Displaying 3 results from an estimated 3 matches for "fail2ban_client_exec_t".
2015 Mar 30
1
Fail2Ban Centos 7 is there a trick to making it work?
On Tue, 2015-03-10 at 14:43 +0100, Andrea Dell'Amico wrote:
>
> #============= logrotate_t ==============
> allow logrotate_t fail2ban_client_exec_t:file { ioctl read execute
> execute_no_trans open };
>
Looks like this was already fixed in 'selinux-policy'. See
https://bugzilla.redhat.com/show_bug.cgi?id=1114821
John.
--
John Horne Tel: +44 (0)1752 587287
Plymouth University, UK
2015 Mar 10
2
Fail2Ban Centos 7 is there a trick to making it work?
On Mon, March 9, 2015 13:11, John Plemons wrote:
> Been working on fail2ban, and trying to make it work with plain Jane
> install of Centos 7
>
> Machine is a HP running 2 Quad core Xeons, 16 gig or ram and 1 plus TB
> of disk space. Very generic and vanilla.
>
> Current available epel repo version is fail2ban-0.9.1
>
> Looking at the log file, fail2ban starts and stops
2015 Mar 10
0
Fail2Ban Centos 7 is there a trick to making it work?
...n]
> logpath = /var/log/secure
> maxretry = 5
>
I?m using fail2ban with the -firewalld and -systemd modules, and I had to setup some SELinux rules to make it working right. This is the policy I add to the CentOS 7 machines:
module fail2ban-journal-sepol-new 1.0;
require {
type fail2ban_client_exec_t;
type logrotate_t;
type fail2ban_t;
type syslogd_var_run_t;
class dir read;
class file { ioctl read execute execute_no_trans open getattr };
}
#============= fail2ban_t ==============
#!!!! This avc is allowed in the current policy
allow fail2ban_t syslogd_...