Hi all, I installed the fail2ban and fail2ban-runit packages a while back but never took the time to set them up, as it just showed as running whenever I used my status monitoring tool, rsm.
Upon trying to set up my first jail, fail2ban throws an error that referenes systemd in its log files:
2022-09-04 05:50:20,956 fail2ban.server [1243]: INFO Starting Fail2ban v0.11.2
2022-09-04 05:50:20,956 fail2ban.observer [1243]: INFO Observer start...
2022-09-04 05:50:20,959 fail2ban.database [1243]: INFO Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
2022-09-04 05:50:20,960 fail2ban.jail [1243]: INFO Creating new jail 'sshd'
2022-09-04 05:50:21,222 fail2ban.jail [1243]: ERROR Backend 'systemd' failed to initialize due to No module named 'systemd'
2022-09-04 05:50:21,222 fail2ban.jail [1243]: ERROR Failed to initialize any backend for Jail 'sshd'
LONG XML STRING HERE...
2022-09-04 05:50:21,222 fail2ban [1243]: ERROR NOK: ("Failed to initialize any backend for Jail 'sshd'",)
2022-09-04 05:52:46,712 fail2ban.server [1243]: INFO Shutdown in progress...
2022-09-04 05:52:46,713 fail2ban.observer [1243]: INFO Observer stop ... try to end queue 5 seconds
2022-09-04 05:52:46,733 fail2ban.observer [1243]: INFO Observer stopped, 0 events remaining.
2022-09-04 05:52:46,773 fail2ban.server [1243]: INFO Stopping all jails
2022-09-04 05:52:46,774 fail2ban.database [1243]: INFO Connection to database closed.
2022-09-04 05:52:46,774 fail2ban.server [1243]: INFO Exiting Fail2ban
I noticed that when I navigated to the /etc/fail2ban directory and did a rg search for systemd, there were quite a few references to systemd in its configuration files. I also came across this link in these forums where an Artix-runit user referenced having to change the configuration files, but gave no specifics:
https://forum.artixlinux.org/index.php/topic,3723.0.html
Does anyone have any insights into this? The service is running, but obviously I can't set up any jails in fail2ban. Any help would be greatly appreciated. Thank you!
I'm not exactly a fail2ban source code expert, but here are my guesses and excerpts of info:
There are multiple backends you can use for Jails, from ./config/jail.conf in the source tree:
>Backend 'systemd' failed to initialize due to No module named 'systemd'
>Failed to initialize any backend for Jail 'sshd'
This is the code:
for b in backends:
initmethod = getattr(self, '_init%s' % b.capitalize())
try:
initmethod(**beArgs)
if backend != 'auto' and b != backend:
logSys.warning("Could only initiated %r backend whenever "
"%r was requested" % (b, backend))
else:
logSys.info("Initiated %r backend" % b)
self.__actions = Actions(self)
return # we are done
except ImportError as e: # pragma: no cover
# Log debug if auto, but error if specific
logSys.log(
logging.DEBUG if backend == "auto" else logging.ERROR,
"Backend %r failed to initialize due to %s" % (b, e))
# pragma: no cover
# log error since runtime error message isn't printed, INVALID COMMAND
logSys.error(
"Failed to initialize any backend for Jail %r" % self.name)
raise RuntimeError(
"Failed to initialize any backend for Jail %r" % self.name)
Since there is no "systemd" module, you get the "Backend failed to initialize" error, and since no backend module is loaded for jails, you get the "Failed to initialize any backend for Jail" error.
My guess is that you have to change the "backend" option in jail.conf.
Yes, that was it, I changed it to polling and it wokred. Thank you so much for pointing out something I should have figured out earlier. This is one of those situations where I should have paid closer attention when i rtfm.
Thank you again!!!