Bug 23551 - denyhosts failed to start due to clash between denyhosts.service and /etc/denyhosts.conf
Summary: denyhosts failed to start due to clash between denyhosts.service and /etc/den...
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal critical
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL:
Whiteboard: MGA6-32-OK MGA6-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2018-09-09 05:03 CEST by Wonder Full
Modified: 2018-09-21 18:27 CEST (History)
7 users (show)

See Also:
Source RPM: denyhosts
CVE:
Status comment:


Attachments

Description Wonder Full 2018-09-09 05:03:22 CEST
Description of problem:  Denyhosts (version 3.0, the latest) failed to start with "timeout" error since Mar 28, 2018 on mageia 6 (updated regularly)


Version-Release number of selected component (if applicable): 3.0, the latest version installed from mageia repository


How reproducible: Fully re-installed new package have the same issue. Should be easily reproducible.

Cause of the problem: The LOCK_FILE specified in denyhosts.service is different from the default LOCK_FILE in /etc/denyhosts.conf. The latter ends with .pid, following the mageia convention, while the former doesn't. 

Solution: Change the former to the same as the latter: /var/run/denyhosts.pid
Comment 1 Marja Van Waes 2018-09-11 19:24:12 CEST
Assigning to the registered maintainer.

Source RPM: (none) => denyhosts
Assignee: bugsquad => cooker
CC: (none) => marja11

Comment 2 Johnny A. Solbu 2018-09-11 21:11:53 CEST
For some reason I fixed this for mga6 and cauuldron in october 2017, and forgot to commit the changes to mga6…

Just committed to svn and pushed to testing repo.

Status: NEW => ASSIGNED

Comment 3 Johnny A. Solbu 2018-09-11 21:23:24 CEST
An updated package is pushed to 6/core/updates_testing

SRPMS:
denyhosts-3.0-5.1.mga6.src.rpm

RPMS:
denyhosts-3.0-5.1.mga6.noarch.rpm


Possible advisory:

A config error prevents denyhosts from starting.
The service file and the config file defines two different pid-files when startring. This update fixes that.

Assignee: cooker => qa-bugs

Johnny A. Solbu 2018-09-11 21:26:29 CEST

See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=20189

Comment 4 Herman Viaene 2018-09-15 14:37:10 CEST
MGA6-32 MATE on IBM Thinkpad R50e
No installation issues
At CLI:
# systemctl  start denyhosts
Job for denyhosts.service failed because the control process exited with error code.
See "systemctl status denyhosts.service" and "journalctl -xe" for details.
# systemctl -l status denyhosts
● denyhosts.service - SSH log watcher
   Loaded: loaded (/usr/lib/systemd/system/denyhosts.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since za 2018-09-15 14:17:46 CEST; 1min 7s ago
  Process: 29314 ExecStart=/usr/bin/denyhosts.py --daemon --config=/etc/denyhosts.conf (code=exited, status=1/FAIL

sep 15 14:17:45 mach6.hviaene.thuis systemd[1]: Starting SSH log watcher...
sep 15 14:17:46 mach6.hviaene.thuis denyhosts.py[29314]: Can't read: /var/log/auth.log
sep 15 14:17:46 mach6.hviaene.thuis denyhosts.py[29314]: [Errno 2] No such file or directory: '/var/log/auth.log'
sep 15 14:17:46 mach6.hviaene.thuis denyhosts.py[29314]: Error deleting DenyHosts lock file: /var/run/denyhosts.pi
sep 15 14:17:46 mach6.hviaene.thuis denyhosts.py[29314]: [Errno 2] No such file or directory: '/var/run/denyhosts.
sep 15 14:17:46 mach6.hviaene.thuis systemd[1]: denyhosts.service: Control process exited, code=exited status=1
sep 15 14:17:46 mach6.hviaene.thuis systemd[1]: Failed to start SSH log watcher.
sep 15 14:17:46 mach6.hviaene.thuis systemd[1]: denyhosts.service: Unit entered failed state.
sep 15 14:17:46 mach6.hviaene.thuis systemd[1]: denyhosts.service: Failed with result 'exit-code'.
Checked on sshd
# systemctl -l status sshd
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: activating (auto-restart) (Result: exit-code) since za 2018-09-15 14:19:52 CEST; 38s ago
     Docs: man:sshd(8)
           man:sshd_config(5)
  Process: 30163 ExecStart=/usr/sbin/sshd -D $OPTIONS (code=exited, status=255)
 Main PID: 30163 (code=exited, status=255)
   CGroup: /system.slice/sshd.service

sep 15 14:19:52 mach6.hviaene.thuis systemd[1]: sshd.service: Main process exited, code=exited, status=255/n/a
sep 15 14:19:52 mach6.hviaene.thuis systemd[1]: Failed to start OpenSSH server daemon.
sep 15 14:19:52 mach6.hviaene.thuis systemd[1]: sshd.service: Unit entered failed state.
sep 15 14:19:52 mach6.hviaene.thuis systemd[1]: sshd.service: Failed with result 'exit-code'.
sep 15 14:20:35 mach6.hviaene.thuis systemd[1]: sshd.service: Service hold-off time over, scheduling restart.
sep 15 14:20:35 mach6.hviaene.thuis systemd[1]: Stopped OpenSSH server daemon.
sep 15 14:20:35 mach6.hviaene.thuis systemd[1]: Starting OpenSSH server daemon...
sep 15 14:20:35 mach6.hviaene.thuis sshd[30426]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
sep 15 14:20:35 mach6.hviaene.thuis systemd[1]: sshd.service: Main process exited, code=exited, status=255/n/a
sep 15 14:20:35 mach6.hviaene.thuis systemd[1]: Failed to start OpenSSH server daemon.
sep 15 14:20:35 mach6.hviaene.thuis systemd[1]: sshd.service: Unit entered failed state.
sep 15 14:20:35 mach6.hviaene.thuis systemd[1]: sshd.service: Failed with result 'exit-code'.

# journalctl -xe
sep 15 14:33:38 mach6.hviaene.thuis systemd[1]: Failed to start PowerDNS Authoritative Server.
-- Subject: Unit pdns.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit pdns.service has failed.
-- 
-- The result is failed.
sep 15 14:33:38 mach6.hviaene.thuis systemd[1]: pdns.service: Unit entered failed state.
sep 15 14:33:38 mach6.hviaene.thuis systemd[1]: pdns.service: Failed with result 'exit-code'.
sep 15 14:33:40 mach6.hviaene.thuis systemd[1]: pdns.service: Service hold-off time over, scheduling restart.
sep 15 14:33:40 mach6.hviaene.thuis systemd[1]: Stopped PowerDNS Authoritative Server.
-- Subject: Unit pdns.service has finished shutting down
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit pdns.service has finished shutting down.
sep 15 14:33:40 mach6.hviaene.thuis systemd[1]: Starting PowerDNS Authoritative Server...
-- Subject: Unit pdns.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit pdns.service has begun starting up.
sep 15 14:33:40 mach6.hviaene.thuis pdns_server[2771]: Reading random entropy from '/dev/urandom'
sep 15 14:33:40 mach6.hviaene.thuis pdns_server[2771]: This is a standalone pdns
sep 15 14:33:40 mach6.hviaene.thuis pdns_server[2771]: Listening on controlsocket in '/run/powerdns/pdns.controlsocket'
sep 15 14:33:40 mach6.hviaene.thuis pdns_server[2771]: UDP server bound to 0.0.0.0:53
sep 15 14:33:40 mach6.hviaene.thuis pdns_server[2771]: IPv6 Address Family is not supported - skipping UDPv6 bind
sep 15 14:33:40 mach6.hviaene.thuis pdns_server[2771]: TCP server bound to 0.0.0.0:53
sep 15 14:33:40 mach6.hviaene.thuis pdns_server[2771]: Fatal error: Unable to acquire TCPv6 socket: Address family not suppor
sep 15 14:33:40 mach6.hviaene.thuis systemd[1]: pdns.service: Main process exited, code=exited, status=1/FAILURE
sep 15 14:33:40 mach6.hviaene.thuis systemd[1]: Failed to start PowerDNS Authoritative Server.
IPv6 is disabled here, so why does it skip UDP bind, but throws a fatal error on TCP????

CC: (none) => herman.viaene

Comment 5 Johnny A. Solbu 2018-09-15 19:53:47 CEST
For some reason, I was removed from the CC list when i assigned the bug to QA.

The reason it fails is because it can't read /var/log/auth.log.
You need to start rsyslog, which is installed as a dependency, and then start denyhosts.

The IPv6 error is an unrelated «pdns» (powerdns) issue.

CC: (none) => cooker

Comment 6 Herman Viaene 2018-09-16 11:12:19 CEST
After rebooting the laptop
# systemctl -l status rsyslog
● rsyslog.service - System Logging Service
   Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; vendor preset: enabled)
   Active: active (running) since zo 2018-09-16 10:55:32 CEST; 14min ago
     Docs: man:rsyslogd(8)
           http://www.rsyslog.com/doc/
 Main PID: 6081 (rsyslogd)
   CGroup: /system.slice/rsyslog.service
           └─6081 /sbin/rsyslogd -n

sep 16 10:55:28 mach6.hviaene.thuis systemd[1]: Starting System Logging Service...
sep 16 10:55:32 mach6.hviaene.thuis systemd[1]: Started System Logging Service.

# systemctl -l status denyhosts
● denyhosts.service - SSH log watcher
   Loaded: loaded (/usr/lib/systemd/system/denyhosts.service; enabled; vendor preset: enabled)
   Active: active (running) since zo 2018-09-16 10:55:36 CEST; 14min ago
  Process: 6078 ExecStart=/usr/bin/denyhosts.py --daemon --config=/etc/denyhosts.conf (code=exited, sta
 Main PID: 6329 (denyhosts.py)
   CGroup: /system.slice/denyhosts.service
           └─6329 /usr/bin/python /usr/bin/denyhosts.py --daemon --config=/etc/denyhosts.conf

sep 16 10:55:27 mach6.hviaene.thuis systemd[1]: Starting SSH log watcher...
sep 16 10:55:36 mach6.hviaene.thuis systemd[1]: denyhosts.service: PID file /var/run/denyhosts.pid not 
sep 16 10:55:36 mach6.hviaene.thuis systemd[1]: Started SSH log watcher.

So seems OK. Tx Jhonny.

Whiteboard: (none) => MGA6-32-OK

Comment 7 Len Lawrence 2018-09-19 09:59:01 CEST
Mageia 6, x86_64

Installed this a few days ago.  It started fine and is still running.  rsyslog was already running.

CC: (none) => tarazed25
Whiteboard: MGA6-32-OK => MGA6-32-OK MGA6-64-OK

Comment 8 Len Lawrence 2018-09-19 12:23:57 CEST
Forgotten what applies to local bugfixes.  This looks OK for both architectures so can we validate?
Comment 9 Thomas Andrews 2018-09-21 03:53:14 CEST
I'd say so. Validating.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Dave Hodgins 2018-09-21 17:34:44 CEST

Keywords: (none) => advisory
CC: (none) => davidwhodgins

Comment 10 Mageia Robot 2018-09-21 18:27:32 CEST
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGAA-2018-0154.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.