Package: fail2ban Version: 0.11.2-6 Severity: normal Tags: patch Hi,
fail2ban (since 0.11) automatically cleans up stale entries in its database, by default daily. However, the sqlite database is not vacuum'ed so the file size on disk is not reduced after this. On one of my systems, the database file was > 1 GB in size while after vacuum only a 1 M remained, so it really was growing way to large. The attached patch installs a weekly cronjob to perform the vacuum. I've also submitted it as a merge request on salsa. Kind regards, Thijs Kinkhorst
diff -Nru fail2ban-0.11.2/debian/control fail2ban-0.11.2/debian/control --- fail2ban-0.11.2/debian/control 2022-03-10 21:52:59.000000000 +0000 +++ fail2ban-0.11.2/debian/control 2022-04-22 09:14:01.000000000 +0000 @@ -21,8 +21,8 @@ Package: fail2ban Architecture: all Depends: ${python3:Depends}, ${misc:Depends}, lsb-base -Recommends: nftables | iptables, whois, python3-pyinotify, python3-systemd -Suggests: mailx, system-log-daemon, monit, sqlite3 +Recommends: nftables | iptables, whois, sqlite3, python3-pyinotify, python3-systemd +Suggests: mailx, system-log-daemon, monit Description: ban hosts that cause multiple authentication errors Fail2ban monitors log files (e.g. /var/log/auth.log, /var/log/apache/access.log) and temporarily or persistently bans diff -Nru fail2ban-0.11.2/debian/cron.weekly fail2ban-0.11.2/debian/cron.weekly --- fail2ban-0.11.2/debian/cron.weekly 1970-01-01 00:00:00.000000000 +0000 +++ fail2ban-0.11.2/debian/cron.weekly 2022-04-22 09:13:51.000000000 +0000 @@ -0,0 +1,8 @@ +#!/bin/sh + +sqlite="/usr/bin/sqlite3" +database="/var/lib/fail2ban/fail2ban.sqlite3" + +[ -x $sqlite ] && [ -f $database ] || exit 0 + +$sqlite $database "VACUUM;"