Howdy, >From a terminal run sestatus if Current mode is 'enforcing" the as root run setenforce 0. This will put SELinux in permissive mode. If you script works then it's SELinux preventing it. There a a couple of ways to deal with that. I would think that at the fail2ban server runs as root since you have to be root to write to iptables but I have never checked. If it is not running as root then whatever account it does run as need to be able to access the location where your script is. I think it runs as root because I found a white paper on how to run it without root privileges while I was troubleshooting an issue I have been having with the sqllite database.. But I would check the SELinux first.
On Wed, 2015-07-22 at 21:25 -0400, Alex wrote: > Hi, > I have a fedora22 install and would like to use fail2ban to restart a > script based on a specific event. I have the following conf file: > > logpath = /var/log/changepass.log > failregex = .* host=<HOST> user=.*SYSTEMERROR$ > actionstart = /etc/fail2ban/scripts/changepass_restart.sh > > The failregex is correct, as it logs the entry in fail2ban.log, but > the script apparently doesn't get executed. Running it manually works > as expected. > > Is there something more that I need to run this script properly? I > don't really need the <HOST> or any other variable - the script just > restarts another program. > > Thanks for any ideas, > Alex > > ------------------------------------------------------------------------------ > _______________________________________________ > Fail2ban-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/fail2ban-users
------------------------------------------------------------------------------
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
