Fail2ban issues after update or install

My YunoHost server

Hardware: Server model is QEMU Standard PC (i440FX + PIIX, 1996)
Server hardware architecture is kvm amd64
YunoHost version:
- yunohost version: 4.1.6 (stable)
- yunohost-admin version: 4.1.4 (stable)
- moulinette version: 4.1.4 (stable)
- ssowat version: 4.1.3 (stable)
I have access to my server : Through SSH | through the webadmin | with remote VNC if needed
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

Since few days, it seems I have a fail2ban issue, as for each app having a fail2ban configuration, after an update for instance, there is a fail2ban reload error (following this, most yunohost commands are badly responding and systemctl networking service is down)

Note that the update or install works, but I did not find a way than rebooting the server for having networking service correctly working.

as an example I make an update of gitea, but it does the same if I update or install other app

All goes well until almost the end:

/usr/share/yunohost/helpers.d/logging: line 20: message: unbound variable
Jan 21 11:52:02 systemd[1]: Reload failed for Fail2Ban Service.
Jan 21 11:52:02 systemd[1]: fail2ban.service: Control process exited, code=exited, status=255/EXCEPTION
Jan 21 11:52:02 fail2ban-client[2682]: invalid literal for int() with base 10: ''
Jan 21 11:52:02 fail2ban-client[2682]: NOK: ("invalid literal for int() with base 10: ''",)
Jan 21 11:52:02 systemd[1]: Reloading Fail2Ban Service.
Jan 21 11:51:18 systemd[1]: /lib/systemd/system/fail2ban.service:12: PIDFile= references path below legacy directory /var/run/, updating /var/run/fail2ban/fail2ban.pid → /run/fail2ban/fail2ban.pid; please update the unit file accordingly.
Jan 21 00:13:06 systemd[1]: /lib/systemd/system/fail2ban.service:12: PIDFile= references path below legacy directory /var/run/, updating /var/run/fail2ban/fail2ban.pid → /run/fail2ban/fail2ban.pid; please update the unit file accordingly.
Jan 21 00:13:06 systemd[1]: /lib/systemd/system/fail2ban.service:12: PIDFile= references path below legacy directory /var/run/, updating /var/run/fail2ban/fail2ban.pid → /run/fail2ban/fail2ban.pid; please update the unit file accordingly.
Jan 21 00:04:45 systemd[1]: Reload failed for Fail2Ban Service.
Jan 21 00:04:45 systemd[1]: fail2ban.service: Control process exited, code=exited, status=255/EXCEPTION
Jan 21 00:04:45 fail2ban-client[5185]: invalid literal for int() with base 10: ''
Jan 21 00:04:45 fail2ban-client[5185]: NOK: ("invalid literal for int() with base 10: ''",)
Jan 21 00:04:24 systemd[1]: Reloading Fail2Ban Service.
Jan 21 00:04:03 fail2ban-server[723]: Server ready
Jan 21 00:03:57 systemd[1]: Started Fail2Ban Service.
[Error] Jan 21 00:03:57 systemd[1]: Starting Fail2Ban Service...
See "systemctl status fail2ban.service" and "journalctl -xe" for details.
Job for fail2ban.service failed.
Configuring Fail2Ban...

Note: all diagnosis tests are ok

Hmpf can you try this in case that brings more detail about what file is causing the issue

/usr/bin/fail2ban-server -xf --loglevel DEBUG

Hi @Aleks,

thanks for your help

I’ve set up fail2ban.service this way

ExecStart=/usr/bin/fail2ban-server -xf --logtarget=sysout --logleve DEBUG start

I’ve removed/reinstalled gitea to reproduce.
logs are quite big, so I copy to dpaste

