Fail2ban status : failed

What type of hardware are you using: VPS bought online
What YunoHost version are you running: 12.0.14 (stable)
How are you able to access your server: The webadmin
SSH
Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: Non

Describe your issue

Bonjour,
après un diagnostique, j’ai constaté que : "Le service fail2ban est failed :frowning: " Je ne sais pas depuis combien de temps, ni dans quelles circonstance cela est arrivé.
J’ai, suivant les différents conseils du forum, appliqué les commandes suivantes :
‘’'root@resohabitat:/etc/ssh# yunohost service status fail2ban
configuration: unknown
description: Fail2Ban Service
last_state_change: 2025-04-14 21:48:12
start_on_boot: enabled
status: failed
root@resohabitat:/etc/ssh# sudo dpkg -r --force-depends fail2ban
sudo rm -rf /var/lib/fail2ban /etc/fail2ban/jail.d /etc/fail2ban/filter.d
sudo apt install fail2ban
sudo yunohost tools regen-conf fail2ban --force
dpkg: fail2ban: dependency problems, but removing anyway as you requested:
yunohost depends on fail2ban.

(Reading database … 112744 files and directories currently installed.)
Removing fail2ban (1.0.2-2) …
Processing triggers for man-db (2.11.2-2) …
Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
Suggested packages:
monit
The following NEW packages will be installed:
fail2ban
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 451 kB of archives.
After this operation, 2,180 kB of additional disk space will be used.
Get:1 Index of /debian bookworm/main amd64 fail2ban all 1.0.2-2 [451 kB]
Fetched 451 kB in 0s (7,865 kB/s)
Selecting previously unselected package fail2ban.
(Reading database … 112464 files and directories currently installed.)
Preparing to unpack …/fail2ban_1.0.2-2_all.deb …
Unpacking fail2ban (1.0.2-2) …
Setting up fail2ban (1.0.2-2) …
Processing triggers for man-db (2.11.2-2) …
Updating coolwsd systemplate
Success! Configuration updated for ‘fail2ban’
Warning: fail2ban.service is not active, cannot reload.
Error: Could not run script: /usr/share/yunohost/hooks/conf_regen/52-fail2ban
fail2ban:
applied:
/etc/fail2ban/filter.d/postfix-sasl.conf:
status: force-created
/etc/fail2ban/filter.d/yunohost-portal.conf:
status: force-created
/etc/fail2ban/filter.d/yunohost.conf:
status: force-created
/etc/fail2ban/jail.d/yunohost-jails.conf:
status: force-created
pending:
root@resohabitat:/etc/ssh# yunohost service restart fail2ban
Success! Service ‘fail2ban’ restarted
root@resohabitat:/etc/ssh# yunohost service status fail2ban
configuration: unknown
description: Fail2Ban Service
last_state_change: 2025-04-14 21:53:13
start_on_boot: enabled
status: failed’‘’
Merci pour votre aide.

Share relevant logs or error messages

Voici les log de fail2ban

Ainsi que celu du regenconf
https://paste.yunohost.org/raw/abafojajev

Bonsoir,
Qu’as-tu dans le dossier /etc/fail2ban ?

Bonsoir @otm33 ,
Merci pour ta réponse, voici un ls -lh du dossier

root@XXXXXX:/etc/fail2ban# ls -lh
total 76K
drwxr-xr-x 2 root root 4.0K Apr 21 17:07 action.d
-rw-r–r-- 1 root root 37 Apr 22 10:50 fail2ban.conf
drwxr-xr-x 2 root root 4.0K Apr 21 2023 fail2ban.d
drwxr-xr-x 3 root root 4.0K Apr 21 18:03 filter.d
-rw-r–r-- 1 root root 26K Apr 22 19:53 jail.conf
drwxr-xr-x 2 root root 4.0K Apr 22 19:28 jail.d
-rw-r–r-- 1 root root 26K Apr 22 19:34 jail.local
root@XXXXX:/etc/fail2ban#

j’ai tenté un regen-conf de fail2ban qui me retourne cela :

