denyhosts package causing problems
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
denyhosts (Ubuntu) |
Invalid
|
Medium
|
Unassigned |
Bug Description
python 5
(sudo apt-get dist-upgrade) upgraded from dapper drake to feisty fawn with denyhosts installed
deny hosts didn't start, didn't tell me it was broken found out by monitoring /var/log/auth.log
sudo apt-get reinstall denyhosts displayed
had deny hosts working upgraded to fiesty (graphics card not working in edgy)
tried reinstalling come up with this error... not sure where to go from here...
python -version
2.5
N@ubuntu:~$ sudo aptitude reinstall denyhosts
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Building tag database... Done
The following packages will be REINSTALLED:
denyhosts
0 packages upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 23 not upgraded.
Need to get 62.4kB of archives. After unpacking 0B will be used.
Writing extended state information... Done
Get:1 http://
Fetched 62.4kB in 1s (41.5kB/s)
(Reading database ... 148170 files and directories currently installed.)
Preparing to replace denyhosts 2.6-1 (using .../denyhosts_
DenyHosts is not running
Unpacking replacement denyhosts ...
Setting up denyhosts (2.6-1) ...
starting DenyHosts: /usr/bin/env python /usr/bin/
python: can't open file '/usr/bin/
sudo apt-get purge denyhosts did not remove any denyhosts files from harddisk
was fixed by sudo rm /etc/init.
sudo install denyhosts
Should this bug qualify as a high priority security fix since this is a security feature which is silently not working?
People are constantly trying to attack my open ssh port. I didn't notice this problem till several weeks after I set up the server. Like a fool I just assumed that denyhosts would work as well as it did on edgy. Hopefully no one has brute forced my password and covered up their tracks in the last two weeks.
I can verify that denyhosts was silently failing to work on a fresh install of feisty. d/denyhosts start would look like it worked and some startup stuff appeared in /var/log/denyhosts but then the process silently died.
There were no messages indicating any problem in any of the log files.
The /var/lib/denyhosts directory was empty.
ps -ef | grep denyhosts showed nothing running.
sudo /etc/init.
The end of /var/log/denyhosts was: denyhosts]
2007-06-06 07:05:23,193 - prefs : INFO SYSLOG_REPORT: [no]
2007-06-06 07:05:23,193 - prefs : INFO WORK_DIR: [/var/lib/
2007-06-06 07:05:23,203 - denyhosts : INFO restricted: set([])
Investigating further I tried running from the command line.
msebast@ carter: /var/log$ denyhosts denyhosts. pid' carter: /var/log$ sudo /etc/init. d/denyhosts stop carter: /var/log$ sudo denyhosts denyhosts" , line 165, in <module> denyhosts/ DenyHosts/ deny_hosts. py", line 78, in __init__ get_denied_ hosts() denyhosts/ DenyHosts/ deny_hosts. py", line 272, in get_denied_hosts __prefs. get('HOSTS_ DENY'), "r"):
DenyHosts could not obtain lock (pid: )
[Errno 13] Permission denied: '/var/run/
msebast@
msebast@
Traceback (most recent call last):
File "/usr/sbin/
first_time, noemail, daemon)
File "/usr/share/
self.
File "/usr/share/
for line in open(self.
IOError: [Errno 2] No such file or directory: '/etc/hosts.deny'
DenyHosts exited abnormally carter: /var/log$ sudo touch /etc/hosts.deny carter: /var/log$ sudo denyhosts carter: /var/log$
msebast@
msebast@
msebast@
So creating the hosts.deny file avoids the python error message.
It seems like the python error message should have gone to one of the /var/log files to make the problem more obvious.
After creating /etc/hosts.deny everything seems to be working. denyhosts]
The expected files show up in /var/lib/denyhosts
The end of /var/log/denyhosts is now:
2007-06-06 08:53:31,449 - prefs : INFO SYSLOG_REPORT: [no]
2007-06-06 08:53:31,449 - prefs : INFO WORK_DIR: [/var/lib/
2007-06-06 08:53:31,450 - denyhosts : INFO restricted: set([])
2007-06-06 08:53:31,461 - denyhosts : INFO Processing log file (/var/log/auth.log) from offset (15264)
2007-06-06 08:53:31,464 - denyhosts : INFO launching DenyHosts daemon (version 2.6)...
2007-06-06 08:53:31,482 - denyhosts : INFO DenyHosts daemon is now running, pid: 7663
2007-06-06 08:53:31,484 - denyhosts : INFO send daemon process a TERM signal to terminate cleanly
2007-06-06 08:53:31,485 - denyhosts : INFO eg. kill -TERM 7663
2007-06-06 08:53:31,485 - denyhosts : INFO monitoring log: /var/log/auth.log
2007-06-06 08:53:31,486 - denyhosts : INFO sync_time: 3600
2007-06-06 08:53:31,486 - denyhosts : INFO purgin...