Ubuntu
fail2ban package

fail2ban 0.8.7.1-1 fails after log rotation

Bug #1277340 reported by P. Jara
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
fail2ban (Ubuntu)
New
Undecided
Unassigned

Bug Description

After the system rotates the log files, fail2ban 0.8.7.1-1 keeps tracking the old files instead of looking into the new ones.

It is a confirmed bug that affects the default fail2ban of the universe package of Ubuntu 13.04 and there is no way to notice it unless you are tracking what happens after log rotation of auth.log and mail.log. See https://bugzilla.redhat.com/show_bug.cgi?id=833056

I would suggest to either provide a solution for the 0.8.7.1-1 version (which does not involve reloading fail2ban in postrotate as it will kill all previous Bans) or to include a newer version of fail2ban in the universe package of Ubuntu 13.04.

People with this "old" fail2ban 0.8.7.1-1 think they have a more secure system while, after the rotation of log files, fail2ban-server is up but doing nothing.

Thanks

Seth Arnold (seth-arnold)
information type: Private Security → Public
Revision history for this message
Marius Gedminas (mgedmin) wrote :

The RedHat bug points to upstream bug https://github.com/fail2ban/fail2ban/issues/184, which was fixed in https://github.com/fail2ban/fail2ban/commit/f21566049c9e64215dd10091e5d7a999bbffb7cc and released with upstream version 0.8.9.

So, this affects 12.04 LTS but not 14.04 LTS.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.