root@XXXXX:/usr/share/yunohost/hooks/conf_regen# yunohost tools regen-conf fail2ban --force --debug
125 DEBUG acquiring lock…
135 DEBUG lock has been acquired
141 DEBUG loading python module yunohost.tools took 0.006s
141 DEBUG processing action ‘yunohost.tools.regen-conf’
645 DEBUG initializing root ldap interface
665 DEBUG Formating result in ‘export’ mode
670 DEBUG Executing command ‘[‘sh’, ‘-c’, ‘/bin/bash -x “./52-fail2ban” pre '' '' /var/cache/yunohost/regenconf/pending/fail2ban 7>&1’]’
678 DEBUG + set -e
678 DEBUG + . /usr/share/yunohost/helpers
680 DEBUG ++++ dirname – /usr/share/yunohost/helpers
682 DEBUG +++ cd – /usr/share/yunohost
682 DEBUG +++ pwd
683 DEBUG ++ SCRIPT_DIR=/usr/share/yunohost
683 DEBUG ++ YNH_HELPERS_VERSION=1
685 DEBUG +++ set +o
685 DEBUG +++ grep xtrace
690 DEBUG ++ readonly ‘XTRACE_ENABLE=set -o xtrace’
690 DEBUG ++ XTRACE_ENABLE=‘set -o xtrace’
690 DEBUG ++ set +x
755 DEBUG + do_pre_regen /var/cache/yunohost/regenconf/pending/fail2ban
756 DEBUG + pending_dir=/var/cache/yunohost/regenconf/pending/fail2ban
756 DEBUG + cd /usr/share/yunohost/conf/fail2ban
756 DEBUG + fail2ban_dir=/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban
757 DEBUG + mkdir -p /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d
761 DEBUG + mkdir -p /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d
766 DEBUG + cp yunohost.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost.conf
770 DEBUG + cp yunohost-portal.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost-portal.conf
776 DEBUG + cp postfix-sasl.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/postfix-sasl.conf
781 DEBUG + cp jail.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.conf
788 DEBUG ++ jq -r .ssh_port
847 DEBUG + export ssh_port=22
848 DEBUG + ssh_port=22
848 DEBUG + ynh_render_template yunohost-jails.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf
849 DEBUG + local template_path=yunohost-jails.conf
849 DEBUG + local output_path=/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf
850 DEBUG ++ dirname /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf
855 DEBUG + mkdir -p /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d
859 DEBUG + python3 -c ‘import os, sys, jinja2; sys.stdout.write(
860 DEBUG jinja2.Template(sys.stdin.read()
860 DEBUG ).render(os.environ));’
1063 DEBUG Checking pending configuration which would have been applied for category ‘fail2ban’…
1092 DEBUG processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.conf’ to system conf ‘/etc/fail2ban/jail.conf’
1093 DEBUG > system conf is already up-to-date
1093 DEBUG processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/postfix-sasl.conf’ to system conf ‘/etc/fail2ban/filter.d/postfix-sasl.conf’
1093 DEBUG > system conf is already up-to-date
1093 DEBUG processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost.conf’ to system conf ‘/etc/fail2ban/filter.d/yunohost.conf’
1093 DEBUG > system conf is already up-to-date
1093 DEBUG processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost-portal.conf’ to system conf ‘/etc/fail2ban/filter.d/yunohost-portal.conf’
1094 DEBUG > system conf is already up-to-date
1094 DEBUG processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf’ to system conf ‘/etc/fail2ban/jail.d/yunohost-jails.conf’
1094 DEBUG > system conf is already up-to-date
1094 DEBUG The configuration is already up-to-date for category ‘fail2ban’
1095 DEBUG Executing command ‘[‘sh’, ‘-c’, ‘/bin/bash -x “./52-fail2ban” post '' '' '' 7>&1’]’
1101 DEBUG + set -e
1101 DEBUG + . /usr/share/yunohost/helpers
1103 DEBUG ++++ dirname – /usr/share/yunohost/helpers
1105 DEBUG +++ cd – /usr/share/yunohost
1105 DEBUG +++ pwd
1106 DEBUG ++ SCRIPT_DIR=/usr/share/yunohost
1106 DEBUG ++ YNH_HELPERS_VERSION=1
1107 DEBUG +++ set +o
1108 DEBUG +++ grep xtrace
1110 DEBUG ++ readonly ‘XTRACE_ENABLE=set -o xtrace’
1111 DEBUG ++ XTRACE_ENABLE=‘set -o xtrace’
1111 DEBUG ++ set +x
1160 DEBUG + do_post_regen
1161 DEBUG + regen_conf_files=
1161 DEBUG + ls -l /etc/fail2ban/jail.d/yunohost-jails.conf
1168 DEBUG -rw-r–r-- 1 root root 628 Apr 21 17:08 /etc/fail2ban/jail.d/yunohost-jails.conf
1169 DEBUG + chown root:root /etc/fail2ban/jail.d/yunohost-jails.conf
1174 DEBUG + chmod 644 /etc/fail2ban/jail.d/yunohost-jails.conf
1177 DEBUG + [[ -z ‘’ ]]
1284 DEBUG To view the log of the operation ‘Regenerate system configurations ‘fail2ban’’, use the command ‘yunohost log show 20250423-174534-regen_conf-fail2ban’
1299 DEBUG action executed in 1.158s
1300 DEBUG lock has been released
root@XXXXX:/usr/share/yunohost/hooks/conf_regen#

dont voici les logs :

root@XXXXX:/usr/share/yunohost/hooks/conf_regen# yunohost log show 20250423-174534-regen_conf-fail2ban
description: Regenerate system configurations ‘fail2ban’
log_path: /var/log/yunohost/operations/20250423-174534-regen_conf-fail2ban.log
logs:

