1

Topic: /var/log/fail2ban.log': open error: Permission denied

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.3.2 MARIADB edition.
- Deployed with iRedMail Easy or the downloadable installer? Installer
- Linux/BSD distribution name and version: Ubuntu 20.04.2
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): NGINX
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Good day.

A fresh install on Ubuntu 20.04 after 1 week (on Mondays) sends a logwatch report with error:

message repeated 5 times: [[origin software="rsyslogd" swVersion="8.2001.0" x-pid="784" x-info="https://www.rsyslog.com"] rsyslogd was HUPed] : 1 Times
     file '/var/log/fail2ban.log': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] : 1 Times

-rw-r-----   1 root      adm                   0 Feb  7 00:00 fail2ban.log
-rw-r-----   1 root      adm                   0 Jan 31 00:00 fail2ban.log.1
-rw-r-----   1 root      adm                  20 Jan 24 00:00 fail2ban.log.2.gz
-rwxr-xr-x   1 syslog    adm                1055 Jan 17 09:41 fail2ban.log.3.gz*

I suppose during fresh install the owner of the file was syslog:adm and after 1 week it changed to root:adm

Changing ownership of that file doesn't help, guess system rewrites it.
Not a big deal, but would like to see less errors in logwatch.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: /var/log/fail2ban.log': open error: Permission denied

Having the same issue here.

Fail2ban sets the owner:group of log file to syslog:syslog but logrotate sets them to root:adm and after logrotate fail2ban can't write to logs anymore.

3

Re: /var/log/fail2ban.log': open error: Permission denied

Check /etc/logrotate.d/fail2ban, does it have correct user/group/permission in "create" line?

4 (edited by dave.opc 2021-02-10 18:42:07)

Re: /var/log/fail2ban.log': open error: Permission denied

Inside the file:
    create 640 root adm

5

Re: /var/log/fail2ban.log': open error: Permission denied

You need to change it to "create 640 syslog adm", or "create 0660 root adm".

6 (edited by dave.opc 2021-02-11 16:10:55)

Re: /var/log/fail2ban.log': open error: Permission denied

ZhangHuangbin wrote:

You need to change it to "create 640 syslog adm", or "create 0660 root adm".

I have changed it to 'create 640 syslog adm'. Will see the result on Monday.
I guess the script downloaded from iredmail web site should be fixed also.

7

Re: /var/log/fail2ban.log': open error: Permission denied

dave.opc wrote:

I guess the script downloaded from iredmail web site should be fixed also.

Yes it's fixed:
https://github.com/iredmail/iRedMail/co … 414639R172

8

Re: /var/log/fail2ban.log': open error: Permission denied

ZhangHuangbin wrote:
dave.opc wrote:

I guess the script downloaded from iredmail web site should be fixed also.

Yes it's fixed:
https://github.com/iredmail/iRedMail/co … 414639R172

I have the same issue and I'm using the latest version up to 15/may/2021

9

Re: /var/log/fail2ban.log': open error: Permission denied

francogp wrote:

I have the same issue and I'm using the latest version up to 15/may/2021

Could you please paste the original error / log for troubleshooting?

10

Re: /var/log/fail2ban.log': open error: Permission denied

ZhangHuangbin wrote:
francogp wrote:

I have the same issue and I'm using the latest version up to 15/may/2021

Could you please paste the original error / log for troubleshooting?

...
---------------------- Postfix End -------------------------


--------------------- rsyslogd Begin ------------------------

Rsyslogd actions suspended:
    action-6-builtin:omfile (builtin:omfile): 2256 Times

Rsyslogd actions resumed
    action-6-builtin:omfile (builtin:omfile): 2050 Times

**** Unmatched entries ****
     file '/var/log/fail2ban.log': open error: Permission denied [v8.2001.0 try https://www.rsyslog.com/e/2433 ] : 1 Times

---------------------- rsyslogd End -------------------------


--------------------- Sudo (secure-log) Begin ------------------------


root => root
------------
/usr/bin/bash                  -  48 Time(s).
/usr/bin/mutt                  -   1 Time(s).

---------------------- Sudo (secure-log) End -------------------------

...