Having trouble starting Denyhosts on Ubuntu 5.10 install went fine. Code: /usr/share/denyhosts# /etc/init.d/denyhosts start starting DenyHosts: /usr/bin/denyhosts.py --daemon --config=/usr/share/denyhosts/denyhosts.cfg Can't read: /private/var/log/system.log [Errno 2] No such file or directory: '/private/var/log/system.log' Error deleting DenyHosts lock file: /var/run/denyhosts.pid [Errno 2] No such file or directory: '/var/run/denyhosts.pid' Any ideas. I've tried setting it to the Red Hat/Fedora settings but those don't work either.
It comes standard with Denyhosts 2.4b I tried to get fancy and install the most current version of Denyhosts 2.4b. The Log file in denyhosts.cfg: Code: SECURE_LOG = /var/log/auth.log Could it be a permission fiasco or what?
All Good! Falko, Apparently my denyhosts.cfg had: Code: # # Mac OS X (v10.3 or earlier): SECURE_LOG=/private/var/log/system.log # ######################################################################## Should have been: Code: # # Mac OS X (v10.3 or earlier): # SECURE_LOG=/private/var/log/system.log # ######################################################################## Running Ubuntu not Max OS X so there you are, started up like a charm. Jorge
Cool, I had the same problem when installing 2.5 instead of 2.0 as used in the HowTo (perhaps a quick pdate of the HowTo is in order?) Anyway, here's a quick question: how do I upgrade my existing version; simple reinstall using the HowTo instructions and tweak them for 2.5?
I also installed 2.5, but my error is Code: starting DenyHosts: /usr/bin/env python /usr/bin/denyhosts.py --daemon --config=/usr/share/denyhosts/denyhosts.cfg Can't read: /var/log/auth.log [Errno 2] No such file or directory: '/var/log/auth.log' Error deleting DenyHosts lock file: /var/run/denyhosts.pid [Errno 2] No such file or directory: '/var/run/denyhosts.pid' appearently there is no /var/log/auth.log on my Sarge. Any clues??
Code: drwxr-xr-x 2 root root 1024 Nov 26 02:42 apache2 -rw-r--r-- 1 root root 18670 Nov 24 09:38 aptitude -rw-r--r-- 1 root root 456 Nov 14 02:42 aptitude.1.gz -rw-r--r-- 1 root root 0 Oct 23 17:18 boot.log -rw-rw-r-- 1 root utmp 0 Nov 14 02:42 btmp -rw-rw-r-- 1 root utmp 0 Oct 19 10:20 btmp.1 -rw-r--r-- 1 root root 346528 Nov 27 11:30 cron -rw-r--r-- 1 root root 12978 Nov 24 17:01 denyhosts -rw-r--r-- 1 root root 68 Nov 24 15:56 dmesg drwxr-s--- 2 Debian-exim adm 1024 Nov 22 13:46 exim4 -rw-r--r-- 1 root root 600 Nov 13 16:59 fontconfig.log drwxr-xr-x 2 root root 1024 Nov 27 01:32 httpd -rw-r--r-- 1 root root 29029 Nov 24 13:07 ispconfig_install.log drwxr-xr-x 2 root root 1024 Oct 19 10:20 ksymoops -rw-rw-r-- 1 root utmp 3504584 Nov 27 11:19 lastlog -rw-r--r-- 1 root root 0 Nov 26 03:57 lp-acct -rw-r--r-- 1 root root 0 Nov 21 15:14 lp-acct.0 -rw-r--r-- 1 root root 0 Nov 26 03:57 lp-errs -rw-r--r-- 1 root root 0 Nov 21 15:14 lp-errs.0 -rw-r--r-- 1 root root 256507 Nov 27 02:42 maillog -rw-r--r-- 1 root root 0 Nov 26 02:42 messages -rw-r--r-- 1 root root 30538 Nov 26 02:42 messages.1.gz -rw-r--r-- 1 root root 15217 Nov 19 02:43 messages.2.gz -rw-r--r-- 1 root root 10077 Nov 14 02:42 messages.3.gz drwxr-s--- 2 mysql adm 1024 Nov 27 02:42 mysql -rw-r----- 1 root adm 0 Nov 27 02:42 mysql.err -rw-r----- 1 root adm 20 Nov 27 02:42 mysql.err.1.gz -rw-r----- 1 root adm 20 Nov 26 02:42 mysql.err.2.gz -rw-r----- 1 root adm 20 Nov 25 02:42 mysql.err.3.gz -rw-r----- 1 root adm 20 Nov 24 02:42 mysql.err.4.gz -rw-r----- 1 root adm 20 Nov 23 02:42 mysql.err.5.gz -rw-r----- 1 root adm 20 Nov 22 02:42 mysql.err.6.gz -rw-r----- 1 root adm 20 Nov 21 02:42 mysql.err.7.gz -rw-r----- 1 mysql adm 0 Nov 27 02:42 mysql.log -rw-r----- 1 mysql adm 20 Nov 27 02:42 mysql.log.1.gz -rw-r----- 1 mysql adm 20 Nov 26 02:42 mysql.log.2.gz -rw-r----- 1 mysql adm 20 Nov 25 02:42 mysql.log.3.gz -rw-r----- 1 mysql adm 20 Nov 24 02:42 mysql.log.4.gz -rw-r----- 1 mysql adm 20 Nov 23 02:42 mysql.log.5.gz -rw-r----- 1 mysql adm 20 Nov 22 02:42 mysql.log.6.gz -rw-r----- 1 mysql adm 20 Nov 21 02:42 mysql.log.7.gz drwxr-xr-x 2 root root 1024 Oct 1 2004 news -rw-r--r-- 1 root root 10151 Nov 24 16:38 secure -rw-r--r-- 1 root root 0 Oct 23 17:18 spooler -rw-rw-r-- 1 root utmp 138624 Nov 27 11:19 wtmp -rw-rw-r-- 1 root utmp 34560 Nov 14 00:49 wtmp.1 -rw-r--r-- 1 root root 0 Nov 26 23:59 xferlog
There's no /var/log/auth.log, and apparently /var/run is also missing. Did you maybe delete them? Because they exist on a standard Debian installation.
I'm using VPS (Virtuozzo virtual server) system and my Sarge was preinstalled, I just continued "perfect sarge howto" with packages installs... What could/should I do?
Code: daemon.*;*.=notice;*.=warn;\ *.info;mail.none;authpriv.none;cron.none -/var/log/messages authpriv.* -/var/log/secure mail.* -/var/log/maillog cron.* -/var/log/cron *.emerg * uucp,news.crit -/var/log/spooler local7.* -/var/log/boot.log
Code: daemon.*;*.=notice;*.=warn;\ *.info;mail.none;authpriv.none;cron.none -/var/log/messages authpriv.* -/var/log/secure mail.* -/var/log/maillog cron.* -/var/log/cron *.emerg * uucp,news.crit -/var/log/spooler local7.* -/var/log/boot.log my /var/log/secure doesn't contain logs of SSH connections, all lines are like : Dec 5 13:55:25 localhost proftpd[23679] ..... any clues how/where to look for log of SSH connects as DenyHosts has blocked 3 IP's and I want to investigate why
You could add Code: auth,authpriv.* /var/log/auth.log to /etc/syslog.conf and run Code: /etc/init.d/sysklogd restart The login attempts should then be logged in /var/log/auth.log.