  • 2025-04-23 17:45:34,909: DEBUG - + fail2ban_dir=/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban
  • 2025-04-23 17:45:34,909: DEBUG - + mkdir -p /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d
  • 2025-04-23 17:45:34,914: DEBUG - + mkdir -p /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d
  • 2025-04-23 17:45:34,919: DEBUG - + cp yunohost.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost.conf
  • 2025-04-23 17:45:34,923: DEBUG - + cp yunohost-portal.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost-portal.conf
  • 2025-04-23 17:45:34,929: DEBUG - + cp postfix-sasl.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/postfix-sasl.conf
  • 2025-04-23 17:45:34,934: DEBUG - + cp jail.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.conf
  • 2025-04-23 17:45:34,941: DEBUG - ++ jq -r .ssh_port
  • 2025-04-23 17:45:35,000: DEBUG - + export ssh_port=22
  • 2025-04-23 17:45:35,000: DEBUG - + ssh_port=22
  • 2025-04-23 17:45:35,001: DEBUG - + ynh_render_template yunohost-jails.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-23 17:45:35,001: DEBUG - + local template_path=yunohost-jails.conf
  • 2025-04-23 17:45:35,002: DEBUG - + local output_path=/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-23 17:45:35,002: DEBUG - ++ dirname /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-23 17:45:35,008: DEBUG - + mkdir -p /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d
  • 2025-04-23 17:45:35,012: DEBUG - + python3 -c 'import os, sys, jinja2; sys.stdout.write(
  • 2025-04-23 17:45:35,012: DEBUG - jinja2.Template(sys.stdin.read()
  • 2025-04-23 17:45:35,013: DEBUG - ).render(os.environ));’
  • 2025-04-23 17:45:35,216: DEBUG - Checking pending configuration which would have been applied for category ‘fail2ban’…
  • 2025-04-23 17:45:35,245: DEBUG - processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.conf’ to system conf ‘/etc/fail2ban/jail.conf’
  • 2025-04-23 17:45:35,245: DEBUG - > system conf is already up-to-date
  • 2025-04-23 17:45:35,246: DEBUG - processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/postfix-sasl.conf’ to system conf ‘/etc/fail2ban/filter.d/postfix-sasl.conf’
  • 2025-04-23 17:45:35,246: DEBUG - > system conf is already up-to-date
  • 2025-04-23 17:45:35,246: DEBUG - processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost.conf’ to system conf ‘/etc/fail2ban/filter.d/yunohost.conf’
  • 2025-04-23 17:45:35,246: DEBUG - > system conf is already up-to-date
  • 2025-04-23 17:45:35,246: DEBUG - processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost-portal.conf’ to system conf ‘/etc/fail2ban/filter.d/yunohost-portal.conf’
  • 2025-04-23 17:45:35,247: DEBUG - > system conf is already up-to-date
  • 2025-04-23 17:45:35,247: DEBUG - processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf’ to system conf ‘/etc/fail2ban/jail.d/yunohost-jails.conf’
  • 2025-04-23 17:45:35,247: DEBUG - > system conf is already up-to-date
  • 2025-04-23 17:45:35,247: DEBUG - The configuration is already up-to-date for category ‘fail2ban’
  • 2025-04-23 17:45:35,248: DEBUG - Executing command ‘[‘sh’, ‘-c’, ‘/bin/bash -x “./52-fail2ban” post '' '' '' 7>&1’]’
  • 2025-04-23 17:45:35,254: DEBUG - + set -e
  • 2025-04-23 17:45:35,254: DEBUG - + . /usr/share/yunohost/helpers
  • 2025-04-23 17:45:35,256: DEBUG - ++++ dirname – /usr/share/yunohost/helpers
  • 2025-04-23 17:45:35,257: DEBUG - +++ cd – /usr/share/yunohost
  • 2025-04-23 17:45:35,258: DEBUG - +++ pwd
  • 2025-04-23 17:45:35,258: DEBUG - ++ SCRIPT_DIR=/usr/share/yunohost
  • 2025-04-23 17:45:35,259: DEBUG - ++ YNH_HELPERS_VERSION=1
  • 2025-04-23 17:45:35,260: DEBUG - +++ set +o
  • 2025-04-23 17:45:35,260: DEBUG - +++ grep xtrace
  • 2025-04-23 17:45:35,263: DEBUG - ++ readonly ‘XTRACE_ENABLE=set -o xtrace’
  • 2025-04-23 17:45:35,263: DEBUG - ++ XTRACE_ENABLE=‘set -o xtrace’
  • 2025-04-23 17:45:35,263: DEBUG - ++ set +x
  • 2025-04-23 17:45:35,313: DEBUG - + do_post_regen
  • 2025-04-23 17:45:35,314: DEBUG - + regen_conf_files=
  • 2025-04-23 17:45:35,314: DEBUG - + ls -l /etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-23 17:45:35,321: DEBUG - -rw-r–r-- 1 root root 628 Apr 21 17:08 /etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-23 17:45:35,322: DEBUG - + chown root:root /etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-23 17:45:35,326: DEBUG - + chmod 644 /etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-23 17:45:35,330: DEBUG - + [[ -z ‘’ ]]
    metadata:
    args:
    dry_run: False
    force: True
    list_pending: False
    names: fail2ban
    with_diff: False
    ended_at: 2025-04-23 17:45:35
    error: None
    interface: cli
    operation: regen_conf
    parent: None
    related_to:
    • configuration
    • fail2ban
      started_at: 2025-04-23 17:45:34
      success: True
      yunohost_version: 12.0.14
      metadata_path: /var/log/yunohost/operations/20250423-174534-regen_conf-fail2ban.yml
      name: 20250423-174534-regen_conf-fail2ban
      root@XXXXX:/usr/share/yunohost/hooks/conf_regen#

La regen s’est donc bien déroulée…
Et tu retrouves toujours les mêmes erreurs dans le journal de fail2ban que celles présentes dans le log de ton premier post ?

Désolé, nos disponibilités sont à contre temps.
Oui les erreurs sont toujours présentes dans le log de fail2ban

voici les retours des redémarrage et status de fail2ban

root@XXXXX:/etc/fail2ban# yunohost service restart fail2ban
Success! Service ‘fail2ban’ restarted
root@resohabitat:/etc/fail2ban# yunohost service status fail2ban
configuration: unknown
description: Fail2Ban Service
last_state_change: 2025-04-24 07:25:41
start_on_boot: enabled
status: failed

L’erreur liée au “jail.conf” ligne: 24 est corrigée : j’ai décommenté les lignes suivantes :

[DEFAULT]
bantime = 1h
[sshd]
enabled = true

Il reste toujours ces erreurs

WARNING ‘socket’ not defined in ‘Definition’.
WARNING ‘pidfile’ not defined in ‘Definition’.
WARNING ‘logtarget’ not defined in ‘Definition’.
WARNING ‘syslogsocket’ not defined in ‘Definition’

pour lesquelles j’ai ajouté les lignes suivantesdans le jail.conf :

[Definition]
socket = /var/run/fail2ban/fail2ban.sock
pidfile = /var/run/fail2ban/fail2ban.pid
logtarget = /var/log/fail2ban.log
syslogsocket = auto

Mais cela ne corrige ni les messages d’erreurs, ni le lancement du service.
Merci quoi qu’il en soit pour ton aide, @otm33.

