Skip to content

[BUG] fail2ban-server is spawned every minute and does not die #2781

Closed
Closed
[BUG] fail2ban-server is spawned every minute and does not die#2781
Labels
issue/duplicateThis issue is a duplicate of another issueissue/likely user-related misconfigurationThis issue is likely the result of a misconfiguration on the user's endissue/limited supportDue to a specific configuration on the user side only limited support is offeredkind/upstreamRelated to, or resolved by, an upstream project - Not resolvable within DMSservice/security/fail2ban
@yogo1212

Description

@yogo1212
yogo1212
opened on Sep 19, 2022

Miscellaneous first checks

  • I checked that all ports are open and not blocked by my ISP / hosting provider.
  • I know that SSL errors are likely the result of a wrong setup on the user side and not caused by DMS itself. I'm confident my setup is correct.

Affected Component(s)

init system

What happened and when does this occur?

The `dumb-init` process inside the container spawns a `fail2ban-server` process roughly every minute (40 sec).


    721 root      20   0 1387604  29424      0 S   0.5   1.5   0:23.42 dockerd
    637 root      20   0 1208456  20572      0 S   3.7   1.0   0:33.47 containerd
   1073 root      20   0  712392  11120      0 S   0.0   0.6   0:34.08 containerd-shim
  42762 root      20   0   22784   8728      0 R   0.2   0.4   0:32.25 fail2ban-server
  46146 root      20   0   22784   8728      0 R   0.0   0.4   0:26.63 fail2ban-server
  48657 root      20   0   22784   8728      0 R   0.0   0.4   0:22.64 fail2ban-server
  49743 root      20   0   22784   8728      0 R   0.0   0.4   0:20.92 fail2ban-server
  50477 root      20   0   22784   8728      0 R   0.0   0.4   0:19.78 fail2ban-server
  51211 root      20   0   22784   8728      0 R   0.0   0.4   0:18.66 fail2ban-server
  52304 root      20   0   22784   8728      0 R   0.0   0.4   0:16.98 fail2ban-server
  53643 root      20   0   22784   8728      0 R   0.0   0.4   0:15.03 fail2ban-server
  56069 root      20   0   22784   8728      0 R   0.0   0.4   0:11.45 fail2ban-server
  58561 root      20   0   22784   8728      0 R   0.2   0.4   0:07.90 fail2ban-server
  58759 root      20   0   22784   8728      0 R   0.2   0.4   0:07.62 fail2ban-server
  61536 root      20   0   22784   8728      0 R   0.2   0.4   0:03.40 fail2ban-server
  38134 root      20   0   22784   8724      0 R   0.0   0.4   0:40.41 fail2ban-server
  38640 root      20   0   22784   8724      0 R   0.2   0.4   0:39.48 fail2ban-server
  38820 root      20   0   22784   8724      0 R   0.0   0.4   0:39.16 fail2ban-server
  42583 root      20   0   22784   8724      0 R   0.0   0.4   0:32.54 fail2ban-server
  43319 root      20   0   22784   8724      0 R   0.0   0.4   0:31.33 fail2ban-server
  45434 root      20   0   22784   8724      0 R   0.0   0.4   0:27.80 fail2ban-server
  45620 root      20   0   22784   8724      0 R   0.0   0.4   0:27.49 fail2ban-server
  46500 root      20   0   22784   8724      0 R   0.2   0.4   0:26.06 fail2ban-server
  48274 root      20   0   22784   8724      0 R   0.2   0.4   0:23.21 fail2ban-server
  48476 root      20   0   22784   8724      0 R   0.0   0.4   0:22.92 fail2ban-server
  48829 root      20   0   22784   8724      0 R   0.2   0.4   0:22.34 fail2ban-server
  49017 root      20   0   22784   8724      0 R   0.2   0.4   0:22.05 fail2ban-server
  49558 root      20   0   22784   8724      0 R   0.0   0.4   0:21.21 fail2ban-server
  49932 root      20   0   22784   8724      0 R   0.0   0.4   0:20.64 fail2ban-server
$ ps -ef | grep fail2ban-server | wc -l
382

Their parent is:
root 1094 1073 0 08:40 ? 00:00:00 /usr/bin/dumb-init -- supervisord -c /etc/supervisor/supervisord.con



### What did you expect to happen?

```Markdown
Well.. One process should be enough, I think :-p

How do we replicate the issue?

1. (Re-)Start docker-mailserver
2. Wait

DMS version

latest/530663efe865 - v1.11.0, I guess

What operating system is DMS running on?

Linux

What instruction set architecture is DMS running on?

x86_64 / AMD64

What container orchestration tool are you using?

Docker Compose

docker-compose.yml

pretty vanilla.

take the env instead:


ENABLE_FAIL2BAN=1
FAIL2BAN_BLOCKTYPE=drop

and, yes:

    cap_add:
      - NET_ADMIN

Relevant log output

fail2ban is only mentioned in supervisord-log:


2022-09-19 16:33:16,731 fail2ban                [55801]: ERROR   Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it
/usr/local/bin/fail2ban-wrapper.sh: line 27: /var/run/fail2ban/fail2ban.pid: No such file or directory
/usr/local/bin/fail2ban-wrapper.sh: line 27: kill: `': not a pid or valid job spec
2022-09-19 16:33:54,984 fail2ban                [55902]: ERROR   Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it
/usr/local/bin/fail2ban-wrapper.sh: line 27: /var/run/fail2ban/fail2ban.pid: No such file or directory
/usr/local/bin/fail2ban-wrapper.sh: line 27: kill: `': not a pid or valid job spec
2022-09-19 16:34:33,467 fail2ban                [56005]: ERROR   Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it
/usr/local/bin/fail2ban-wrapper.sh: line 27: /var/run/fail2ban/fail2ban.pid: No such file or directory
/usr/local/bin/fail2ban-wrapper.sh: line 27: kill: `': not a pid or valid job spec
2022-09-19 16:35:12,182 fail2ban                [56108]: ERROR   Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it
/usr/local/bin/fail2ban-wrapper.sh: line 27: /var/run/fail2ban/fail2ban.pid: No such file or directory
/usr/local/bin/fail2ban-wrapper.sh: line 27: kill: `': not a pid or valid job spec
2022-09-19 16:35:50,684 fail2ban                [56217]: ERROR   Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it
/usr/local/bin/fail2ban-wrapper.sh: line 27: /var/run/fail2ban/fail2ban.pid: No such file or directory
/usr/local/bin/fail2ban-wrapper.sh: line 27: kill: `': not a pid or valid job spec
2022-09-19 16:36:29,838 fail2ban                [56324]: ERROR   Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it
/usr/local/bin/fail2ban-wrapper.sh: line 27: /var/run/fail2ban/fail2ban.pid: No such file or directory
/usr/local/bin/fail2ban-wrapper.sh: line 27: kill: `': not a pid or valid job spec
2022-09-19 16:37:08,960 fail2ban                [56432]: ERROR   Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it
/usr/local/bin/fail2ban-wrapper.sh: line 27: /var/run/fail2ban/fail2ban.pid: No such file or directory
/usr/local/bin/fail2ban-wrapper.sh: line 27: kill: `': not a pid or valid job spec
2022-09-19 16:37:48,584 fail2ban                [56533]: ERROR   Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it
/usr/local/bin/fail2ban-wrapper.sh: line 27: /var/run/fail2ban/fail2ban.pid: No such file or directory
/usr/local/bin/fail2ban-wrapper.sh: line 27: kill: `': not a pid or valid job spec
2022-09-19 16:38:28,261 fail2ban                [56648]: ERROR   Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it
/usr/local/bin/fail2ban-wrapper.sh: line 27: /var/run/fail2ban/fail2ban.pid: No such file or directory
/usr/local/bin/fail2ban-wrapper.sh: line 27: kill: `': not a pid or valid job spec
2022-09-19 16:39:08,169 fail2ban                [56751]: ERROR   Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it

Other relevant information

No response

What level of experience do you have with Docker and mail servers?

  • I am inexperienced with docker
  • I am inexperienced with mail servers
  • I am uncomfortable with the CLI

Code of conduct

Improvements to this form?

Hmm. Dunno. It's a bit funny. I guess that's the way with forms instead of open forms of human communication.

Metadata

Metadata

Assignees

No one assigned

    Labels

    issue/duplicateThis issue is a duplicate of another issueissue/likely user-related misconfigurationThis issue is likely the result of a misconfiguration on the user's endissue/limited supportDue to a specific configuration on the user side only limited support is offeredkind/upstreamRelated to, or resolved by, an upstream project - Not resolvable within DMSservice/security/fail2ban

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions