How to run fail2ban on Amazon Linux - No module named fail2ban.version

Question

I installed fail2ban using this command on Amazon Linux

yum install fail2ban

My epel repository is defined as

mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch

I got this error when I tried to start the service

service fail2ban start
Starting fail2ban: Traceback (most recent call last):
  File "/usr/bin/fail2ban-client", line 37, in <module>
    from fail2ban.version import version
ImportError: No module named fail2ban.version

I've tried this fix in this bug report using this diff, which isn't merged into the script I have. It didn't make any difference. I've tried also tried this but I have no idea how it's meant to work, if you're meant to run anything, etc.

Can anyone suggest how to get fail2ban to work on Amazon Linux?

Note below is what was installed with fail2ban

Answer 1

I figured this out. Short version: you want the version from the amzn-main repo, not the epel repo.

If you have the epel repo installed you disable it when you do the yum install

yum --disablerepo epel install fail2ban

I figured this out by starting an ec2 spot instance and installing fail2ban on a clean instance. I noticed that it came from a different repo. I had to uninstall the epel version from my main instance and then remove the /etc/fail2ban directory before I installed the amazon version.

The Amazon version is currently on 0.8.10-3.6.amzn1, which is called "very stable" on the fail2ban page. This is one of the major disadvantages of Amazon Linux over something like Ubuntu - old packages.