1 Topic by jagoliveira (edited by jagoliveira 2014-08-30 03:18:02)

  • jagoliveira
  • Member
  • Offline
  • Registered: 2014-08-30
  • Posts: 4

Topic: fail2ban, logrotate and IRedMail default conflict

======== Required information ====
- iRedMail version: 0.8.7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Ubuntu 14.04 LTS
- Related log if you're reporting an issue:
====

I'm doing final tests and adjustments before final migration to iRedMail and found that by default IRedMail install sets
-> export FAIL2BAN_LOGTARGET='SYSLOG' on ~/iRedMail-0.8.7/conf/fail2ban
so,
-> /etc/fail2ban/fail2ban.conf has "logtarget = SYSLOG",
but in logrotate,
-> /etc/logrotate.d/fail2ban on the postrotate the logtarget is set to /var/log/fail2ban.log

Please, could someone tell me what could be the the consequences after the first logrotate run?

Thanks

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: fail2ban, logrotate and IRedMail default conflict

Fail2ban is configured to log to syslog, so it's logged in /var/log/messages, not /var/log/fail2ban.log.
File /etc/logrotate.d/fail2ban is created by Ubuntu deb package, not iRedMail.

3 Reply by jagoliveira

  • jagoliveira
  • Member
  • Offline
  • Registered: 2014-08-30
  • Posts: 4

Re: fail2ban, logrotate and IRedMail default conflict

ZhangHuangbin wrote:

Fail2ban is configured to log to syslog, so it's logged in /var/log/messages, not /var/log/fail2ban.log.
File /etc/logrotate.d/fail2ban is created by Ubuntu deb package, not iRedMail.

Dear ZhangHuangbin,
Thanks for your response, it confirms what I found and this way after the first logrotate run the default fail2ban config will change this configuration to /var/log/fail2ban.log, so could you please tell me the right direction in order to avoid this?
Simply deleting /etc/logrotate.d/fail2ban file solve this?

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: fail2ban, logrotate and IRedMail default conflict

Excuse me, i don't understand your point.
Logrotate won't touch Fail2ban config file and change settings, it just rotate log files (/var/log/fail2ban.log in this case).