[Python-modules-team] Bug#956177: fail2ban: daemon startup should not access /root/.local
Russell Coker
russell at coker.com.au
Wed Apr 8 03:51:03 BST 2020
Package: fail2ban
Version: 0.11.1-1
Severity: normal
type=AVC msg=audit(1586313861.749:37): avc: denied { search } for pid=704 comm="fail2ban-server" name=".local" dev="sdb2" ino=31516 scontext=system_u:system_r:fail2ban_t:s0 tcontext=unconfined_u:object_r:xdg_data_t:s0 tclass=dir permissive=0
Above is a SE Linux audit message generated by fail2ban starting on system
boot. It is trying to access /root/.local which is inappropriate for a daemon.
No system configuration should be under /root/ and any daemon which accesses
that could give unexpected results.
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 5.4.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Enforcing - Policy name: default
Versions of packages fail2ban depends on:
ii lsb-base 11.1.0
ii python3 3.8.2-2
Versions of packages fail2ban recommends:
ii iptables 1.8.4-3
pn python3-pyinotify <none>
pn python3-systemd <none>
ii whois 5.5.6
Versions of packages fail2ban suggests:
ii bsd-mailx [mailx] 8.1.2-0.20180807cvs-1+b1
ii monit 1:5.26.0-4
ii rsyslog [system-log-daemon] 8.2002.0-2
pn sqlite3 <none>
-- Configuration Files:
/etc/fail2ban/paths-debian.conf changed [not included]
-- no debconf information
More information about the Python-modules-team
mailing list