Skip to main content
Topic solved
This topic has been marked as solved and requires no further attention.
Topic: [SOLVED} fail2ban config files and log files reference an error with systemd... (Read 1133 times) previous topic - next topic
0 Members and 1 Guest are viewing this topic.

[SOLVED} fail2ban config files and log files reference an error with systemd...

Hi all, I installed the fail2ban and fail2ban-runit packages a while back but never took the time to set them up, as it just showed as running whenever I used my status monitoring tool, rsm.

Upon trying to set up my first jail, fail2ban throws an error that referenes systemd in its log files:

Code: [Select]
2022-09-04 05:50:20,956 fail2ban.server         [1243]: INFO    Starting Fail2ban v0.11.2
2022-09-04 05:50:20,956 fail2ban.observer       [1243]: INFO    Observer start...
2022-09-04 05:50:20,959 fail2ban.database       [1243]: INFO    Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'
2022-09-04 05:50:20,960 fail2ban.jail           [1243]: INFO    Creating new jail 'sshd'
2022-09-04 05:50:21,222 fail2ban.jail           [1243]: ERROR   Backend 'systemd' failed to initialize due to No module named 'systemd'
2022-09-04 05:50:21,222 fail2ban.jail           [1243]: ERROR   Failed to initialize any backend for Jail 'sshd'
LONG XML STRING HERE...
2022-09-04 05:50:21,222 fail2ban                [1243]: ERROR   NOK: ("Failed to initialize any backend for Jail 'sshd'",)
2022-09-04 05:52:46,712 fail2ban.server         [1243]: INFO    Shutdown in progress...
2022-09-04 05:52:46,713 fail2ban.observer       [1243]: INFO    Observer stop ... try to end queue 5 seconds
2022-09-04 05:52:46,733 fail2ban.observer       [1243]: INFO    Observer stopped, 0 events remaining.
2022-09-04 05:52:46,773 fail2ban.server         [1243]: INFO    Stopping all jails
2022-09-04 05:52:46,774 fail2ban.database       [1243]: INFO    Connection to database closed.
2022-09-04 05:52:46,774 fail2ban.server         [1243]: INFO    Exiting Fail2ban

I noticed that when I navigated to the /etc/fail2ban directory and did a rg search for systemd, there were quite  a few references to systemd in its configuration files. I also came across this link in these forums where an Artix-runit user referenced having to change the configuration files, but gave no specifics:

https://forum.artixlinux.org/index.php/topic,3723.0.html

Does anyone have any insights into this? The service is running, but obviously I can't set up any jails in fail2ban. Any help would be greatly appreciated. Thank you!

Re: fail2ban config files and log files reference an error with systemd...

Reply #1
I'm not exactly a fail2ban source code expert, but here are my guesses and excerpts of info:

There are multiple backends you can use for Jails, from ./config/jail.conf in the source tree:
Quote
# "backend" specifies the backend used to get files modification.
# Available options are "pyinotify", "gamin", "polling", "systemd" and "auto".
# This option can be overridden in each jail as well.
#
# pyinotify: requires pyinotify (a file alteration monitor) to be installed.
#              If pyinotify is not installed, Fail2ban will use auto.
# gamin:     requires Gamin (a file alteration monitor) to be installed.
#              If Gamin is not installed, Fail2ban will use auto.
# polling:   uses a polling algorithm which does not require external libraries.
# systemd:   uses systemd python library to access the systemd journal.
#              Specifying "logpath" is not valid for this backend.
#              See "journalmatch" in the jails associated filter config
# auto:      will try to use the following backends, in order:
#              pyinotify, gamin, polling.
#
# Note: if systemd backend is chosen as the default but you enable a jail
#       for which logs are present only in its own log files, specify some other
#       backend for that jail (e.g. polling) and provide empty value for
#       journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200
backend = auto

>Backend 'systemd' failed to initialize due to No module named 'systemd'
>Failed to initialize any backend for Jail 'sshd'
This is the code:
Code: [Select]
                        for b in backends:
                        initmethod = getattr(self, '_init%s' % b.capitalize())
                        try:
                                initmethod(**beArgs)
                                if backend != 'auto' and b != backend:
                                        logSys.warning("Could only initiated %r backend whenever "
                                                                   "%r was requested" % (b, backend))
                                else:
                                        logSys.info("Initiated %r backend" % b)
                                self.__actions = Actions(self)
                                return                                  # we are done
                        except ImportError as e: # pragma: no cover
                                # Log debug if auto, but error if specific
                                logSys.log(
                                        logging.DEBUG if backend == "auto" else logging.ERROR,
                                        "Backend %r failed to initialize due to %s" % (b, e))
                # pragma: no cover
                # log error since runtime error message isn't printed, INVALID COMMAND
                logSys.error(
                        "Failed to initialize any backend for Jail %r" % self.name)
                raise RuntimeError(
                        "Failed to initialize any backend for Jail %r" % self.name)

Since there is no "systemd" module, you get the "Backend failed to initialize" error, and since no backend module is loaded for jails, you get the "Failed to initialize any backend for Jail" error.

My guess is that you have to change the "backend" option in jail.conf.

 

Re: fail2ban config files and log files reference an error with systemd...

Reply #2
Yes, that was it, I changed it to polling and it wokred. Thank you so much for pointing out something I should have figured out earlier. This is one of those situations where I should have paid closer attention when i rtfm.

Thank you again!!!