Description of problem: denyhosts in Fedora 20 alpha fails to start, because there is no /var/log/secure . no doubt due to the fact, that logging is handled through the systemd journal in stead of rsyslog Version-Release number of selected component (if applicable): denyhosts-2.6-29.fc20.noarch How reproducible: Steps to Reproduce: 1. install denyhosts 2. enable and start the denyhosts.service 3. Actual results: # systemctl status denyhosts.service denyhosts.service - SSH log watcher Loaded: loaded (/usr/lib/systemd/system/denyhosts.service; enabled) Active: failed (Result: exit-code) since Wed 2013-10-02 09:22:11 CEST; 1min 11s ago Process: 22955 ExecStart=/usr/bin/denyhosts.py --daemon --config=/etc/denyhosts.conf (code=exited, status=1/FAILURE) Process: 22952 ExecStartPre=/bin/rm -f /run/lock/subsys/denyhosts (code=exited, status=0/SUCCESS) Oct 02 09:22:10 eendracht.strw.leidenuniv.nl systemd[1]: Starting SSH log watcher... Oct 02 09:22:11 eendracht.strw.leidenuniv.nl denyhosts.py[22955]: Can't read: /var/log/secure Oct 02 09:22:11 eendracht.strw.leidenuniv.nl denyhosts.py[22955]: [Errno 2] No such file or directory: '/var/log/secure' Oct 02 09:22:11 eendracht.strw.leidenuniv.nl denyhosts.py[22955]: Error deleting DenyHosts lock file: /var/lock/subsys/denyhosts Oct 02 09:22:11 eendracht.strw.leidenuniv.nl denyhosts.py[22955]: [Errno 2] No such file or directory: '/var/lock/subsys/denyhosts' Oct 02 09:22:11 eendracht.strw.leidenuniv.nl systemd[1]: denyhosts.service: control process exited, code=exited status=1 Oct 02 09:22:11 eendracht.strw.leidenuniv.nl systemd[1]: Failed to start SSH log watcher. Oct 02 09:22:11 eendracht.strw.leidenuniv.nl systemd[1]: Unit denyhosts.service entered failed state. Expected results: a running denyhosts daemon Additional info:
Issue still there
*** This bug has been marked as a duplicate of bug 988163 ***
My server was attacked brutally and I was searching for a solution. I could not see a good solution except the whole thing sucks. I worked on my solution and would like to share with any one having the same issue and needs a solution. I added a tactical command to /var/spool/cron/root to run every five minutes. It works now. Here is the command: journalctl -u sshd --since=today | grep -e Failed >/var/log/secure
It is, like, a whole lot easier to install a syslog daemon.