On 13/04/20 1:30 pm, Orion Poplawski wrote: > On 4/9/20 6:31 AM, Andreas Haumer wrote: > ... >> I'm neither a fail2ban nor a SELinux expert, but it seems the >> standard fail2ban SELinux policy as provided by CentOS 7 is not >> sufficient anymore and the recent updates did not correctly >> update the required SELinux policies. >> >> I could report this as bug, but where does such a bugreport belong to >> in the first place? >> >> - andreas >> > > > See https://bugzilla.redhat.com/show_bug.cgi?id=1777562 > We're a bit stalled at the moment I'm afradi > Finally had some time to look into this. Happy to say fail2ban now appears to be working. 1. I found that reading the CentOS web site about SElinux was helpful and this led me to issue the following: semanage permissive -a fail2ban_t this places just fail2ban requests (got the context from the scontext part of the SElinux error message) into permissive mode rather than the entire OS. 2. Then a look into the SElinux troubleshooter gave me the errors that were occurring and following the suggested instructions I created a my-f2bfsshd.pp & my-f2bfsshd.te 3. restarted fail2ban via systemctl restart fail2ban.service 4. monitored via fail2ban-client status <filter_name> and now get Status for the jail: sshd |- Filter | |- Currently failed: 0 | |- Total failed: 109 | `- Journal matches: _SYSTEMD_UNIT=sshd.service + _COMM=sshd `- Actions |- Currently banned: 3 |- Total banned: 6 `- Banned IP list: 27.78.14.83 116.105.216.179 139.99.71.227 5. set fail2ban back into enforcing with semanage permissive -d fail2ban_t All solved for me. I have now done this on a second machine and it too seems to be functioning again. HTH Rob