Failed to start fail2ban service

I installed fail2ban, the fail2ban version is

▸ fail2ban-client --version
Fail2Ban v1.1.0

but failed to start this service, when I checked I found error message like:

ERROR   Error connecting to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3': unable to open database file

But when I check this file:

▸ ls -l /var/lib/fail2ban/fail2ban.sqlite3
.rw-rw-rw-. root root 72 KB Fri Jan 10 14:22:09 2025  /var/lib/fail2ban/fail2ban.sqlite3

and try use sqlite3 to open it , I can open it success.

▸ sqlite3 /var/lib/fail2ban/fail2ban.sqlite3
SQLite version 3.45.1 2024-01-30 16:01:20
Enter ".help" for usage hints.
sqlite> .open  /var/lib/fail2ban/fail2ban.sqlite3
sqlite>                         

What user does the service run as?
Is the file supposed to be owned by that user?

How could i check what user can run this service?

You can see the service file using systemctl cat <service-name>.
Look for a User= line.

When I do command sudo systemctl cat fail2ban, I just get output as below


# /usr/lib/systemd/system/fail2ban.service

[Unit]

Description=Fail2Ban Service

Documentation=man:fail2ban(1)

After=network.target iptables.service firewalld.service ip6tables.service ipset.service nftables.service

PartOf=firewalld.service

[Service]

Type=simple

Environment="PYTHONNOUSERSITE=1"

ExecStartPre=/bin/mkdir -p /run/fail2ban

ExecStart=/usr/bin/fail2ban-server -xf start

# if should be logged in systemd journal, use following line or set logtarget to sysout in fail2ban.local

# ExecStart=/usr/bin/fail2ban-server -xf --logtarget=sysout start

ExecStop=/usr/bin/fail2ban-client stop

ExecReload=/usr/bin/fail2ban-client reload

PIDFile=/run/fail2ban/fail2ban.pid

Restart=on-failure

RestartPreventExitStatus=0 255

[Install]

WantedBy=multi-user.target

# /usr/lib/systemd/system/service.d/10-timeout-abort.conf

# This file is part of the systemd package.

# See https://fedoraproject.org/wiki/Changes/Shorter_Shutdown_Timer.

What is the output of
ls -laZ /var/lib/fail2ban/fail2ban.sqlite3

On my system is
-rw-------. 1 root root system_u:object_r:fail2ban_var_lib_t:s0 73728 Jan 11 07:52 /var/lib/fail2ban/fail2ban.sqlite3

1 Like
ls -lAZ /var/lib/fail2ban/fail2ban.sqlite3
.rw-rw-rw-. root root unconfined_u:object_r:var_lib_t:s0 72 KB Fri Jan 10 14:22:09 2025  /var/lib/fail2ban/fail2ban.sqlite3
ls -l /var/lib/fail2ban/fail2ban.sqlite3
.rw-rw-rw-. root root 72 KB Fri Jan 10 14:22:09 2025 /var/lib/fail2ban/fail2ban.sqlite

l do the mode changed command as sudo chmod 666 /var/lib/fiail2ban/fail2bn.sqlite3 before when I meer this isdue.

You can revert back to 600

I don’t know how it happened, but there is an issue with selinux contexts.
Try to issue this command to restore the expected ones:

sudo restorecon /var/lib/fail2ban/fail2ban.sqlite3

1 Like

thanks for your relpy, after I do these commands:


sudo chmod 600 /var/lib/fail2ban/fail2ban.sqlite3

sudo restorecon /var/lib/fail2ban/fail2ban.sqlite3

It works now.


● fail2ban.service - Fail2Ban Service
Loaded: loaded (/usr/lib/systemd/system/fail2ban.service; enabled; preset: disabled)
Drop-In: /usr/lib/systemd/system/service.d
└─10-timeout-abort.conf
Active: active (running) since Sat 2025-01-11 18:20:59 HKT; 1min 44s ago
Docs: man:fail2ban(1)
Process: 1160584 ExecStartPre=/bin/mkdir -p /run/fail2ban (code=exited, status=0/SUCCESS)
Main PID: 1160586 (fail2ban-server)
Tasks: 5 (limit: 37922)
Memory: 15.0M (peak: 38.5M)
CPU: 445ms
CGroup: /system.slice/fail2ban.service
└─1160586 /usr/bin/python3 -sP /usr/bin/fail2ban-server -xf start
Jan 11 18:20:59 localhost.localdomain systemd[1]: Starting fail2ban.service - Fail2Ban ervice...
Jan 11 18:20:59 localhost.localdomain systemd[1]: Started fail2ban.service - Fail2Ban Service.
Jan 11 18:20:59 localhost.localdomain fail2ban-server[1160586]: Server ready

1 Like