@py_more Compliqué là… J’imagine que tu as déjà testé les fichiers de configuration avec sudo fail2ban-client -d ?
Voici le fichier jail.conf d’une installation yunohost toute “neuve” : ce n’est pas une solution en soi mais si ça peut t’être utile…

Merci @otm33, j’ai repris le jail.conf que tu m’a donné et lancé un fail2ban-client -d :

root@resohabitat:/etc/fail2ban# nano jail.local
root@resohabitat:/etc/fail2ban# yunohost service restart fail2ban
Success! Service ‘fail2ban’ restarted
root@resohabitat:/etc/fail2ban# yunohost service status fail2ban
configuration: unknown
description: Fail2Ban Service
last_state_change: 2025-04-24 09:55:43
start_on_boot: enabled
status: failed
root@resohabitat:/etc/fail2ban# fail2ban-client -d
2025-04-24 09:54:29,593 fail2ban.configreader [197171]: WARNING ‘socket’ not defined in ‘Definition’. Using default one: ‘/var/run/fail2ban/fail2ban.sock’
2025-04-24 09:54:29,594 fail2ban.configreader [197171]: WARNING ‘pidfile’ not defined in ‘Definition’. Using default one: ‘/var/run/fail2ban/fail2ban.pid’
2025-04-24 09:54:29,594 fail2ban.configreader [197171]: WARNING ‘logtarget’ not defined in ‘Definition’. Using default one: ‘/var/log/fail2ban.log’
2025-04-24 09:54:29,594 fail2ban.configreader [197171]: WARNING ‘syslogsocket’ not defined in ‘Definition’. Using default one: ‘auto’
2025-04-24 09:54:29,595 fail2ban [197171]: ERROR Failed during configuration: While reading from ‘/etc/fail2ban/jail.conf’ [line 101]: option ‘bantime’ in section ‘DEFAULT’ already exists
ERROR: The configuration stream failed because of the invalid syntax.
2025-04-24 09:54:29,595 fail2ban [197171]: ERROR Init of command line failed

Puis j’ai tenté un regen-conf, voir cidessous : qui se termine avec un message d’erreur cette fois-ci :

