denyhosts package causing problems

Bug #87898 reported by gradin on 2007-02-25
10
Affects Status Importance Assigned to Milestone
denyhosts (Ubuntu)
Medium
Unassigned

Bug Description

python 5
(sudo apt-get dist-upgrade) upgraded from dapper drake to feisty fawn with denyhosts installed

deny hosts didn't start, didn't tell me it was broken found out by monitoring /var/log/auth.log
sudo apt-get reinstall denyhosts displayed
had deny hosts working upgraded to fiesty (graphics card not working in edgy)
tried reinstalling come up with this error... not sure where to go from here...

python -version
2.5

N@ubuntu:~$ sudo aptitude reinstall denyhosts
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Building tag database... Done
The following packages will be REINSTALLED:
  denyhosts
0 packages upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 23 not upgraded.
Need to get 62.4kB of archives. After unpacking 0B will be used.
Writing extended state information... Done
Get:1 http://us.archive.ubuntu.com feisty/universe denyhosts 2.6-1 [62.4kB]
Fetched 62.4kB in 1s (41.5kB/s)
(Reading database ... 148170 files and directories currently installed.)
Preparing to replace denyhosts 2.6-1 (using .../denyhosts_2.6-1_all.deb) ...
DenyHosts is not running
Unpacking replacement denyhosts ...
Setting up denyhosts (2.6-1) ...
starting DenyHosts: /usr/bin/env python /usr/bin/denyhosts.py --daemon --config=/usr/share/denyhosts/denyhosts.cfg
python: can't open file '/usr/bin/denyhosts.py': [Errno 2] No such file or directory
sudo apt-get purge denyhosts did not remove any denyhosts files from harddisk

was fixed by sudo rm /etc/init.d/denyhosts
sudo install denyhosts

gradin (tmoore14) on 2007-02-25
description: updated
Download full text (3.3 KiB)

Should this bug qualify as a high priority security fix since this is a security feature which is silently not working?

People are constantly trying to attack my open ssh port. I didn't notice this problem till several weeks after I set up the server. Like a fool I just assumed that denyhosts would work as well as it did on edgy. Hopefully no one has brute forced my password and covered up their tracks in the last two weeks.

I can verify that denyhosts was silently failing to work on a fresh install of feisty.
There were no messages indicating any problem in any of the log files.
The /var/lib/denyhosts directory was empty.
ps -ef | grep denyhosts showed nothing running.
sudo /etc/init.d/denyhosts start would look like it worked and some startup stuff appeared in /var/log/denyhosts but then the process silently died.

The end of /var/log/denyhosts was:
2007-06-06 07:05:23,193 - prefs : INFO SYSLOG_REPORT: [no]
2007-06-06 07:05:23,193 - prefs : INFO WORK_DIR: [/var/lib/denyhosts]
2007-06-06 07:05:23,203 - denyhosts : INFO restricted: set([])

Investigating further I tried running from the command line.

msebast@carter:/var/log$ denyhosts
DenyHosts could not obtain lock (pid: )
[Errno 13] Permission denied: '/var/run/denyhosts.pid'
msebast@carter:/var/log$ sudo /etc/init.d/denyhosts stop
msebast@carter:/var/log$ sudo denyhosts
Traceback (most recent call last):
  File "/usr/sbin/denyhosts", line 165, in <module>
    first_time, noemail, daemon)
  File "/usr/share/denyhosts/DenyHosts/deny_hosts.py", line 78, in __init__
    self.get_denied_hosts()
  File "/usr/share/denyhosts/DenyHosts/deny_hosts.py", line 272, in get_denied_hosts
    for line in open(self.__prefs.get('HOSTS_DENY'), "r"):
IOError: [Errno 2] No such file or directory: '/etc/hosts.deny'

DenyHosts exited abnormally
msebast@carter:/var/log$ sudo touch /etc/hosts.deny
msebast@carter:/var/log$ sudo denyhosts
msebast@carter:/var/log$

So creating the hosts.deny file avoids the python error message.
It seems like the python error message should have gone to one of the /var/log files to make the problem more obvious.

After creating /etc/hosts.deny everything seems to be working.
The expected files show up in /var/lib/denyhosts
The end of /var/log/denyhosts is now:
2007-06-06 08:53:31,449 - prefs : INFO SYSLOG_REPORT: [no]
2007-06-06 08:53:31,449 - prefs : INFO WORK_DIR: [/var/lib/denyhosts]
2007-06-06 08:53:31,450 - denyhosts : INFO restricted: set([])
2007-06-06 08:53:31,461 - denyhosts : INFO Processing log file (/var/log/auth.log) from offset (15264)
2007-06-06 08:53:31,464 - denyhosts : INFO launching DenyHosts daemon (version 2.6)...
2007-06-06 08:53:31,482 - denyhosts : INFO DenyHosts daemon is now running, pid: 7663
2007-06-06 08:53:31,484 - denyhosts : INFO send daemon process a TERM signal to terminate cleanly
2007-06-06 08:53:31,485 - denyhosts : INFO eg. kill -TERM 7663
2007-06-06 08:53:31,485 - denyhosts : INFO monitoring log: /var/log/auth.log
2007-06-06 08:53:31,486 - denyhosts : INFO sync_time: 3600
2007-06-06 08:53:31,486 - denyhosts : INFO purgin...

Read more...

Michael Sebastian (msebast2) wrote :

This problem only happened for me on feisty.
denyhosts installed and started working just fine on both Gutsy and Hardy.

