Menu

#35 Directory /var/run/fail2ban should be created

open
nobody
None
5
2008-07-08
2008-07-08
Kees Bakker
No

Since update 0.8.2 the PID file (and sock) has been placed in the directory /var/run/fail2ban/. That's OK.

However, it would be better (if you ask me) if the fail2ban-server created that directory if it does not exist. Right now it fails and quits if the directory is not present. That is a Bad Thing. It may happen unnoticed.

There is an alternative (adding the mkdir in the init script), but that means each distribution has to take care of it. And users will have to wait till the distribution maintainer becomes aware of this problem. It takes too long. (For example, Ubuntu has a problem for several months now, and there is no sign of a fix.)

Note, that the directory /var/run/fail2ban can be deleted on some systems (I think the logrotate process could cause it.) From fail2ban point of view it may seems like someone else's problem, but creating the directory in server/server.py makes it more failsafe.

Discussion

  • Christopher  Grieb

    For our OS X package, we simply patched the 'fail2ban-client' script to crate the directory if needed rather then rely on the init entry (launchd) to handle it - it's not elegant for launchd to be looking for and creating pid run directories.

     
  • Christopher  Grieb

    For our OS X package, we simply patched the 'fail2ban-client' script to crate the directory if needed rather then rely on the init entry (launchd) to handle it - it's not elegant for launchd to be looking for and creating pid run directories.

     
  • Christopher  Grieb

    For our OS X package, we simply patched the 'fail2ban-client' script to crate the directory if needed rather then rely on the init entry (launchd) to handle it - it's not elegant for launchd to be looking for and creating pid run directories.

     
  • Christopher  Grieb

    For our OS X package, we simply patched the 'fail2ban-client' script to crate the directory if needed rather then rely on the init entry (launchd) to handle it - it's not elegant for launchd to be looking for and creating pid run directories.

     
  • Christopher  Grieb

    For our OS X package, we simply patched the 'fail2ban-client' script to crate the directory if needed rather then rely on the init entry (launchd) to handle it - it's not elegant for launchd to be looking for and creating pid run directories.

     
  • Andy Fragen

    Andy Fragen - 2009-09-24

    I installed 0.8.4 and the bug still exists. What I did was create another /System/Library/LaunchDaemons plist whose command is 'mkdir /var/run/fail2ban'

    It's set to run at load.

     

Log in to post a comment.