root@XXXX:/etc/fail2ban# yunohost tools regen-conf fail2ban --force --debug
127 DEBUG acquiring lock…
137 DEBUG lock has been acquired
144 DEBUG loading python module yunohost.tools took 0.006s
144 DEBUG processing action ‘yunohost.tools.regen-conf’
665 DEBUG initializing root ldap interface
690 DEBUG Formating result in ‘export’ mode
695 DEBUG Executing command ‘[‘sh’, ‘-c’, ‘/bin/bash -x “./52-fail2ban” pre '' '' /var/cache/yunohost/regenconf/pending/fail2ban 7>&1’]’
706 DEBUG + set -e
706 DEBUG + . /usr/share/yunohost/helpers
708 DEBUG ++++ dirname – /usr/share/yunohost/helpers
712 DEBUG +++ cd – /usr/share/yunohost
713 DEBUG +++ pwd
713 DEBUG ++ SCRIPT_DIR=/usr/share/yunohost
714 DEBUG ++ YNH_HELPERS_VERSION=1
716 DEBUG +++ set +o
716 DEBUG +++ grep xtrace
722 DEBUG ++ readonly ‘XTRACE_ENABLE=set -o xtrace’
722 DEBUG ++ XTRACE_ENABLE=‘set -o xtrace’
723 DEBUG ++ set +x
796 DEBUG + do_pre_regen /var/cache/yunohost/regenconf/pending/fail2ban
796 DEBUG + pending_dir=/var/cache/yunohost/regenconf/pending/fail2ban
797 DEBUG + cd /usr/share/yunohost/conf/fail2ban
797 DEBUG + fail2ban_dir=/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban
797 DEBUG + mkdir -p /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d
802 DEBUG + mkdir -p /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d
807 DEBUG + cp yunohost.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost.conf
814 DEBUG + cp yunohost-portal.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost-portal.conf
820 DEBUG + cp postfix-sasl.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/postfix-sasl.conf
826 DEBUG + cp jail.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.conf
834 DEBUG ++ jq -r .ssh_port
894 DEBUG + export ssh_port=22
895 DEBUG + ssh_port=22
895 DEBUG + ynh_render_template yunohost-jails.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf
895 DEBUG + local template_path=yunohost-jails.conf
896 DEBUG + local output_path=/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf
896 DEBUG ++ dirname /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf
898 DEBUG + mkdir -p /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d
901 DEBUG + python3 -c ‘import os, sys, jinja2; sys.stdout.write(
901 DEBUG jinja2.Template(sys.stdin.read()
901 DEBUG ).render(os.environ));’
1105 DEBUG Checking pending configuration which would have been applied for category ‘fail2ban’…
1130 DEBUG processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.conf’ to system conf ‘/etc/fail2ban/jail.conf’
1131 DEBUG > system conf has been manually modified
1133 DEBUG Configuration file ‘/etc/fail2ban/jail.conf’ backed up to ‘/var/cache/yunohost/regenconf/backup/etc/fail2ban/jail.conf-20250424.095954’
1134 DEBUG Configuration file ‘/etc/fail2ban/jail.conf’ updated
1134 DEBUG processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/postfix-sasl.conf’ to system conf ‘/etc/fail2ban/filter.d/postfix-sasl.conf’
1134 DEBUG > system conf is already up-to-date
1134 DEBUG processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost.conf’ to system conf ‘/etc/fail2ban/filter.d/yunohost.conf’
1135 DEBUG > system conf is already up-to-date
1135 DEBUG processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost-portal.conf’ to system conf ‘/etc/fail2ban/filter.d/yunohost-portal.conf’
1135 DEBUG > system conf is already up-to-date
1135 DEBUG processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf’ to system conf ‘/etc/fail2ban/jail.d/yunohost-jails.conf’
1135 DEBUG > system conf is already up-to-date
1135 SUCCESS Configuration updated for ‘fail2ban’
1135 DEBUG updating conf hashes for ‘fail2ban’ with: {‘/etc/fail2ban/filter.d/postfix-sasl.conf’: ‘f5b8c01c318e6b5e906020fdf5c0fd16’, ‘/etc/fail2ban/filter.d/yunohost-portal.conf’: ‘1b1521b5967618f420b1fddefb03e523’, ‘/etc/fail2ban/filter.d/yunohost.conf’: ‘9fcaa5785707a0d24b4e0dec57c6ea2f’, ‘/etc/fail2ban/jail.conf’: ‘2cc0d2d03ba23c4390270d572d595e64’, ‘/etc/fail2ban/jail.d/yunohost-jails.conf’: ‘d76e32cbcdef53f99e7f53f390e399d8’}
1158 DEBUG Executing command ‘[‘sh’, ‘-c’, ‘/bin/bash -x “./52-fail2ban” post '' '' /etc/fail2ban/jail.conf 7>&1’]’
1167 DEBUG + set -e
1167 DEBUG + . /usr/share/yunohost/helpers
1170 DEBUG ++++ dirname – /usr/share/yunohost/helpers
1171 DEBUG +++ cd – /usr/share/yunohost
1171 DEBUG +++ pwd
1172 DEBUG ++ SCRIPT_DIR=/usr/share/yunohost
1173 DEBUG ++ YNH_HELPERS_VERSION=1
1174 DEBUG +++ set +o
1175 DEBUG +++ grep xtrace
1180 DEBUG ++ readonly ‘XTRACE_ENABLE=set -o xtrace’
1181 DEBUG ++ XTRACE_ENABLE=‘set -o xtrace’
1181 DEBUG ++ set +x
1253 DEBUG + do_post_regen /etc/fail2ban/jail.conf
1253 DEBUG + regen_conf_files=/etc/fail2ban/jail.conf
1254 DEBUG + ls -l /etc/fail2ban/jail.d/yunohost-jails.conf
1260 DEBUG -rw-r–r-- 1 root root 628 Apr 21 17:08 /etc/fail2ban/jail.d/yunohost-jails.conf
1260 DEBUG + chown root:root /etc/fail2ban/jail.d/yunohost-jails.conf
1272 DEBUG + chmod 644 /etc/fail2ban/jail.d/yunohost-jails.conf
1277 DEBUG + [[ -z /etc/fail2ban/jail.conf ]]
1277 DEBUG + systemctl reload fail2ban
1306 WARNING fail2ban.service is not active, cannot reload.
1409 ERROR Could not run script: /usr/share/yunohost/hooks/conf_regen/52-fail2ban
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/yunohost/hook.py”, line 301, in hook_callback
hook_return = hook_exec(
^^^^^^^^^^
File “/usr/lib/python3/dist-packages/yunohost/hook.py”, line 421, in hook_exec
raise YunohostError(“hook_exec_failed”, path=path)
yunohost.utils.error.YunohostError: Could not run script: /usr/share/yunohost/hooks/conf_regen/52-fail2ban
1417 DEBUG To view the log of the operation ‘Regenerate system configurations ‘fail2ban’’, use the command ‘yunohost log show 20250424-095953-regen_conf-fail2ban’
1430 DEBUG action executed in 1.286s
1431 DEBUG lock has been released
fail2ban:
applied:
/etc/fail2ban/jail.conf:
status: force-updated
pending:
root@XXXXX:/etc/fail2ban#

Quelle peut être l’origine de l’erreur suivante ?

ERROR Could not run script: /usr/share/yunohost/hooks/conf_regen/52-fail2ban

ainsi que celle-ci ? dans le log de fail2ban ?

ERROR Async configuration of server failed

Je pense que jail.conf et jail.local se marchent tout simplement sur les pieds… Sauvegarde les deux puis désactive le jail.local.

Effectivement, c’est mieux ainsi le regen-conf n’echoue pas :

root@XXXXX:/etc/fail2ban# yunohost log show 20250424-103923-regen_conf-fail2ban
description: Regenerate system configurations ‘fail2ban’
log_path: /var/log/yunohost/operations/20250424-103923-regen_conf-fail2ban.log
logs:

