I start afterward fail2ban
systemctl status fail2ban is clean

But systemctl status firewalld is broken

● firewalld.service - firewalld - dynamic firewall daemon
    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor
preset: enabled)
    Active: active (running) since Sa 2016-08-20 12:08:27 CEST; 4min 50s ago
  Main PID: 13158 (firewalld)
    CGroup: /system.slice/firewalld.service
            └─13158 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Aug 20 12:12:23 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:23 ERROR:
NOT_ENABLED
Aug 20 12:12:24 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:24 ERROR:
NOT_ENABLED
Aug 20 12:12:25 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:25 ERROR:
NOT_ENABLED
Aug 20 12:12:27 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:27 ERROR:
NOT_ENABLED
Aug 20 12:12:27 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:27 ERROR:
NOT_ENABLED
Aug 20 12:12:28 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:28 ERROR:
NOT_ENABLED
Aug 20 12:12:29 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:29 ERROR:
NOT_ENABLED
Aug 20 12:12:30 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:30 ERROR:
NOT_ENABLED
Aug 20 12:12:31 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:31 ERROR:
NOT_ENABLED
Aug 20 12:12:31 yyyy.xxxxxx.at firewalld[13158]: 2016-08-20 12:12:31 ERROR:
NOT_ENABLED

Have any a Idea what is broken ?

ipset, iptables, fail2ban ?



_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos






















					Reply via email to