Fail2ban issues after update or install

My YunoHost server

Hardware: Server model is QEMU Standard PC (i440FX + PIIX, 1996)
Server hardware architecture is kvm amd64
YunoHost version:
- yunohost version: 4.1.6 (stable)
- yunohost-admin version: 4.1.4 (stable)
- moulinette version: 4.1.4 (stable)
- ssowat version: 4.1.3 (stable)
I have access to my server : Through SSH | through the webadmin | with remote VNC if needed
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

Since few days, it seems I have a fail2ban issue, as for each app having a fail2ban configuration, after an update for instance, there is a fail2ban reload error (following this, most yunohost commands are badly responding and systemctl networking service is down)

Note that the update or install works, but I did not find a way than rebooting the server for having networking service correctly working.

as an example I make an update of gitea, but it does the same if I update or install other app

All goes well until almost the end:

/usr/share/yunohost/helpers.d/logging: line 20: message: unbound variable
Jan 21 11:52:02 systemd[1]: Reload failed for Fail2Ban Service.
Jan 21 11:52:02 systemd[1]: fail2ban.service: Control process exited, code=exited, status=255/EXCEPTION
Jan 21 11:52:02 fail2ban-client[2682]: invalid literal for int() with base 10: ''
Jan 21 11:52:02 fail2ban-client[2682]: NOK: ("invalid literal for int() with base 10: ''",)
Jan 21 11:52:02 systemd[1]: Reloading Fail2Ban Service.
Jan 21 11:51:18 systemd[1]: /lib/systemd/system/fail2ban.service:12: PIDFile= references path below legacy directory /var/run/, updating /var/run/fail2ban/fail2ban.pid → /run/fail2ban/fail2ban.pid; please update the unit file accordingly.
Jan 21 00:13:06 systemd[1]: /lib/systemd/system/fail2ban.service:12: PIDFile= references path below legacy directory /var/run/, updating /var/run/fail2ban/fail2ban.pid → /run/fail2ban/fail2ban.pid; please update the unit file accordingly.
Jan 21 00:13:06 systemd[1]: /lib/systemd/system/fail2ban.service:12: PIDFile= references path below legacy directory /var/run/, updating /var/run/fail2ban/fail2ban.pid → /run/fail2ban/fail2ban.pid; please update the unit file accordingly.
Jan 21 00:04:45 systemd[1]: Reload failed for Fail2Ban Service.
Jan 21 00:04:45 systemd[1]: fail2ban.service: Control process exited, code=exited, status=255/EXCEPTION
Jan 21 00:04:45 fail2ban-client[5185]: invalid literal for int() with base 10: ''
Jan 21 00:04:45 fail2ban-client[5185]: NOK: ("invalid literal for int() with base 10: ''",)
Jan 21 00:04:24 systemd[1]: Reloading Fail2Ban Service.
Jan 21 00:04:03 fail2ban-server[723]: Server ready
Jan 21 00:03:57 systemd[1]: Started Fail2Ban Service.
[Error] Jan 21 00:03:57 systemd[1]: Starting Fail2Ban Service...
See "systemctl status fail2ban.service" and "journalctl -xe" for details.
Job for fail2ban.service failed.
Configuring Fail2Ban...

Note: all diagnosis tests are ok

Hmpf can you try this in case that brings more detail about what file is causing the issue

/usr/bin/fail2ban-server -xf --loglevel DEBUG

Hi @Aleks,

thanks for your help

I’ve set up fail2ban.service this way

ExecStart=/usr/bin/fail2ban-server -xf --logtarget=sysout --logleve DEBUG start

I’ve removed/reinstalled gitea to reproduce.
logs are quite big, so I copy to dpaste

at removal here is the fail2ban log

then had to reboot as most yunohost config are unresponsive

at reinstall, it hangs after this

Warning: Reload the service fail2ban
Warning: Job for fail2ban.service failed.
Warning: See "systemctl status fail2ban.service" and "journalctl -xe" for details.
Warning: -- Logs begin at Thu 2021-01-21 16:11:58 GMT, end at Thu 2021-01-21 16:14:25 GMT. --
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   <_RawEvent cookie=0 mask=0x2 name='' wd=2 >
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   Event queue size: 16
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   <_RawEvent cookie=0 mask=0x2 name='' wd=2 >
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   Event queue size: 16
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   <_RawEvent cookie=0 mask=0x2 name='' wd=2 >
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   Event queue size: 16
Warning: Jan 21 16:12:27 openmandriva.net fail2ban-server[771]: fail2ban.filterpyinotify[771]: DEBUG   <_RawEvent cookie=0 mask=0x2 name='' wd=2 >
Warning: Jan 21 16:12:27 openmandriva.net systemd[1]: Reloading Fail2Ban Service.
Warning: Jan 21 16:12:28 openmandriva.net fail2ban-server[771]: fail2ban.server         [771]: INFO    Reload all jails
Warning: Jan 21 16:12:53 openmandriva.net fail2ban-client[5180]:  NOK: ("invalid literal for int() with base 10: ''",)
Warning: Jan 21 16:12:53 openmandriva.net fail2ban-client[5180]: invalid literal for int() with base 10: ''
Warning: Jan 21 16:12:53 openmandriva.net systemd[1]: fail2ban.service: Control process exited, code=exited, status=255/EXCEPTION
Warning: Jan 21 16:12:53 openmandriva.net systemd[1]: Reload failed for Fail2Ban Service.
Warning: Jan 21 16:14:07 openmandriva.net systemd[1]: /lib/systemd/system/fail2ban.service:12: PIDFile= references path below legacy directory /var/run/, updating /var/run/fail2ban/fail2ban.pid → /run/fail2ban/fail2ban.pid; please update the unit file accordingly.
Warning: Jan 21 16:14:08 openmandriva.net systemd[1]: /lib/systemd/system/fail2ban.service:12: PIDFile= references path below legacy directory /var/run/, updating /var/run/fail2ban/fail2ban.pid → /run/fail2ban/fail2ban.pid; please update the unit file accordingly.
Warning: Jan 21 16:14:25 openmandriva.net systemd[1]: Reloading Fail2Ban Service.
Warning: Jan 21 16:14:25 openmandriva.net fail2ban-client[10649]:  NOK: ("invalid literal for int() with base 10: ''",)
Warning: Jan 21 16:14:25 openmandriva.net fail2ban-client[10649]: invalid literal for int() with base 10: ''
Warning: Jan 21 16:14:25 openmandriva.net systemd[1]: fail2ban.service: Control process exited, code=exited, status=255/EXCEPTION
Warning: Jan 21 16:14:25 openmandriva.net systemd[1]: Reload failed for Fail2Ban Service.

(I’ve tried also with web application, it stays for ever with the Pacman moving)

I have to stop with ctrl-C (btw the behaviour is different with command line where it removes the app, whether in web interface the app stays as is)

Here is the fail2ban log

I hope it’s useful

Wasn’t thinking about editing the systemd conf directly but okay 
 also just restarting fail2ban should have been enough, no need to reinstall an app

Anyway, sounds like the error is coming from :

WARNING Command ['set', 'yunohost', 'addignoreip', '/'] has failed. Received ValueError("invalid literal for int() with base 10: ''")

Sounds like you have some ‘addignoreip’ thing with wrong entry. Does that ring any bell ?

What if you

grep -nr "ignore" /etc/fail2ban

1 Like

Well in fact nothing special appeared
 the service was ready and waiting

Indeed, it was a modification some months ago in /etc/fail2ban/jail.d/yunohost-whitelist.conf, but it did not bothered until I had to update or install some app. I thought all behind the # was considered as a comment, but apparently not, I guess it was a confusion due to this doc (at the bottom).

I removed the dash and the sentence behind, restarted service and the WARNING disappeared from journalctl logs.

Retrying the full process of remove/install and it works flawlessly.

Thanks for your help!

PS: Maybe, as a suggestion, the “comment” should be removed from the code sample to avoid someone makes the same mistake as I did?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.