1

On CentOS7 I have the fail2ban-client working flawlessly, as it bans ips on failed logins as configured, but when I look at its systemctl status it shows as if it wouldn't be active or in failed state if I tried to start fail2ban by systemctl.

$ sudo fail2ban-client start
37,359 fail2ban.server         [19559]: INFO    Starting Fail2ban v0.9.7
37,359 fail2ban.server         [19559]: INFO    Starting in daemon mode
$ sudo fail2ban-client status
Status
|- Number of jail:      14
`- Jail list:   apache-auth, ...
$ sudo systemctl status fail2ban -l
● fail2ban.service - Fail2Ban Service
   Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; disabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/fail2ban.service.d
           └─limit.conf
   Active: inactive (dead)
     Docs: man:fail2ban(1)
$ sudo fail2ban-client stop
Shutdown successful
$ sudo systemctl start fail2ban
Job for fail2ban.service failed because a fatal signal was delivered to the control process. See "systemctl status fail2ban.service" and "journalctl -xe" for details.
$ sudo systemctl status fail2ban -l
● fail2ban.service - Fail2Ban Service
   Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; disabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/fail2ban.service.d
           └─limit.conf
   Active: failed (Result: start-limit) since Wed 2019-01-30 18:56:50 CET; 11s ago
     Docs: man:fail2ban(1)
  Process: 20154 ExecStartPre=/bin/mkdir -p /var/run/fail2ban (code=killed, signal=SEGV)
systemd[1]: fail2ban.service: control process exited, code=killed status=11
systemd[1]: Failed to start Fail2Ban Service.
systemd[1]: Unit fail2ban.service entered failed state.
systemd[1]: fail2ban.service failed.
systemd[1]: fail2ban.service holdoff time over, scheduling restart.
systemd[1]: Stopped Fail2Ban Service.
systemd[1]: start request repeated too quickly for fail2ban.service
systemd[1]: Failed to start Fail2Ban Service.
systemd[1]: Unit fail2ban.service entered failed state.
systemd[1]: fail2ban.service failed.

/var/log/fail2ban.log shows no more details than the above systemctl status fail2ban -l. Why doesn't it start by systemctl?

obeliksz
  • 183
  • 2
  • 12

2 Answers2

2

The correct way to add fail2ban to systemctl is look like:

fail2ban-client stop
systemctl enable fail2ban
systemctl start fail2ban
Thomas
  • 4,225
  • 5
  • 23
  • 28
Rhezashan
  • 21
  • 2
0

I experienced same problem where service fail2ban start won't work but 'fail2ban-client -x start' works, but when i try to 'service fail2ban status' it shows that fail2ban fail to start. I found the way how to fix, Try this

fail2ban-client -x stop

and then 

service fail2ban start

The expected result will as below:

fail2ban.service - Fail2Ban Service Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled) Active: active (running)

Hope it helps.

Adi
  • 11
  • 1