Hi, > Howdy, > >From a terminal run sestatus if Current mode is 'enforcing" the as root run > setenforce 0. This will put SELinux in permissive mode. If you script works > then it's SELinux preventing it. There a a couple of ways to deal with that. > I would think that at the fail2ban server runs as root since you have to be > root to write to iptables but I have never checked. If it is not running as > root then whatever account it does run as need to be able to access the > location where your script is. I think it runs as root because I found a > white paper on how to run it without root privileges while I was > troubleshooting an issue I have been having with the sqllite database.. But > I would check the SELinux first.
No, selinux is disabled with security=0 at boot. And fail2ban is running as root: # ps axwww|grep fail2ban root 25752 6.0 0.0 2280248 18028 ? Sl Jul22 54:47 /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b Thanks, Alex ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
