Hi, Yes I have SElinux in enforcing mode and I had to write one rule to allow that. I also use SElinux / IPA to set a user_u context for new users.
I looked in /var/log/messages and the alarm message simply told me what to do, I ran it and no issues, here's the history, ======= 109 grep fail2ban-server /var/log/audit/audit.log | audit2allow -M mypol 110 semodule -i mypol.pp 111 service fail2ban restart ====== I think RH has done some work around SElinux making it way easier than CENTOS. Yes I found a solution, I edited jail.conf as per Centos howtos and it worked. http://www.tecmint.com/install-fail2ban-on-rhel-centos-fedora/ So I then copied jail.conf to jail.local and hashed out the additions in jail.conf, restarted fail2ban and it still worked. So I was probably doing some typo.... regards Steven ________________________________________ From: Charles Bradshaw <[email protected]> Sent: Wednesday, 22 October 2014 1:56 p.m. To: Steven Jones Cc: [email protected] Subject: Re: [Fail2ban-users] Configuring fail2ban on RHEL7 You didn't say whether or not your running selinux enforcing? I'm running a fully up to date version of CentOS which requires a considerable number of selinux patches to get fail2ban working smoothly in my particular configuration. On Tue, 2014-10-21 at 19:43 +0000, Steven Jones wrote: > Correct, error between chair and keyboard I believe. > > > I found some Centos howtos which edited jail.conf directly and it ran > fine. I then cp'd to jail.local and #'d out the lines in jail.conf > and it still worked. Does this mean you found a solution? 8><---- ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
