Fail2ban无法在Centos 7上启动。缺少/ var / log / secure文件

0

几天前我买了vps并安装了Centos 7。现在我正在尝试为ssh设置fail2ban。我安装了epel-release。Iptables默认使用。当我尝试启动fail2ban时,这就是我得到的:

 Job for fail2ban.service failed because the control process exited with error code. See "systemctl status fail2ban.service" and "journalctl -xe" for details.

fail2ban启动的调试:

[root@server ~]# /usr/bin/fail2ban-client -v -v start
INFO   Loading configs for fail2ban under /etc/fail2ban
DEBUG  Reading configs for fail2ban under /etc/fail2ban
DEBUG  Reading config files: /etc/fail2ban/fail2ban.conf
INFO     Loading files: ['/etc/fail2ban/fail2ban.conf']
INFO     Loading files: ['/etc/fail2ban/fail2ban.conf']
INFO   Using socket file /var/run/fail2ban/fail2ban.sock
INFO   Loading configs for jail under /etc/fail2ban
DEBUG  Reading configs for jail under /etc/fail2ban
DEBUG  Reading config files: /etc/fail2ban/jail.conf,/etc/fail2ban/jail.d/00-firewalld.conf, /etc/fail2ban/jail.local
INFO     Loading files: ['/etc/fail2ban/jail.conf']
INFO     Loading files: ['/etc/fail2ban/paths-fedora.conf']
INFO     Loading files: ['/etc/fail2ban/paths-common.conf']
INFO     Loading files: ['/etc/fail2ban/paths-overrides.local']
INFO     Loading files: ['/etc/fail2ban/jail.d/00-firewalld.conf']
INFO     Loading files: ['/etc/fail2ban/jail.local']
INFO     Loading files: ['/etc/fail2ban/paths-common.conf', '/etc/fail2ban/paths-fedora.conf', '/etc/fail2ban/jail.conf', '/etc/fail2ban/jail.d/00-firewalld.conf', '/etc/fail2ban/jail.local']
INFO   Loading configs for filter.d/sshd under /etc/fail2ban
DEBUG  Reading configs for filter.d/sshd under /etc/fail2ban
DEBUG  Reading config files: /etc/fail2ban/filter.d/sshd.conf
INFO     Loading files: ['/etc/fail2ban/filter.d/sshd.conf']
INFO     Loading files: ['/etc/fail2ban/filter.d/common.conf']
INFO     Loading files: ['/etc/fail2ban/filter.d/common.local']
INFO     Loading files: ['/etc/fail2ban/filter.d/common.conf', '/etc/fail2ban/filter.d/sshd.conf']
INFO   Loading configs for action.d/iptables-multiport under /etc/fail2ban
DEBUG  Reading configs for action.d/iptables-multiport under /etc/fail2ban
DEBUG  Reading config files: /etc/fail2ban/action.d/iptables-multiport.conf
INFO     Loading files: ['/etc/fail2ban/action.d/iptables-multiport.conf']
INFO     Loading files: ['/etc/fail2ban/action.d/iptables-common.conf']
INFO     Loading files: ['/etc/fail2ban/action.d/iptables-blocktype.local']
INFO     Loading files: ['/etc/fail2ban/action.d/iptables-common.local']
INFO     Loading files: ['/etc/fail2ban/action.d/iptables-common.conf', '/etc/fail2ban/action.d/iptables-multiport.conf']
ERROR  No file(s) found for glob /var/log/secure
ERROR  Failed during configuration: Have not found any log file for sshd jail

我试图重新安装iptables,但仍然在全新安装后我缺少安全日志文件。它可能是由vps提供商设置引起的?

ssh  centos  iptables  vps  fail2ban 
清醒
source
这似乎与报告的错误有关:github.com/fail2ban/fail2ban/issues/1372报告中的一些解决方案可能适合您。
弗兰克托马斯

Answers:

0

为什么不创建丢失的文件?

touch /var/log/secure
chown root. /var/log/secure
chmod 0600 /var/log/secure

然后:

systemctl restart fail2ban.service

/var/log/secure来自rsyslog。确保您已authpriv.* /var/log/secure进入/etc/rsyslog.confrsyslog正在运行:

systemctl status rsyslog
Deltik
source
我一直在想念rsyslog包。我以为它是默认安装的。无论如何,谢谢你的帮助。
清醒2016年
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.