After a hard reboot, fail2ban fails to restart due to a stale socket file. Reproducible: Always Steps to Reproduce: 1. Start fail2ban using initscript (#/etc/init.d/fail2ban start) 2. Power Cycle your machine (or kill -9 the process and zap the initscript) 3. Try restarting fail2ban with the initscrip (#/etc/init.d/fail2ban start) Actual Results: * Service fail2ban starting * Starting fail2ban ... * Failed to start fail2ban [ !! ] * ERROR: fail2ban failed to start Expected Results: * Service fail2ban starting * Starting fail2ban... [ ok ] * Service fail2ban started By using the fail2ban-client startup method I was able to determine that the failure is due to a stale socket file located in /var/run/fail2ban/fail2ban.sock. Removing this stale socket fixes the problem. # fail2ban-client start 2009-02-21 02:19:06,826 fail2ban.server : INFO Starting Fail2ban v0.8.3 2009-02-21 02:19:06,827 fail2ban.server : INFO Starting in daemon mode ERROR Could not start server. Maybe an old socket file is still present. Try to remove /var/run/fail2ban/fail2ban.sock. If you used fail2ban-client to start the server, adding the -x option will do it I suggest adding some method that detects this file / bad shutdown in the initscript and seamlessly removes a stale socket while possibly throwing a warning. This is a minor security issue as fail2ban will fail to restart after a power failure.
Still the same with 0.8.4. I did a strace with the fail2ban-client to see why it's taking so long before it finally fails starting, as it delays startup of the computer for about 30 seconds. It seems it is trying to connect on the stale socket, I counted 302 tries. Also I found that the message about the socket fail2ban-client finally gives at the end when it's called directly, isn't logged in the fail2ban log. Such message would be very useful there.
I always have the same problem after I upgrade fail2ban. After awhile of snooping around I realize I just need to configure fail2ban to start even if a socket exists: In /etc/conf.d/fail2ban add -x to FAIL2BAN_OPTIONS
0.8.3 is no longer on tree
But 0.8.4 is. Is there a fix for the issues in my previous comment?