On Tue, 07 Jul 2015, Vincent Lefevre wrote: > > > The /var/log/syslog file is more complete and gives the reason of > > > the error:
> > > Jul 7 03:37:24 zira fail2ban-client[789]: ERROR No file(s) found for > > > glob /var/log/apache*/*error.log > > > Jul 7 03:37:24 zira fail2ban-client[789]: ERROR Failed during > > > configuration: Have not found any log file for apache-noadmin jail > > > fail2ban should not refuse to start, but just ignore the jail in such > > > a case (possibly with some kind of warning). > > you say potato and I say potato -- you say "should not", and I say > > "should" ;-) This is a feature to avoid causing a false sense of > > protection. If you configure a jail to monitor some files, they must be > > there, otherwise fail2ban would not pick them up anyhow later and that > > jail will never be "in effect", although you might be thinking that it > > is. So consider it a feature. > No! This is not documented, thus it is not a feature! At least when > the user has no way to know that. > The problem is that fail2ban doesn't offer any protection at all > because it fails silently. So, instead of possibly having one thing > broken, one has everything broken!!! There should be a way for the > user to know (without any special action on his part) that fail2ban > could not start. brr -- didn't you get a log stating that it failed to start and a reason for the failure stated (as you quoted above)? > > As a workaround you might like to configure your logrotation to > > re-create empty files (create configuration option in your logrotate > > configs). > apache2 isn't installed yet, so that it would not be possible. so disable that jail then! -- Yaroslav O. Halchenko, Ph.D. http://neuro.debian.net http://www.pymvpa.org http://www.fail2ban.org Research Scientist, Psychological and Brain Sciences Dept. Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755 Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419 WWW: http://www.linkedin.com/in/yarik -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
