Applicable to:
- Plesk for Linux
Symptoms
-
Fail2Ban in Plesk fails to start with any of the following errors:
PLESK_ERROR: Internal error: f2bmng failed: ln -s '/usr/lib/systemd/system/fail2ban.service' '/etc/systemd/system/multi-user.target.wants/fail2ban.service'
Job for fail2ban.service failed. See 'systemctl status fail2ban.service' and 'journalctl -n' for details.
ERROR:f2bmng:Failed to start fail2ban serviceMessage: f2bmng failed: ln -s '/usr/lib/systemd/system/fail2ban.service' '/etc/systemd/system/multi-user.target.wants/fail2ban.service'
Job for fail2ban.service failed. See 'systemctl status fail2ban.service' and 'journalctl -n' for details.
ERROR:f2bmng:Failed to start fail2ban serviceFile Agent.phpLine 243Type PleskUtilException
# service fail2ban start
* Starting authentication failure monitor fail2ban
Traceback (most recent call last):
File "/usr/bin/fail2ban-client", line 472, in <module>
if client.start(sys.argv):
File "/usr/bin/fail2ban-client", line 442, in start
return self.__processCommand(args)
File "/usr/bin/fail2ban-client", line 216, in __processCommand
if self.__ping():
File "/usr/bin/fail2ban-client", line 153, in __ping
return self.__processCmd([["ping"]], False)
File "/usr/bin/fail2ban-client", line 185, in __processCmd
client.close()
File "/usr/lib/python2.7/dist-packages/fail2ban/client/csocket.py", line 55, in close
self.__csock.sendall(CSPROTO.CLOSE + CSPROTO.END)
File "/usr/lib/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 32] Broken pipe
Cause
fail2ban service was started manually with –x option.
Resolution
-
Connect to the server using SSH.
-
Kill
fail2banservice on the server and remove its socket:# kill `ps afvvx | grep -v grep | grep fail2ban-server | awk '{print $1}' | xargs`
# rm -f /var/run/fail2ban/fail2ban.sockNote: In case of missing fail2ban process,
incorrect command usagemessage will be shown. -
Start Fail2Ban service from Tools & Settings -> Services Management -> IP Address Banning (Fail2ban) in Plesk GUI:
-
In case of steps above did not help - reinstall Fail2Ban components: How to install/uninstall Plesk components?
Comments
8 comments
The same symptom can be caused by a missing log file that fail2ban ought to analyze according to its configuration. For example, when /var/log/modsec_audit.log is missing, but the ModSecurity jail is present in the fail2ban configuration, fail2ban will fail to start with the same errors. In that case, look for lines like
ERROR No file(s) found for glob <log file name>
by examining "journalctl -xe". The solution in such case can be to create an empty file in the location of the missing log file, e.g.
touch <log file name>
Hello @Peter, thank you for the comment!
The similar issue is described in the following article: https://support.plesk.com/hc/en-us/articles/360001158933-Unable-to-switch-on-the-ssh-jail-ERROR-No-file-s-found-for-glob-var-log-secure
Additionally, this article may also be useful: https://support.plesk.com/hc/en-us/articles/115000154134-Unable-to-activate-Fail2Ban-jails-ERROR-NOK-ERROR-No-file-s-found-for-glob-var-log-modsec-audit-log
In case of steps above did not help - reinstall fail2ban
# plesk installer remove --components fail2ban
# plesk installer add --components fail2ban
======
above worked for me thanks @Maxim Krasikov
Hi @Tristan,
Thank you for the feedback, will deliver it to @Maxim =)
Hi, uninstall und reinstall works until the next reboot. After Reboot the Problem is back, everytime!
Hello @Dominik,
In this article the issue is that
fail2banservice was started manually with–xoption.According to the information which you have provided, you might have an issue with a different cause.
Please, try to check the comment from Peter, maybe it is you case.
If it is not, please, specify more information, also, let me know the exact error you get.
Remove Fail2ban from plesk and remove from etc/fail2ban folder
next reinstall fail2ban. everything is ok.
@Şükrü Sağlam thanks for sharing!
Please sign in to leave a comment.