I think the problem is that Centos 7 has decided that log files are a
thing of the past:
ls /var/log
btmp dmesg dmesg.old journal lastlog tallylog wtmp yum.log
so no auth.log or secure files exist.
There is no rsyslog config file so I can't just add a line.
The rsyslog-doc package contains dozens of files. Nothing jumps out as
to which file might contain the info I need at first glance, so I'll
have to do a bit of research.
Jim.
On 07/01/2015 09:48 PM, Harrison Johnson wrote:
Jim,
Change the config file to SELINUX=disabled and reboot to completely
disable SElinux.
On Wed, 2015-07-01 at 19:46 -0400, Jim wrote:
The problem is two fold. The config file includes a line like:
logpath = %(sshd_log)s
Also I have this in my jail.local
[sshd]
enabled = true
systemctl status fail2ban.service yielded:
fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; disabled)
Active: failed (Result: start-limit) since Wed 2015-07-01 19:35:37
EDT; 24s ago
Docs: man:fail2ban(1)
Process: 5447 ExecStart=/usr/bin/fail2ban-client -x start
(code=exited, status=255)
Jul 01 19:35:37 k4gvo systemd[1]: Failed to start Fail2Ban Service.
Jul 01 19:35:37 k4gvo systemd[1]: Unit fail2ban.service entered failed
state.
Jul 01 19:35:37 k4gvo systemd[1]: fail2ban.service holdoff time over,
scheduling restart.
Jul 01 19:35:37 k4gvo systemd[1]: Stopping Fail2Ban Service...
Jul 01 19:35:37 k4gvo systemd[1]: Starting Fail2Ban Service...
Jul 01 19:35:37 k4gvo systemd[1]: fail2ban.service start request
repeated too quickly, refusing to start.
Jul 01 19:35:37 k4gvo systemd[1]: Failed to start Fail2Ban Service.
Jul 01 19:35:37 k4gvo systemd[1]: Unit fail2ban.service entered failed
state.
I have this in /usr/lib/systemd/system/fail2ban.service
[Unit]
Description=Fail2Ban Service
Documentation=man:fail2ban(1)
After=network.target iptables.service firewalld.service firewalld.service
[Service]
Type=forking
ExecStart=/usr/bin/fail2ban-client -x start
ExecStop=/usr/bin/fail2ban-client stop
ExecReload=/usr/bin/fail2ban-client reload
PIDFile=/var/run/fail2ban/fail2ban.pid
Restart=always
[Install]
WantedBy=multi-user.target
~
And journalctl -xn gave me:
(In addition to other messages pertaining to the fact Fail2ban didn't
start repeated.)
[Unit]
Description=Fail2Ban Service
Documentation=man:fail2ban(1)
After=network.target iptables.service firewalld.service firewalld.service
[Service]
Type=forking
ExecStart=/usr/bin/fail2ban-client -x start
ExecStop=/usr/bin/fail2ban-client stop
ExecReload=/usr/bin/fail2ban-client reload
PIDFile=/var/run/fail2ban/fail2ban.pid
Restart=always
[Install]
WantedBy=multi-user.target
So how Do I get it to run on centos 7. There is no sestatus command so
I can't check selinux. The /etc/selinux/semanage.conf file doesn't have
an obvious way of turning it off.
Thanks,
Jm.
~
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
Fail2ban-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
