Fail2ban does not start after reboot

This problem was identified with the following configuration:
Ubuntu 8.04
fail2ban

Problem: After fail2ban install, everything works fine, but after reboot fail2ban does not start. Manual /etc/init.d/fail2ban restart fails also.

Cause: Fail2ban looks for fail2ban.sock in
/var/run/fail2ban/
During reboot, that directory is removed. Fail2ban assumes it is there and fails on restart.

Solution: Make sure the directory exists during start of fail2ban. Edit the init.d for fail2ban to fix this.
sudo vi /etc/init.d/fail2ban
Find the do_start option.

do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
do_status && return 1

if [ -e "$SOCKFILE" ]; then
log_failure_msg "Socket file $SOCKFILE is present"
[ "$1" = "force-start" ] \
&& log_success_msg "Starting anyway as requested" \
|| return 2
DAEMON_ARGS="$DAEMON_ARGS -x"
fi

start-stop-daemon --start --quiet --chuid root --exec $DAEMON -- \
$DAEMON_ARGS start > /dev/null\
|| return 2

return 0
}

Add the following after the if statement.

# Assure that /var/run/fail2ban exists
[ -d /var/run/fail2ban ] || mkdir -p /var/run/fail2ban


Finally, it should look like this

do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
do_status && return 1

if [ -e "$SOCKFILE" ]; then
log_failure_msg "Socket file $SOCKFILE is present"
[ "$1" = "force-start" ] \
&& log_success_msg "Starting anyway as requested" \
|| return 2
DAEMON_ARGS="$DAEMON_ARGS -x"
fi

# Assure that /var/run/fail2ban exists
[ -d /var/run/fail2ban ] || mkdir -p /var/run/fail2ban

start-stop-daemon --start --quiet --chuid root --exec $DAEMON -- \
$DAEMON_ARGS start > /dev/null\
|| return 2

return 0
}

Now restart and it should work.

sudo /etc/init.d/fail2ban restart

Just for kicks, see how /var/run has the newly created fail2ban directory.

sudo ls /var/run

3 thoughts on “Fail2ban does not start after reboot”

Leave a Reply

Your email address will not be published.