fedora-users October 2011 archive
Main Archive Page > Month Archives  > fedora-users archives
fedora-users: Re: fail2ban vs. logrotate

Re: fail2ban vs. logrotate

From: Mikkel L. Ellertson <mellertson_at_nospam>
Date: Tue Oct 25 2011 - 13:37:35 GMT
To: users@lists.fedoraproject.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/25/2011 12:23 AM, Andre Speelmans wrote:
>> It sounds like fail2ban still has the old log file open. You need to
>> have logrotate tell fail2ban that the log file has changed.
>
> Change the config file for logrotate so that it does not create a new
> file, but that it uses copy-and-truncate. The exact syntax is easily
> found in the man-page.
>
>> Logrotate already does this will other services when it rotates
>> their log file. I am surprised the .rpm did not include the files
>> for logrotate to automatically sent the proper signal to fail2ban.
>
> /var/log/secure is not a daemon specific file, but a general log-file
> and as such does not have a (daemon-) specific rpm. And a general file
> can't send signals to all kinds of daemons that may, or may not run on
> a system.

I was referring to the fail2ban RPM. This has to be a problem for
just about any installation that uses logrotate.

Mikkel
- --

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk6mu58ACgkQqbQrVW3JyMQW3QCeJqMJhzTQ6iEsAt8Yo/b5h1Yo
ax4AmwVlI7NSLBXarL243k/YJEwl1fWi
=xXE+
-----END PGP SIGNATURE-----
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines