Debian 9 failed to install fail2ban

Discussion in 'Installation/Configuration' started by uniQ, Jan 9, 2018.

  1. uniQ

    uniQ New Member

    Hi folks,
    I'm having trouble installing fail2ban on my new Debian 9 server. Following the instructions from https://www.howtoforge.com/tutorial...-stretch-apache-bind-dovecot-ispconfig-3-1/2/, I'm getting the following errors:

    Code:
    root@XXXXXXXX:~# apt-get install fail2ban
Paketlisten werden gelesen... Fertig
Abhängigkeitsbaum wird aufgebaut.
Statusinformationen werden eingelesen.... Fertig
Vorgeschlagene Pakete:
  system-log-daemon monit
Die folgenden NEUEN Pakete werden installiert:
  fail2ban
0 aktualisiert, 1 neu installiert, 0 zu entfernen und 0 nicht aktualisiert.
Es müssen noch 0 B von 288 kB an Archiven heruntergeladen werden.
Nach dieser Operation werden 1.321 kB Plattenplatz zusätzlich benutzt.
Vormals nicht ausgewähltes Paket fail2ban wird gewählt.
(Lese Datenbank ... 55291 Dateien und Verzeichnisse sind derzeit installiert.)
Vorbereitung zum Entpacken von .../fail2ban_0.9.6-2_all.deb ...
Entpacken von fail2ban (0.9.6-2) ...
fail2ban (0.9.6-2) wird eingerichtet ...
Job for fail2ban.service failed because the control process exited with error code.
See "systemctl status fail2ban.service" and "journalctl -xe" for details.
invoke-rc.d: initscript fail2ban, action "start" failed.
● fail2ban.service - Fail2Ban Service
   Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
   Active: activating (auto-restart) (Result: exit-code) since Tue 2018-01-09 13:00:26 CET; 15ms ago
     Docs: man:fail2ban(1)
  Process: 1100 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)
dpkg: Fehler beim Bearbeiten des Paketes fail2ban (--configure):
Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurück
Trigger für systemd (232-25+deb9u1) werden verarbeitet ...
Trigger für man-db (2.7.6.1-2) werden verarbeitet ...
Fehler traten auf beim Bearbeiten von:
fail2ban
E: Sub-process /usr/bin/dpkg returned an error code (1)
root@XXXXXXXX:~# systemctl status fail2ban.service
● fail2ban.service - Fail2Ban Service
   Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Tue 2018-01-09 13:00:29 CET; 15s ago
     Docs: man:fail2ban(1)
  Process: 2017 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)
root@XXXXXXXX:~# cat /var/log/fail2ban.log
root@XXXXXXXX:~#
     
    Last edited: Jan 10, 2018
    uniQ, Jan 9, 2018
    #1
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    You can get english error messages, maybe more useful in this English forum like this:
    Code:
    LANG=C apt-get install fail2ban
    Try downloading the .deb file for file2ban and installing it with
    Code:
    dpkg --install fail2ban*.deb
     
    Taleman, Jan 10, 2018
    #2
  3. uniQ

    uniQ New Member

    Changing the language doesn't seem to work, I will look into this later.

    This is what I found out so far:
    Code:
    journalctl -ru fail2ban
-- Logs begin at Tue 2018-01-09 12:59:38 CET, end at Thu 2018-01-11 10:18:38 CET. --
Jan 11 10:18:38 XXXXXXXXXXXXX.net fail2ban-client[12497]: ERROR  Failed during configuration: Have not found any log file for sshd jail
Jan 11 10:18:38 XXXXXXXXXXXXX.net fail2ban-client[12497]: ERROR  No file(s) found for glob /var/log/auth.log
     
    uniQ, Jan 11, 2018
    #3
  4. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Were the files in /etc/fail2ban modified already? My guess is fail2ban is doing something odd now, and configuration files may be the culprit.
    Backup the /etc/fail2ban directory just in case. Then do
    Code:
    apt-get purge fail2ban
apt-get update
apt-get install fail2ban
     
    Taleman, Jan 11, 2018
    #4
  5. uniQ

    uniQ New Member

    No modifications were made, the server is vanilla.
    I tried this, reinstalled fail2ban and got the following error message:
    Code:
    Created symlink /etc/systemd/system/multi-user.target.wants/fail2ban.service → /lib/systemd/system/fail2ban.service.
Job for fail2ban.service failed because the control process exited with error code.
See "systemctl status fail2ban.service" and "journalctl -xe" for details.
invoke-rc.d: initscript fail2ban, action "start" failed.
● fail2ban.service - Fail2Ban Service
  Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
  Active: activating (auto-restart) (Result: exit-code) since Fri 2018-01-12 09:25:03 CET; 37ms ago
  Docs: man:fail2ban(1)
  Process: 19048 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=255)
     
    uniQ, Jan 12, 2018
    #5
  6. sjau

    sjau Local Meanie Moderator

    Among the errors it can't find /var/log/auth.log - that is indeed strange... does auth.log exist?
     
    sjau, Jan 12, 2018
    #6
  7. uniQ

    uniQ New Member

    Actually no, it doesn't exist.
     
    uniQ, Jan 12, 2018
    #7
  8. sjau

    sjau Local Meanie Moderator

    not having auth.log is really strange... you should have one even if you did a minimal debian installation.
     
    sjau, Jan 12, 2018
    #8
  9. uniQ

    uniQ New Member

    Solved the issue. rsyslog wasn't installed properly, so I purged fail2ban, reinstalled rsyslog and finally installed fail2ban and it works now.
     
    uniQ, Jan 13, 2018
    #9

Share This Page