  • 2025-04-24 10:39:23,746: DEBUG - + fail2ban_dir=/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban
  • 2025-04-24 10:39:23,746: DEBUG - + mkdir -p /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d
  • 2025-04-24 10:39:23,753: DEBUG - + mkdir -p /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d
  • 2025-04-24 10:39:23,758: DEBUG - + cp yunohost.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost.conf
  • 2025-04-24 10:39:23,763: DEBUG - + cp yunohost-portal.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost-portal.conf
  • 2025-04-24 10:39:23,770: DEBUG - + cp postfix-sasl.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/postfix-sasl.conf
  • 2025-04-24 10:39:23,777: DEBUG - + cp jail.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.conf
  • 2025-04-24 10:39:23,786: DEBUG - ++ jq -r .ssh_port
  • 2025-04-24 10:39:23,850: DEBUG - + export ssh_port=22
  • 2025-04-24 10:39:23,850: DEBUG - + ssh_port=22
  • 2025-04-24 10:39:23,850: DEBUG - + ynh_render_template yunohost-jails.conf /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-24 10:39:23,851: DEBUG - + local template_path=yunohost-jails.conf
  • 2025-04-24 10:39:23,851: DEBUG - + local output_path=/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-24 10:39:23,853: DEBUG - ++ dirname /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-24 10:39:23,858: DEBUG - + mkdir -p /var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d
  • 2025-04-24 10:39:23,861: DEBUG - + python3 -c 'import os, sys, jinja2; sys.stdout.write(
  • 2025-04-24 10:39:23,861: DEBUG - jinja2.Template(sys.stdin.read()
  • 2025-04-24 10:39:23,862: DEBUG - ).render(os.environ));’
  • 2025-04-24 10:39:24,065: DEBUG - Checking pending configuration which would have been applied for category ‘fail2ban’…
  • 2025-04-24 10:39:24,097: DEBUG - processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.conf’ to system conf ‘/etc/fail2ban/jail.conf’
  • 2025-04-24 10:39:24,098: DEBUG - > system conf is already up-to-date
  • 2025-04-24 10:39:24,098: DEBUG - processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/postfix-sasl.conf’ to system conf ‘/etc/fail2ban/filter.d/postfix-sasl.conf’
  • 2025-04-24 10:39:24,099: DEBUG - > system conf is already up-to-date
  • 2025-04-24 10:39:24,099: DEBUG - processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost.conf’ to system conf ‘/etc/fail2ban/filter.d/yunohost.conf’
  • 2025-04-24 10:39:24,100: DEBUG - > system conf is already up-to-date
  • 2025-04-24 10:39:24,100: DEBUG - processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/filter.d/yunohost-portal.conf’ to system conf ‘/etc/fail2ban/filter.d/yunohost-portal.conf’
  • 2025-04-24 10:39:24,101: DEBUG - > system conf is already up-to-date
  • 2025-04-24 10:39:24,101: DEBUG - processing pending conf ‘/var/cache/yunohost/regenconf/pending/fail2ban/etc/fail2ban/jail.d/yunohost-jails.conf’ to system conf ‘/etc/fail2ban/jail.d/yunohost-jails.conf’
  • 2025-04-24 10:39:24,102: DEBUG - > system conf is already up-to-date
  • 2025-04-24 10:39:24,102: DEBUG - The configuration is already up-to-date for category ‘fail2ban’
  • 2025-04-24 10:39:24,102: DEBUG - Executing command ‘[‘sh’, ‘-c’, ‘/bin/bash -x “./52-fail2ban” post '' '' '' 7>&1’]’
  • 2025-04-24 10:39:24,109: DEBUG - + set -e
  • 2025-04-24 10:39:24,109: DEBUG - + . /usr/share/yunohost/helpers
  • 2025-04-24 10:39:24,112: DEBUG - ++++ dirname – /usr/share/yunohost/helpers
  • 2025-04-24 10:39:24,116: DEBUG - +++ cd – /usr/share/yunohost
  • 2025-04-24 10:39:24,116: DEBUG - +++ pwd
  • 2025-04-24 10:39:24,117: DEBUG - ++ SCRIPT_DIR=/usr/share/yunohost
  • 2025-04-24 10:39:24,117: DEBUG - ++ YNH_HELPERS_VERSION=1
  • 2025-04-24 10:39:24,120: DEBUG - +++ set +o
  • 2025-04-24 10:39:24,120: DEBUG - +++ grep xtrace
  • 2025-04-24 10:39:24,124: DEBUG - ++ readonly ‘XTRACE_ENABLE=set -o xtrace’
  • 2025-04-24 10:39:24,124: DEBUG - ++ XTRACE_ENABLE=‘set -o xtrace’
  • 2025-04-24 10:39:24,125: DEBUG - ++ set +x
  • 2025-04-24 10:39:24,194: DEBUG - + do_post_regen
  • 2025-04-24 10:39:24,194: DEBUG - + regen_conf_files=
  • 2025-04-24 10:39:24,194: DEBUG - + ls -l /etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-24 10:39:24,200: DEBUG - -rw-r–r-- 1 root root 628 Apr 21 17:08 /etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-24 10:39:24,200: DEBUG - + chown root:root /etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-24 10:39:24,206: DEBUG - + chmod 644 /etc/fail2ban/jail.d/yunohost-jails.conf
  • 2025-04-24 10:39:24,212: DEBUG - + [[ -z ‘’ ]]
    metadata:
    args:
    dry_run: False
    force: True
    list_pending: False
    names: fail2ban
    with_diff: False
    ended_at: 2025-04-24 10:39:24
    error: None
    interface: cli
    operation: regen_conf
    parent: None
    related_to:
    • configuration
    • fail2ban
      started_at: 2025-04-24 10:39:23
      success: True
      yunohost_version: 12.0.14
      metadata_path: /var/log/yunohost/operations/20250424-103923-regen_conf-fail2ban.yml
      name: 20250424-103923-regen_conf-fail2ban

mais après un restart le service est toujour fail :

root@XXXX:/etc/fail2ban# yunohost service restart fail2ban
Success! Service ‘fail2ban’ restarted
root@XXXXX:/etc/fail2ban# yunohost service status fail2ban
configuration: unknown
description: Fail2Ban Service
last_state_change: 2025-04-24 10:42:08
start_on_boot: enabled
status: failed

Voici le log :

avril 24 10:54:32 systemd[1]: Started fail2ban.service - Fail2Ban Service.
avril 24 10:54:32 fail2ban-server[202838]: 2025-04-24 10:54:32,668 fail2ban.configreader   [202838]: WARNING 'socket' not defined in 'Definition'. Using default one: '/var/run/fail2ban/fail2ban.sock'
avril 24 10:54:32 fail2ban-server[202838]: 2025-04-24 10:54:32,668 fail2ban.configreader   [202838]: WARNING 'pidfile' not defined in 'Definition'. Using default one: '/var/run/fail2ban/fail2ban.pid'
avril 24 10:54:32 fail2ban-server[202838]: 2025-04-24 10:54:32,668 fail2ban.configreader   [202838]: WARNING 'logtarget' not defined in 'Definition'. Using default one: '/var/log/fail2ban.log'
avril 24 10:54:32 fail2ban-server[202838]: 2025-04-24 10:54:32,668 fail2ban.configreader   [202838]: WARNING 'syslogsocket' not defined in 'Definition'. Using default one: 'auto'
avril 24 10:54:32 fail2ban-server[202838]: 2025-04-24 10:54:32,685 fail2ban.configreader   [202838]: WARNING 'logtarget' not defined in 'Definition'. Using default one: 'STDERR'
avril 24 10:54:32 fail2ban-server[202838]: 2025-04-24 10:54:32,686 fail2ban.configreader   [202838]: WARNING 'syslogsocket' not defined in 'Definition'. Using default one: 'auto'
avril 24 10:54:32 fail2ban-server[202838]: 2025-04-24 10:54:32,686 fail2ban.configreader   [202838]: WARNING 'allowipv6' not defined in 'Definition'. Using default one: 'auto'
avril 24 10:54:32 fail2ban-server[202838]: 2025-04-24 10:54:32,686 fail2ban.configreader   [202838]: WARNING 'dbfile' not defined in 'Definition'. Using default one: '/var/lib/fail2ban/fail2ban.sqlite3'
avril 24 10:54:32 fail2ban-server[202838]: 2025-04-24 10:54:32,686 fail2ban.configreader   [202838]: WARNING 'dbpurgeage' not defined in 'Definition'. Using default one: '1d'
avril 24 10:54:32 fail2ban-server[202838]: 2025-04-24 10:54:32,686 fail2ban                [202838]: ERROR   Failed during configuration: Bad value substitution: option 'backend' in section 'sshd' contains an interpolation key 'sshd_backend' which is not a valid option name. Raw value: '%(sshd_backend)s'
avril 24 10:54:32 fail2ban-server[202838]: 2025-04-24 10:54:32,690 fail2ban                [202838]: ERROR   Async configuration of server failed
avril 24 10:54:32 systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/EXCEPTION
avril 24 10:54:32 systemd[1]: fail2ban.service: Failed with result 'exit-code'.

Le problème ne viendrait pas de sshd ?
Poruquoi tout ces warning ?
Merci pour ton aide.

Cette variable %(sshd_backend)s doit chercher cette valeur dans un autre fichier (qu’elle ne trouve pas dans ton cas).
Tu peux essayer de la remplacer provisoirement par systemd dans le jail.conf pour voir si ça permet à fail2ban de redémarrer.
Mais je vois qu’il y a beaucoup plus de fichiers dans une configuration par défaut de fail2ban sur yunohost. Je vais essayer de te les transférer.

Voici donc les fichiers supplémentaires (à manier avec réserve car tout n’est pas forcément identique):

root@domainyuno:/etc/fail2ban# ls -1

action.d
fail2ban.conf
fail2ban.d
filter.d
jail.conf
jail.d
paths-arch.conf
paths-common.conf
paths-debian.conf
paths-opensuse.conf

Merci @otm33 , j’ai ajouté les fichiers “paths” dans le répertoire fail2ban.
Malheureusement, le redémarage du service échoue toujours :

root@XXXXX:/etc/fail2ban# yunohost service restart fail2ban
Success! Service ‘fail2ban’ restarted
root@resohabitat:/etc/fail2ban# yunohost service status fail2ban
configuration: unknown
description: Fail2Ban Service
last_state_change: 2025-04-24 17:30:59
start_on_boot: enabled
status: failed
root@XXXXX:/etc/fail2ban#

Et le regen-conf échoue avec ce message d’erreur

1880 ERROR Could not run script: /usr/share/yunohost/hooks/conf_regen/52-fail2ban
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/yunohost/hook.py”, line 301, in hook_callback
hook_return = hook_exec(
^^^^^^^^^^
File “/usr/lib/python3/dist-packages/yunohost/hook.py”, line 421, in hook_exec
raise YunohostError(“hook_exec_failed”, path=path)
yunohost.utils.error.YunohostError: Could not run script: /usr/share/yunohost/hooks/conf_regen/52-fail2ban

Merci pour tes conseils, si tu as d’autres pistes je suis preneur de conseils.

Un des fichiers ajoutés sème sûrement la zizanie. Essaie de voir si fail2ban-client -d donne quelque chose et ce qu’indique maintenant le journal de fail2ban.