at removal here is the fail2ban log

then had to reboot as most yunohost config are unresponsive

at reinstall, it hangs after this

Warning: Reload the service fail2ban
Warning: Job for fail2ban.service failed.
Warning: See "systemctl status fail2ban.service" and "journalctl -xe" for details.
Warning: -- Logs begin at Thu 2021-01-21 16:11:58 GMT, end at Thu 2021-01-21 16:14:25 GMT. --
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   <_RawEvent cookie=0 mask=0x2 name='' wd=2 >
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   Event queue size: 16
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   <_RawEvent cookie=0 mask=0x2 name='' wd=2 >
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   Event queue size: 16
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   <_RawEvent cookie=0 mask=0x2 name='' wd=2 >
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   Event queue size: 16
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   <_RawEvent cookie=0 mask=0x2 name='' wd=2 >
Warning: Jan 21 16:12:27 openmandriva.net systemd[1]: Reloading Fail2Ban Service.
Warning: Jan 21 16:12:28 openmandriva.net fail2ban-server[771]: fail2ban.server         [771]: INFO    Reload all jails
Warning: Jan 21 16:12:53 openmandriva.net fail2ban-client[5180]:  NOK: ("invalid literal for int() with base 10: ''",)
Warning: Jan 21 16:12:53 openmandriva.net fail2ban-client[5180]: invalid literal for int() with base 10: ''
Warning: Jan 21 16:12:53 openmandriva.net systemd[1]: fail2ban.service: Control process exited, code=exited, status=255/EXCEPTION
Warning: Jan 21 16:12:53 openmandriva.net systemd[1]: Reload failed for Fail2Ban Service.
Warning: Jan 21 16:14:07 openmandriva.net systemd[1]: /lib/systemd/system/fail2ban.service:12: PIDFile= references path below legacy directory /var/run/, updating /var/run/fail2ban/fail2ban.pid → /run/fail2ban/fail2ban.pid; please update the unit file accordingly.
Warning: Jan 21 16:14:08 openmandriva.net systemd[1]: /lib/systemd/system/fail2ban.service:12: PIDFile= references path below legacy directory /var/run/, updating /var/run/fail2ban/fail2ban.pid → /run/fail2ban/fail2ban.pid; please update the unit file accordingly.
Warning: Jan 21 16:14:25 openmandriva.net systemd[1]: Reloading Fail2Ban Service.
Warning: Jan 21 16:14:25 openmandriva.net fail2ban-client[10649]:  NOK: ("invalid literal for int() with base 10: ''",)
Warning: Jan 21 16:14:25 openmandriva.net fail2ban-client[10649]: invalid literal for int() with base 10: ''
Warning: Jan 21 16:14:25 openmandriva.net systemd[1]: fail2ban.service: Control process exited, code=exited, status=255/EXCEPTION
Warning: Jan 21 16:14:25 openmandriva.net systemd[1]: Reload failed for Fail2Ban Service.

(I’ve tried also with web application, it stays for ever with the Pacman moving)

I have to stop with ctrl-C (btw the behaviour is different with command line where it removes the app, whether in web interface the app stays as is)

Here is the fail2ban log

I hope it’s useful

Wasn’t thinking about editing the systemd conf directly but okay … also just restarting fail2ban should have been enough, no need to reinstall an app

Anyway, sounds like the error is coming from :

WARNING Command ['set', 'yunohost', 'addignoreip', '/'] has failed. Received ValueError("invalid literal for int() with base 10: ''")

Sounds like you have some ‘addignoreip’ thing with wrong entry. Does that ring any bell ?

What if you

grep -nr "ignore" /etc/fail2ban

Well in fact nothing special appeared… the service was ready and waiting

Indeed, it was a modification some months ago in /etc/fail2ban/jail.d/yunohost-whitelist.conf, but it did not bothered until I had to update or install some app. I thought all behind the # was considered as a comment, but apparently not, I guess it was a confusion due to this doc (at the bottom).

I removed the dash and the sentence behind, restarted service and the WARNING disappeared from journalctl logs.

Retrying the full process of remove/install and it works flawlessly.

Thanks for your help!

PS: Maybe, as a suggestion, the “comment” should be removed from the code sample to avoid someone makes the same mistake as I did?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.