Bug 2138919
Summary: | fail2ban suddently taking 100% CPU | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | dan |
Component: | fail2ban | Assignee: | Richard Shaw <hobbes1069> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 36 | CC: | anon.amish, axel.thimm, hobbes1069, jvrodrigues, orion, vonsch |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | fail2ban-1.0.1-2.fc37 fail2ban-1.0.1-2.fc36 fail2ban-1.0.1-2.el9 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2022-11-10 22:31:18 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
dan
2022-10-31 17:01:39 UTC
The culprint is the dovecot filter. I don't know why, I did not make any config changes. If I disable the dovecot filter CPU returns to its usual minimal level. Yes, this is a known issue. Upstream is aware and has mentioned a new release to fix but it has not happened yet. Technically a dupe of https://bugzilla.redhat.com/show_bug.cgi?id=2135621 but that is against EPEL so I'll just reference it here. FEDORA-2022-9a192ab246 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-9a192ab246 FEDORA-EPEL-2022-3b4c776408 has been submitted as an update to Fedora EPEL 9. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-3b4c776408 FEDORA-2022-3f9a2795e7 has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2022-3f9a2795e7 FEDORA-2022-3f9a2795e7 has been pushed to the Fedora 37 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-3f9a2795e7` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-3f9a2795e7 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2022-9a192ab246 has been pushed to the Fedora 36 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-9a192ab246` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-9a192ab246 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2022-3b4c776408 has been pushed to the Fedora EPEL 9 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-3b4c776408 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. The update does not fix the problem on FC36. I applied the update, enabled the dovecot jail, and restarted fail2ban. CPU quick hit almost 100%. (In reply to dan from comment #9) > The update does not fix the problem on FC36. I applied the update, enabled > the dovecot jail, and restarted fail2ban. CPU quick hit almost 100%. Can you check for a rpmnew file? All configuration files are marked not to be replaced as to not overwrite local modifications. No rpmnew file in /etc/fail2ban. The patch was definitely applied during the build... What does your filter directory look like? $ ll /etc/fail2ban/filter.d/ | grep dovecot -rw-r--r--. 1 root root 2586 Oct 3 07:01 dovecot.conf Also some context if it's helpful. Here's the upstream issue: https://github.com/fail2ban/fail2ban/issues/3370 And the commit that was supposed to fix it: https://github.com/fail2ban/fail2ban/commit/ca2b94c5229bd474f612b57b67d796252a4aab7a FEDORA-2022-3f9a2795e7 has been pushed to the Fedora 37 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2022-9a192ab246 has been pushed to the Fedora 36 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-EPEL-2022-3b4c776408 has been pushed to the Fedora EPEL 9 stable repository. If problem still persists, please make note of it in this bug report. |