default config in noble prevents start of fail2ban
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
fail2ban (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
While installing fail2ban, apt shows these warning:
Setting up fail2ban (1.0.2-3) ...
/usr/lib/
"1490349000 test failed.dns.ch", "^\s*test <F-ID>\S+</F-ID>"
/usr/lib/
'^'+prefix+
/usr/lib/
'^'+prefix+'User <F-USER>
/usr/lib/
'^'+prefix+
/usr/lib/
_test_
/usr/lib/
'common[
/usr/lib/
"`{ nft -a list chain inet f2b-table f2b-chain | grep -oP '@addr-
/usr/lib/
"`{ nft -a list chain inet f2b-table f2b-chain | grep -oP '@addr6-
/usr/lib/
"`{ nft -a list chain inet f2b-table f2b-chain | grep -oP '@addr-
/usr/lib/
"`{ nft -a list chain inet f2b-table f2b-chain | grep -oP '@addr6-
Created symlink /etc/systemd/
and after installation, fail2ban fails to start:
# systemctl status fail2ban
× fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/
Active: failed (Result: exit-code) since Mon 2024-04-29 11:40:44 EDT; 6min ago
Duration: 155ms
Docs: man:fail2ban(1)
Process: 231600 ExecStart=
Main PID: 231600 (code=exited, status=
CPU: 144ms
Apr 29 11:40:44 prod systemd[1]: Started fail2ban.service - Fail2Ban Service.
Apr 29 11:40:44 prod fail2ban-
Apr 29 11:40:44 prod fail2ban-
Apr 29 11:40:44 prod systemd[1]: fail2ban.service: Main process exited, code=exited, status=
Apr 29 11:40:44 prod systemd[1]: fail2ban.service: Failed with result 'exit-code'.
Sysadmins have been used to having fail2ban block offenders on the default config and might naturally assume some degree of protection by simply installing the package. The actual behaviour however does not match their expectations.
information type: | Private Security → Public |
Status changed to 'Confirmed' because the bug affects multiple users.