Bug 988163

Summary: denyhosts doesn't work because there is no /var/log/secure
Product: [Fedora] Fedora Reporter: Renich Bon Ciric <renich>
Component: denyhostsAssignee: Jason Tibbitts <j>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 19CC: dennis, jansen, j, pachoramos1
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-07-26 14:20:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Renich Bon Ciric 2013-07-24 23:00:05 UTC 
Description of problem:
denyhosts uses /var/log/secure. Since systemD uses journalctl now, it doesn't log there.

Version-Release number of selected component (if applicable):
denyhosts-2.6-28.fc19.noarch

How reproducible:
just install Fedora and denyhosts. Make sure that /var/log/secure is being written to; otherwise, remove it.

Steps to Reproduce:
1. Install Fedora
2. Install denyhosts
3. Try it out.

Actual results:
# /usr/bin/denyhosts.py 
Can't read: /var/log/secure
[Errno 2] No such file or directory: '/var/log/secure'
Error deleting DenyHosts lock file: /var/lock/subsys/denyhosts
[Errno 2] No such file or directory: '/var/lock/subsys/denyhosts'


Expected results:
It should just work

Additional info:
Comment 1 Jason Tibbitts 2013-07-25 03:10:53 UTC 
Yep, you must configure some kind of syslog or there is simply nothing for denyhosts to parse.  But of course denyhosts can't carry a dependency on any specific syslog implementation.  All I could do is make a note in the documentation, but then that's kind of stating the obvious.

Outside of denyhosts upstream somehow learning to deal with the journal, which I doubt will ever happen, there's nothing else to do here.  Nothing I can do will make it "just work".
Comment 2 Renich Bon Ciric 2013-07-25 14:00:20 UTC 
(In reply to Jason Tibbitts from comment #1)
> Yep, you must configure some kind of syslog or there is simply nothing for
> denyhosts to parse.  But of course denyhosts can't carry a dependency on any
> specific syslog implementation.  All I could do is make a note in the
> documentation, but then that's kind of stating the obvious.
> 
> Outside of denyhosts upstream somehow learning to deal with the journal,
> which I doubt will ever happen, there's nothing else to do here.  Nothing I
> can do will make it "just work".

I understand. Can we file a feature request upstream to ask for support for the journal?
Comment 3 Jason Tibbitts 2013-07-25 15:37:20 UTC 
Upstream no longer really develops denyhosts, so there is essentially no chance that anyone would even listen to such a request, much less actually do the work.  Such work would have to come from Fedora or another distro which has switched.  At this point it may be more reasonable to simply remove denyhosts from the distribution.
Comment 4 Renich Bon Ciric 2013-07-25 15:42:38 UTC 
(In reply to Jason Tibbitts from comment #3)
> Upstream no longer really develops denyhosts, so there is essentially no
> chance that anyone would even listen to such a request, much less actually
> do the work.  Such work would have to come from Fedora or another distro
> which has switched.  At this point it may be more reasonable to simply
> remove denyhosts from the distribution.

Agreed. There's this other package that missed reviewing; rather, the developer abandoned it: sshguard or something
Comment 5 Jason Tibbitts 2013-07-25 21:07:20 UTC 
Also, one interesting thing, but you reported this against F19, and F19 still logs to /var/log/secure by default.  So either you're running some non-default setup (in which case I'd expect you'd know what to do to put syslog back) or something else is broken there.  For F20, all of these issues will exist for minimal installs, I believe, given today's FESCo vote to remove rsyslogd from @core.
Comment 6 Renich Bon Ciric 2013-07-25 22:19:16 UTC 
(In reply to Jason Tibbitts from comment #5)
> Also, one interesting thing, but you reported this against F19, and F19
> still logs to /var/log/secure by default.  So either you're running some
> non-default setup (in which case I'd expect you'd know what to do to put
> syslog back) or something else is broken there.  For F20, all of these
> issues will exist for minimal installs, I believe, given today's FESCo vote
> to remove rsyslogd from @core.

Well, I know how to set up rsyslog but, in this case, this is a pristine, vanilla version of Fedora 19.

And, no; there is no /var/log/secure. 

Good thing this bug got reported, huh? Upgrades will not "suffer" from this but they will think they have denyhosts running while it isn't doing it's job...
Comment 7 Jason Tibbitts 2013-07-26 14:20:01 UTC 
And... this isn't a denyhosts bug at all.  Systemd sometimes comes up broken and doesn't log anything to /var/log/secure regardless of how you have your syslog daemon configured.

*** This bug has been marked as a duplicate of bug 988814 ***
Comment 8 Kevin Raymond 2013-12-11 10:13:25 UTC 
*** Bug 1014473 has been marked as a duplicate of this bug. ***