The problem is two fold. The config file includes a line like:
logpath = %(sshd_log)s
Also I have this in my jail.local
[sshd]
enabled = true
systemctl status fail2ban.service yielded:
fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; disabled)
Active: failed (Result: start-limit) since Wed 2015-07-01 19:35:37
EDT; 24s ago
Docs: man:fail2ban(1)
Process: 5447 ExecStart=/usr/bin/fail2ban-client -x start
(code=exited, status=255)
Jul 01 19:35:37 k4gvo systemd[1]: Failed to start Fail2Ban Service.
Jul 01 19:35:37 k4gvo systemd[1]: Unit fail2ban.service entered failed
state.
Jul 01 19:35:37 k4gvo systemd[1]: fail2ban.service holdoff time over,
scheduling restart.
Jul 01 19:35:37 k4gvo systemd[1]: Stopping Fail2Ban Service...
Jul 01 19:35:37 k4gvo systemd[1]: Starting Fail2Ban Service...
Jul 01 19:35:37 k4gvo systemd[1]: fail2ban.service start request
repeated too quickly, refusing to start.
Jul 01 19:35:37 k4gvo systemd[1]: Failed to start Fail2Ban Service.
Jul 01 19:35:37 k4gvo systemd[1]: Unit fail2ban.service entered failed
state.
I have this in /usr/lib/systemd/system/fail2ban.service
[Unit]
Description=Fail2Ban Service
Documentation=man:fail2ban(1)
After=network.target iptables.service firewalld.service firewalld.service
[Service]
Type=forking
ExecStart=/usr/bin/fail2ban-client -x start
ExecStop=/usr/bin/fail2ban-client stop
ExecReload=/usr/bin/fail2ban-client reload
PIDFile=/var/run/fail2ban/fail2ban.pid
Restart=always
[Install]
WantedBy=multi-user.target
~
And journalctl -xn gave me:
(In addition to other messages pertaining to the fact Fail2ban didn't
start repeated.)
[Unit]
Description=Fail2Ban Service
Documentation=man:fail2ban(1)
After=network.target iptables.service firewalld.service firewalld.service
[Service]
Type=forking
ExecStart=/usr/bin/fail2ban-client -x start
ExecStop=/usr/bin/fail2ban-client stop
ExecReload=/usr/bin/fail2ban-client reload
PIDFile=/var/run/fail2ban/fail2ban.pid
Restart=always
[Install]
WantedBy=multi-user.target
So how Do I get it to run on centos 7. There is no sestatus command so
I can't check selinux. The /etc/selinux/semanage.conf file doesn't have
an obvious way of turning it off.
Thanks,
Jm.
~
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