Sol Jerome (solj) wrote :

Denyhosts won't start for me on hardy

root@blah:~# /usr/sbin/denyhosts
Could not find environment variable: HOSTNAME
root@blah:~# /etc/init.d/denyhosts start
 * Starting DenyHosts denyhosts
   ...done.
root@blah:~# ps aux | grep denyhosts
root@blah:~#

Michael Sebastian (msebast2) wrote :

Ices,
Do you have the /etc/hosts.deny file on your system?

Sol Jerome (solj) wrote :

yes...

root@blah:~# cat /etc/hosts.deny
# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
# See the manual pages hosts_access(5) and hosts_options(5).
#
# Example: ALL: some.host.name, .some.domain
# ALL EXCEPT in.fingerd: other.host.name, .other.domain
#
# If you're going to protect the portmapper use the name "portmap" for the
# daemon name. Remember that you can only use the keyword "ALL" and IP
# addresses (NOT host or domain names) for the portmapper, as well as for
# rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8)
# for further information.
#
# The PARANOID wildcard matches any host whose name does not match its
# address.

# You may wish to enable this to ensure any programs that don't
# validate looked up hostnames still leave understandable logs. In past
# versions of Debian this has been the default.
# ALL: PARANOID

but this is obviously not working...

root@blah:~# grep -i failed /var/log/auth.log |grep sshd | wc -l
1592

electron257 (electron257) wrote :

Hi,

I had a similar problem.
I solved replacing the line

 SMTP_SUBJECT = DenyHosts Report from $[HOSTNAME]

with

SMTP_SUBJECT = DenyHosts Report from $HOSTNAME

Hoping it helps...

Sol Jerome (solj) wrote :

The SMTP_SUBJECT modification above for denyhosts.conf worked for me.

Thanks electron257

Daniel T Chen (crimsun) wrote :

Is this symptom still reproducible in 8.10 alpha?

Changed in denyhosts:
importance: Undecided → Medium
status: New → Incomplete

no idea> From: <email address hidden>> To: <email address hidden>> Date: Sat, 20 Sep 2008 22:53:12 +0000> Subject: [Bug 87898] Re: denyhosts package causing problems> > Is this symptom still reproducible in 8.10 alpha?> > ** Changed in: denyhosts (Ubuntu)> Importance: Undecided => Medium> Status: New => Incomplete> > -- > denyhosts package causing problems> https://bugs.launchpad.net/bugs/87898> You received this bug notification because you are a direct subscriber> of the bug.
_________________________________________________________________
See how Windows connects the people, information, and fun that are part of your life.
http://clk.atdmt.com/MRT/go/msnnkwxp1020093175mrt/direct/01/

Johnathon (kirrus) wrote :

Is this bug still a problem for you?

Michael Sebastian (msebast2) wrote :

I suspect there are really two separate problems.

The missing /etc/hosts.deny seems to have been fixed in Gutsy and Hardy.

I never had an issue with SMTP_SUBJECT (probably because I don't use the email feature?)

Regards,
Michael Sebastian

--- On Mon, 2/23/09, Johnathon <email address hidden> wrote:
From: Johnathon <email address hidden>
Subject: [Bug 87898] Re: denyhosts package causing problems
To: <email address hidden>
Date: Monday, February 23, 2009, 1:30 PM

Is this bug still a problem for you?

--
denyhosts package causing problems
https://bugs.launchpad.net/bugs/87898
You received this bug notification because you are a direct subscriber
of the bug.

Ralph Janke (txwikinger) wrote :

We'd like to figure out what's causing this bug for you, but we haven't heard back from you in a while. Could you please provide the requested information? Thanks!

Johnathon (kirrus) wrote :

Err.. Ralph, there isn't a pending question on this bug, as far as I can see?

Michael Sebastian (msebast2) wrote :

Maybe this bug should be closed?

The cause of the original bug was a missing /etc/hosts.deny file.

This was a Fiesty bug.
I've already confirmed that it is fixed in Hardy and Gutsy.
Does anyone still care about Fiesty bugs?

1 year after the original bug report Sol Jerome came along with an unrelated issue.
If there is still a problem with SMTP_SUBJECT then it should really have it's own bug.

We are closing this bug report because it lacks the information we need to investigate the problem, as described in the previous comments. Please reopen it if you can give us the missing information, and don't hesitate to submit bug reports in the future. To reopen the bug report you can click on the current status, under the Status column, and change the Status back to "New". Thanks again!

Changed in denyhosts (Ubuntu):
status: Incomplete → Invalid

Thank you for taking the time to report this bug and helping to make Ubuntu better. My apologies as I should not have marked this Invalid. The issue that you reported is one that should be reproducible with the live environment of the Desktop CD of the development release - Maverick Meerkat. It would help us greatly if you could test with it so we can work on getting it fixed in the next release of Ubuntu. You can find out more about the development release at http://www.ubuntu.com/testing/ . Thanks again and we appreciate your help.

Changed in denyhosts (Ubuntu):
status: Invalid → Incomplete
Michael Sebastian (msebast2) wrote :

This is not incomplete. All requested information has been provided.
This is not invalid. It was a real bug in Feisty.

It is obsolete. Does anyone really care about a problem in Feisty?
I'm sure Feisty is no longer supported.

I've already confimed:
> The missing /etc/hosts.deny seems to have been fixed in Gutsy and Hardy.

I don't see any reason to confirm the fix on every new Ubuntu release. I think
it is safe to assume the fix is permanent.

Why is this bug from 2007 still open?
Is anyone going to update the Fiesty package to fix the problem?
Can someone please close this?

Thanks.

Johnathon (kirrus) wrote :

I've marked invalid. If one of the core triagers see it, they can mark "Won't Fix". Safe to leave this one as invalid now, unless this particular bug re-occurs, please file a new one.

Changed in denyhosts (Ubuntu):
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers