Re: [DNG] monit logwatch fail2ban
Hi Erich, On Fri, 2021-01-22 at 14:24 +0100, Erich Minderlein via Dng wrote: > Hi > > I have migrated a small home server from debian buster to devuan > beowulf. > It was a new install, but I compared/copied /etc and copied the > server /var/www > It was rather flawless. > However before the package monit was used as intermediate function > beween fail2ban and logwatch. > This is not part of the devuan packages. > Now I miss the section fail2ban in the logwatch daily mail > > Is there an adapted solution to this ? > I'm running Beowulf with Monit and fail2ban and they both work. They /are/ both in the Devuan repositories, and don't depend on systemd, so shouldn't be any different from Debian. I am using fail2ban with nftables, not iptables, though it can be configured to work with either. And I am using the backported version of Monit (1.5.27) as the https interface in 1.5.26 doesn't report bytes written or read. I don't have logwatch. -- Marjorie ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
Re: [DNG] monit logwatch fail2ban
Hello Erich, I don't think either logwatch nor fail2ban is being forked by the folks at debian. As such, you are using the debian packages. There may be functionalities depending on systemd, but that's for you to discover. In any case, what *exactly* is not part of devuan? Please provide a link to debian's source and/or packages and how it differ from devuan. It may simply be an oversight or an issue with the backend, but without details we can't do anything but guess. In short, please refer to this small bullet list (this is a document I often read, as it is quite useful): http://www.catb.org/%7Eesr/faqs/smart-questions.html#beprecise Best Regards, Ludovic On Fri, 22 Jan 2021 14:24:30 +0100 Erich Minderlein via Dng wrote: > Hi > > I have migrated a small home server from debian buster to devuan > beowulf. It was a new install, but I compared/copied /etc and copied > the server /var/www It was rather flawless. > However before the package monit was used as intermediate function > beween fail2ban and logwatch. This is not part of the devuan packages. > Now I miss the section fail2ban in the logwatch daily mail > > Is there an adapted solution to this ? > pgpSnE28YKdV2.pgp Description: Signature digitale OpenPGP ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] monit logwatch fail2ban
Hi I have migrated a small home server from debian buster to devuan beowulf. It was a new install, but I compared/copied /etc and copied the server /var/www It was rather flawless. However before the package monit was used as intermediate function beween fail2ban and logwatch. This is not part of the devuan packages. Now I miss the section fail2ban in the logwatch daily mail Is there an adapted solution to this ? -- mit freundlichen Grüßen with the beste regards cordialement Erich |\/|inderlei|\| -- ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] AppArmor and TorBrowser
At some point my TorBrowser wouldn't start. When I try it displays error windows: Tor unexpectedly exited. This might be due to a bug in Tor itself, another program in your system, or faulty hardware. ... Tor exited during startup. This might be due to a bug in your torrc file or another program on your system, for faulty hardware. ... I look at the torrc file and it looks like nothing but a set of harmless links. My messages log tells me that AppArmor status for torBrowser is apparmor="DENIED". "denied_mask="r"" So I do # apparmor-status and find six processes are in enforce mode, including: /home/haines/.local/share/torbrowser/tbb/x86_64/ \ tor-browser_en-US/Browser/firefox.real (8708) torbrowser_firefox I do $ ps aux | grep 8708 haines8708 0.1 0.9 2517308 156740 pts/11 Sl 07:53 0:03 ./firefox.real --class Tor Browser -profile TorBrowser/Data/Browser/profile.default Killing process does not get me torBrowser back. I gather I could edit the profile in /etc/apparmor.d directly. There are two profiles there torbrowser.Tor.tor and torbrowser.Browser.firefox. I didn't know which to edit, and there was nothing obvious I should do to edit in them. Instead I simply removed and reinstalled the two profiles with: # apparmor_parser -R /etc/apparmor.d/ # apparmor_parser -a /etc/apparmor.d/ That did not help, so I simply removed them. Then I'm supposed to inform the kern of this with: # echo -n “torbrowser.Browser.firefox” > /sys/kernel/security/apparmor/.remove Byt get: -bash: echo: write error: No such file or directory This is becasue my /sys/kernel/security/apparmor/ directory holds no .remove file. I still can't start torbrowser. I don't want to breask things by going any further such as creating a .remove file and adding the two lines to it: torbrowser.Browser.firefox torBrowser.Tor.tor -- Haines Brown ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
[DNG] Failure of dpkg postinst/prerm scripts was Re: cups in ceres: Correction
On Tue, 1 Dec 2020 13:56:15 + fraser kendall wrote: > On Tue, 1 Dec 2020 13:35:48 + > fraser kendall wrote: > > Correction: [...] > #mv /var/lib/dpkg/info/printer-driver-cups-pdf.postinst > /var/lib/dpkg/info/printer-driver-cups-pdf.postinst.bad > #mv /var/lib/dpkg/info/printer-driver-cups-pdf.postrm > /var/lib/dpkg/info/printer-driver-cups-pdf.postrm.bad > #mv /var/lib/dpkg/info/printer-driver-cups-pdf.prerm > /var/lib/dpkg/info/printer-driver-cups-pdf.prerm.bad > #dpkg -r printer-driver-cups-pdf Replying to my own post. This is a reproducible problem/workaround that has affected several packages in some of my various beowulf deployments; these have included initramfs-tools initramfs-tools-core htcondor nginx-full printer-driver-cups-pdf I am posting this for information: there is clearly something about the preinst/prerm/postinst/postrm script(s) that is causing problems during dpkg operation. The workaround is the same in each case: rename the offending script and run dpkg again. I recognise that this family of scripts are very similar, but lacking the skills to pinpoint the problem, the best I can offer is to hand the observation over to the list for any interested parties who would like to take a look. Best fraser ___ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng