[shaarli] Installing breaks fail2ban: ERROR NOK: (21, 'Is a directory') [solved]

:uk:/:us: Message template (english)

My YunoHost server

Hardware: Root server 8GB RAM, 40 GB HD
YunoHost version: 3.6.4.6
I have access to my server : Through SSH and through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? no

Description of my issue

I tried to install synapse from commandline as user admin like:

sudo yunohost app install GitHub - YunoHost-Apps/synapse_ynh: Matrix server (synapse) package for YunoHost

The result is:

WARNING! Installing 3rd party applications may compromise the integrity and security of your system. You should probably NOT install it unless you know what you are doing. Are you willing to take that risk? [Y/N] : y
Available domains:
- datapulp.de
- dns.datapulp.de
- hub.datapulp.de
- mon.datapulp.de
- docu.datapulp.de
- mail.datapulp.de
- cloud.datapulp.de
- forum.datapulp.de
- links.datapulp.de
- matrix.datapulp.de
Choose a domain for Synapse (default: datapulp.de): matrix.datapulp.de
Is it a public server ? [yes | no] (default: no): no
Info: Installing application synapse…
Extracting templates from packages: 100%
Warning: Created symlink /etc/systemd/system/multi-user.target.wants/matrix-synapse.service → /etc/systemd/system/matrix-synapse.service.
Warning: Created symlink /etc/systemd/system/multi-user.target.wants/coturn-synapse.service → /etc/systemd/system/coturn-synapse.service.
Warning:   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
Warning:                                  Dload  Upload   Total   Spent    Left  Speed
100    15  100    15    0     0    186      0 --:--:-- --:--:-- --:--:--   187
Warning:   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
Warning:                                  Dload  Upload   Total   Spent    Left  Speed
100    35  100    35    0     0    287      0 --:--:-- --:--:-- --:--:--   289
Warning: Starting of matrix-synapse
Warning: tail: cannot open '/var/log/matrix-synapse/homeserver.log' for reading: No such file or directory
Warning: ..tail: '/var/log/matrix-synapse/homeserver.log' has appeared;  following new file
Warning: .The service matrix-synapse has correctly started.
Warning: Job for fail2ban.service failed because the control process exited with error code.
Warning: See "systemctl status fail2ban.service" and "journalctl -xe" for details.
Warning: [ERR] !!
Warning:  synapse's script has encountered an error. Its execution was cancelled.
Warning: !!
Warning: Please find here an extract of the log before the crash:
Warning: [DEBUG]: DEBUG   - + set +x
Warning: [DEBUG]: DEBUG   - + local checksum_setting_name=checksum__etc_fail2ban_filter.d_synapse.conf
Warning: [DEBUG]: DEBUG   - ++ cut '-d ' -f1
Warning: [DEBUG]: DEBUG   - ++ sudo md5sum /etc/fail2ban/filter.d/synapse.conf
Warning: [DEBUG]: DEBUG   - + ynh_app_setting_set --app=synapse --key=checksum__etc_fail2ban_filter.d_synapse.conf --value=1c55d648327a502ddddaa64c4430feba
Warning: [DEBUG]: DEBUG   - + local legacy_args=akv
Warning: [DEBUG]: DEBUG   -=value=)
Warning: [DEBUG]: DEBUG   - + declare -Ar args_array
Warning: [DEBUG]: DEBUG   - + local app
Warning: [DEBUG]: DEBUG   - + local key
Warning: [DEBUG]: DEBUG   - + local value
Warning: [DEBUG]: DEBUG   - + ynh_handle_getopts_args --app=synapse --key=checksum__etc_fail2ban_filter.d_synapse.conf --value=1c55d648327a502ddddaa64c4430feba
Warning: [DEBUG]: DEBUG   - + set +x
Warning: [DEBUG]: DEBUG   - + ynh_app_setting set synapse checksum__etc_fail2ban_filter.d_synapse.conf 1c55d648327a502ddddaa64c4430feba
Warning: [DEBUG]: DEBUG   - + ACTION=set
Warning: [DEBUG]: DEBUG   - + APP=synapse
Warning: [DEBUG]: DEBUG   - + KEY=checksum__etc_fail2ban_filter.d_synapse.conf
Warning: [DEBUG]: DEBUG   - + VALUE=1c55d648327a502ddddaa64c4430feba
Warning: [DEBUG]: DEBUG   - + python -
Warning: [DEBUG]: DEBUG   -'
Warning: [DEBUG]: DEBUG   - + unset backup_file_checksum
Warning: [DEBUG]: DEBUG   - + systemctl try-reload-or-restart fail2ban
Warning: [DEBUG]: DEBUG   - + ynh_exit_properly
Warning: 
Info: The operation 'Install 'synapse' application' has failed! To get help, please share the full log of this operation using the command 'yunohost log display 20190926-050452-app_install-synapse --share'
Warning: Removed /etc/systemd/system/multi-user.target.wants/matrix-synapse.service.
Warning: Removed /etc/systemd/system/multi-user.target.wants/coturn-synapse.service.
Warning: Port 8448 is already closed for IPv4 connections
Warning: Port 8448 is already closed for IPv6 connections
Warning: Unable to execute command 'systemctl reload fail2ban'
Warning: Unable to execute command 'systemctl reload fail2ban'
Warning: Unable to execute command 'systemctl reload fail2ban'
Warning: Job for fail2ban.service failed because the control process exited with error code.
Warning: See "systemctl status fail2ban.service" and "journalctl -xe" for details.
Success! The SSOwat configuration has been generated
Error: The operation 'Install 'synapse' application' has failed! To get help, please share the full log of this operation using the command 'yunohost log display 20190926-050452-app_install-synapse --share'

Is it “just” an issue with fail2ban?

root@datapulp:/home/admin# systemctl restart fail2ban
root@datapulp:/home/admin# systemctl reload fail2ban
Job for fail2ban.service failed because the control process exited with error code.
See "systemctl status fail2ban.service" and "journalctl -xe" for details.
root@datapulp:/home/admin# journalctl -xe
-- 
-- Unit fail2ban.service has begun reloading its configuration
Sep 26 12:27:08 datapulp.de node[1134]: 2019-09-26T10:27:08.692Z [MASTER] info: Purging orphaned upload files...
Sep 26 12:27:08 datapulp.de node[1134]: 2019-09-26T10:27:08.694Z [MASTER] info: Purging orphaned upload files: [
Sep 26 12:27:10 datapulp.de sshd[17866]: Connection from 222.186.3.249 port 44906 on 195.128.102.143 port 22
Sep 26 12:27:12 datapulp.de fail2ban-client[17823]: ERROR  NOK: (21, 'Is a directory')
Sep 26 12:27:12 datapulp.de systemd[1]: fail2ban.service: Control process exited, code=exited status=255
Sep 26 12:27:12 datapulp.de systemd[1]: Reload failed for Fail2Ban Service.
-- Subject: Unit fail2ban.service has finished reloading its configuration
-- Defined-By: systemd
-- Support: https://www.debian.org/support
-- 
-- Unit fail2ban.service has finished reloading its configuration
-- 
-- The result is failed.
# systemctl status fail2ban
● fail2ban.service - Fail2Ban Service
   Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
   Active: active (running) (Result: exit-code) since Thu 2019-09-26 12:26:59 CEST; 10min ago
     Docs: man:fail2ban(1)
  Process: 17581 ExecStop=/usr/bin/fail2ban-client stop (code=exited, status=0/SUCCESS)
  Process: 17823 ExecReload=/usr/bin/fail2ban-client reload (code=exited, status=255)
  Process: 17651 ExecStart=/usr/bin/fail2ban-client -x start (code=exited, status=0/SUCCESS)
 Main PID: 17655 (fail2ban-server)
    Tasks: 27 (limit: 4915)
   CGroup: /system.slice/fail2ban.service
           └─17655 /usr/bin/python3 /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail

Sep 26 12:26:58 datapulp.de systemd[1]: Starting Fail2Ban Service...
Sep 26 12:26:58 datapulp.de fail2ban-client[17651]: 2019-09-26 12:26:58,873 fail2ban.server         [17653]: INF
Sep 26 12:26:58 datapulp.de fail2ban-client[17651]: 2019-09-26 12:26:58,873 fail2ban.server         [17653]: INF
Sep 26 12:26:59 datapulp.de fail2ban-client[17651]: ERROR  NOK: (21, 'Is a directory')
Sep 26 12:26:59 datapulp.de systemd[1]: Started Fail2Ban Service.
Sep 26 12:27:05 datapulp.de systemd[1]: Reloading Fail2Ban Service.
Sep 26 12:27:12 datapulp.de fail2ban-client[17823]: ERROR  NOK: (21, 'Is a directory')
Sep 26 12:27:12 datapulp.de systemd[1]: fail2ban.service: Control process exited, code=exited status=255
Sep 26 12:27:12 datapulp.de systemd[1]: Reload failed for Fail2Ban Service.

There is an Issue from April for fail2ban-client[17651]: ERROR NOK: (21, ‘Is a directory’):

Solution

Yesterday I installed shaarli. Now I deinstalled it and everything is fine. So it really broke my system! :-/

I tracked it down. there are two files added in fail2ban config. If I delete this one, everything is fine:

cat /etc/fail2ban/jail.d/shaarli.conf

[shaarli]
enabled = true
port = http,https
filter = shaarli
logpath = /var/www/shaarli/data/log.txt
maxretry = 5

Then systemctl reload fail2ban runs without problems

Note that the root cause of this issue is https://github.com/YunoHost-Apps/shaarli_ynh/issues/45 and https://github.com/YunoHost/issues/issues/1390

The current workaround is to

rm -r /var/www/shaarli/data/log.txt
touch /var/www/shaarli/data/log.txt

I’m gonna work on an actual fix for this today because I’m kinda sick of seeing people encountering this again and again …

2 Likes

Hi Aleks, sorry, I did search for a solution, but I did not find it. First I thought it had to do with synapse. Then I saw the fail2ban errors. I thought it would have been my own entries to fail2ban. I changed something 2 days ago. :slight_smile: Loooong after I found out, because of an entry I referenced, that it could have to do with shaarli. :wink:

I didn’t want to make you sick. I just wanted to share it, so that others could also find it faster.

Anyways, also now: If I search for shaarli or search for [ERROR NOK: (21, ‘Is a directory’) I find nothing correlated. Some people had problems with installing shaarli (not me). Both posts you referenced, i would not have found them, because the file in the header is nether part of my error message nor would I guess, that on line of the config, which looks like a text file would raise an error “is a directory” :slight_smile:

Yes sorry if my message sounded directed to you, it was more a “I can’t believe we didn’t fix this shit already” and went berserk because I’m sick of seeing people encountering the same bugs over and over and us not fixing them :confused:

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.