Voici cd que donne fail2ban-client -d

root@XXXXX:/etc/fail2ban# fail2ban-client -d
2025-04-24 21:12:06,332 fail2ban.configreader [254771]: WARNING ‘socket’ not defined in ‘Definition’. Using default one: ‘/var/run/fail2ban/fail2ban.sock’
2025-04-24 21:12:06,333 fail2ban.configreader [254771]: WARNING ‘pidfile’ not defined in ‘Definition’. Using default one: ‘/var/run/fail2ban/fail2ban.pid’
2025-04-24 21:12:06,333 fail2ban.configreader [254771]: WARNING ‘logtarget’ not defined in ‘Definition’. Using default one: ‘/var/log/fail2ban.log’
2025-04-24 21:12:06,333 fail2ban.configreader [254771]: WARNING ‘syslogsocket’ not defined in ‘Definition’. Using default one: ‘auto’
2025-04-24 21:12:06,333 fail2ban [254771]: ERROR Failed during configuration: File contains no section headers.
file: ‘/etc/fail2ban/jail.conf’, line: 24
‘enabled = true\n’
ERROR: The configuration stream failed because of the invalid syntax.
2025-04-24 21:12:06,334 fail2ban [254771]: ERROR Init of command line failed

Voici le log de fail2ban :

avril 24 21:15:36 systemd[1]: Started fail2ban.service - Fail2Ban Service.
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,414 fail2ban.configreader   [255188]: WARNING 'socket' not defined in 'Definition'. Using default one: '/var/run/fail2ban/fail2ban.sock'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,415 fail2ban.configreader   [255188]: WARNING 'pidfile' not defined in 'Definition'. Using default one: '/var/run/fail2ban/fail2ban.pid'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,416 fail2ban.configreader   [255188]: WARNING 'logtarget' not defined in 'Definition'. Using default one: '/var/log/fail2ban.log'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,417 fail2ban.configreader   [255188]: WARNING 'syslogsocket' not defined in 'Definition'. Using default one: 'auto'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,438 fail2ban.configreader   [255188]: WARNING 'logtarget' not defined in 'Definition'. Using default one: 'STDERR'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,438 fail2ban.configreader   [255188]: WARNING 'syslogsocket' not defined in 'Definition'. Using default one: 'auto'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,439 fail2ban.configreader   [255188]: WARNING 'allowipv6' not defined in 'Definition'. Using default one: 'auto'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,439 fail2ban.configreader   [255188]: WARNING 'dbfile' not defined in 'Definition'. Using default one: '/var/lib/fail2ban/fail2ban.sqlite3'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,439 fail2ban.configreader   [255188]: WARNING 'dbpurgeage' not defined in 'Definition'. Using default one: '1d'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,440 fail2ban.configreader   [255188]: ERROR   Found no accessible config files for 'filter.d/sshd' under /etc/fail2ban
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,440 fail2ban.jailreader     [255188]: ERROR   Unable to read the filter 'sshd'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,440 fail2ban.jailsreader    [255188]: ERROR   Errors in jail 'sshd'. Skipping...
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,441 fail2ban.configreader   [255188]: ERROR   Found no accessible config files for 'filter.d/nginx-http-auth' under /etc/fail2ban
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,441 fail2ban.jailreader     [255188]: ERROR   Unable to read the filter 'nginx-http-auth'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,442 fail2ban.jailsreader    [255188]: ERROR   Errors in jail 'nginx-http-auth'. Skipping...
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,443 fail2ban.configreader   [255188]: ERROR   Found no accessible config files for 'filter.d/postfix' under /etc/fail2ban
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,443 fail2ban.jailreader     [255188]: ERROR   Unable to read the filter 'postfix'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,443 fail2ban.jailsreader    [255188]: ERROR   Errors in jail 'postfix'. Skipping...
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,444 fail2ban.configreader   [255188]: ERROR   Found no accessible config files for 'filter.d/dovecot' under /etc/fail2ban
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,444 fail2ban.jailreader     [255188]: ERROR   Unable to read the filter 'dovecot'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,444 fail2ban.jailsreader    [255188]: ERROR   Errors in jail 'dovecot'. Skipping...
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,446 fail2ban.configreader   [255188]: ERROR   Found no accessible config files for 'filter.d/recidive' under /etc/fail2ban
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,446 fail2ban.jailreader     [255188]: ERROR   Unable to read the filter 'recidive'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,446 fail2ban.jailsreader    [255188]: ERROR   Errors in jail 'recidive'. Skipping...
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,447 fail2ban.configreader   [255188]: ERROR   Found no accessible config files for 'filter.d/pam-generic' under /etc/fail2ban
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,447 fail2ban.jailreader     [255188]: ERROR   Unable to read the filter 'pam-generic'
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,447 fail2ban.jailsreader    [255188]: ERROR   Errors in jail 'pam-generic'. Skipping...
avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,449 fail2ban                [255188]: ERROR   Failed during configuration: Bad value substitution: option 'failregex' in section 'Definition' contains an interpolation key '__prefix_line' which is not a valid option name. Raw value: '^%(__prefix_line)swarning: [-._\\w]+\\[<HOST>\\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(: [ A-Za-z0-9+/]*={0,2})?\\s*

avril 24 21:15:36 fail2ban-server[255188]: 2025-04-24 21:15:36,454 fail2ban [255188]: ERROR Async configuration of server failed
avril 24 21:15:36 systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/EXCEPTION
avril 24 21:15:36 systemd[1]: fail2ban.service: Failed with result ‘exit-code’.
avril 24 21:15:48 systemd[1]: fail2ban.service: Unit cannot be reloaded because it is inactive.

Je pense qu’il faut commencer par commenter la ligne 24 de /etc/jail.conf. Les erreurs qui sont apparues en lien avec les filtres ressemblent à ce que j’ai obtenu en reproduisant les commandes que tu as mentionnées au tout début du fil… En fait, le

supprime tous les filtres… Il a fallu les récupérer sur une autre install et fail2ban est reparti.

Merci @otm33, j’ai commenté la ligne 24 de /etc/jail.conf.
Comment puis-je récupérer les filtres, s’il te plait ?

J’essaie de te les joindre dans un message à moins que je ne les trouve sur un dépôt…

Merci. :folded_hands: