Problem with Fail2Ban and SQLite

Hello,

I use Tumbleweed in the latest version and have a problem with fail2ban that don’t create and use the SQLite-DB. The file /var/lib/fail2ban/fail2ban.sqlite3 is not created. And fail2ban always uses only the database stored in memory even though the sqlite3 package is installed on the system.

In the log file /var/log/fail2ban.log I see the following at the start of the daemon:

“ERROR Unable to import fail2base module as sqlite is not available.”

What can it be and how can it be corrected? May be Python3 compiled on Tumbleweed without sqlite switch?

Many thanks for your help.

I looked into this only so far as to verify whether it installs and starts up…

In a currently updated TW,
I installed fail2ban from the OSS (where did you install yours from?)
I did not install sqlite3 because it’s not necessary, only optional if you want to inspect the contents of the sqlite3 file.

After installing,
The first task is to start the server…

fail2ban-server start

Then I verified the path to the sqlite3 file…

fail2ban-server get dbfile
Current database file is:`- /var/lib/fail2ban/fail2ban.sqlite3

In the console, I browsed to that location to verify the file is there
I also decided to dump the configuration

fail2ban-server -d
'set', 'syslogsocket', 'auto']
'set', 'loglevel', 'INFO']
'set', 'logtarget', '/var/log/fail2ban.log']
'set', 'dbfile', '/var/lib/fail2ban/fail2ban.sqlite3']
'set', 'dbpurgeage', '1d']

So,
It looks like it installed properly.

I found the following articles which might be helpful…

There should not be any need to install sqlite3 for fail2ban to work, but you can do so if you’d like to inspect the contents of the sqlite3 file…
http://jim-zimmerman.com/?p=1234

You can view “–help” as usual, but if you’d like the commands in HTML
https://www.fail2ban.org/wiki/index.php/Commands

HTH,
TSU

Hello tsu2 and thank you for your answer!

My fail2ban was also from OSS.
I have now removed the package fail2ban and all my config.
After that I did exactly your steps without any changes:


# zypper install fail2ban
Installing: fail2ban-0.10.4-3.1.noarch ....................................... ..... [done]

# fail2ban-server start
Server ready

# fail2ban-server get dbfile
Database currently disabled

# fail2ban-server -d
'set', 'syslogsocket', 'auto']
'set', 'loglevel', 'INFO']
'set', 'logtarget', '/var/log/fail2ban.log']
'set', 'dbfile', '/var/lib/fail2ban/fail2ban.sqlite3']
'set', 'dbpurgeage', '1d']

In the Logfile is again the following:


2019-08-20 10: 42: 31,438 fail2ban.server [26639]: INFO Starting Fail2ban v0.10.4
2019-08-20 10: 42: 31,439 fail2ban.server [26639]: INFO Daemon started
2019-08-20 10: 42: 31,450 fail2ban.server [26639]: ERROR Unable to import fail2ban database module as sqlite is not available.
2019-08-20 10: 42: 31,451 fail2ban.transmitter [26639]: Warning dbpurgeage setting was not in effect since no db yet

The daemon actually works quite well with my configuration too. It just uses the database stored in memory and of course loses the data after the restart so that the dbpurgeage parameter has no effect.

Now I have taken the trouble and set up a new Tumbleweed VM (20190815) in server mode (text only).

thereafter without any further changes to the system:


localhost:~ # zypper install fail2ban
Loading repository data...
Reading installed packages...
Resolving package dependencies...

The following 7 NEW packages are going to be installed:
  ed fail2ban libgamin-1-0 python-gamin python2-pyinotify python2-systemd whois

7 new packages to install.
Overall download size: 770.4 KiB. Already cached: 0 B. After the operation, additional 2.5 MiB
will be used.
Continue? [y/n/v/...? shows all options] (y):
Retrieving package ed-1.15-1.9.x86_64                     (1/7),  73.5 KiB (120.1 KiB unpacked)
Retrieving: ed-1.15-1.9.x86_64.rpm ......................................................[done]
Retrieving package libgamin-1-0-0.1.10-14.6.x86_64        (2/7),  42.4 KiB (129.4 KiB unpacked)
Retrieving: libgamin-1-0-0.1.10-14.6.x86_64.rpm .........................................[done]
Retrieving package python2-pyinotify-0.9.6-3.5.noarch     (3/7),  61.6 KiB (298.3 KiB unpacked)
Retrieving: python2-pyinotify-0.9.6-3.5.noarch.rpm ......................................[done]
Retrieving package python2-systemd-234-4.6.x86_64         (4/7),  69.5 KiB (276.1 KiB unpacked)
Retrieving: python2-systemd-234-4.6.x86_64.rpm ..........................................[done]
Retrieving package whois-5.5.0-1.1.x86_64                 (5/7),  97.6 KiB (355.6 KiB unpacked)
Retrieving: whois-5.5.0-1.1.x86_64.rpm ..................................................[done]
Retrieving package python-gamin-0.1.10-14.6.x86_64        (6/7),  20.1 KiB ( 37.2 KiB unpacked)
Retrieving: python-gamin-0.1.10-14.6.x86_64.rpm .........................................[done]
Retrieving package fail2ban-0.10.4-3.1.noarch             (7/7), 405.8 KiB (  1.3 MiB unpacked)
Retrieving: fail2ban-0.10.4-3.1.noarch.rpm ..............................................[done]

Checking for file conflicts: ............................................................[done]
(1/7) Installing: ed-1.15-1.9.x86_64 ....................................................[done]
(2/7) Installing: libgamin-1-0-0.1.10-14.6.x86_64 .......................................[done]
(3/7) Installing: python2-pyinotify-0.9.6-3.5.noarch ....................................[done]
Additional rpm output:
update-alternatives: using /usr/bin/pyinotify-2.7 to provide /usr/bin/pyinotify (pyinotify) in auto mode


(4/7) Installing: python2-systemd-234-4.6.x86_64 ........................................[done]
(5/7) Installing: whois-5.5.0-1.1.x86_64 ................................................[done]
(6/7) Installing: python-gamin-0.1.10-14.6.x86_64 .......................................[done]
(7/7) Installing: fail2ban-0.10.4-3.1.noarch ............................................[done]
Additional rpm output:
Updating /etc/sysconfig/fail2ban ...


Executing %posttrans scripts ............................................................[done]

localhost:~ # fail2ban-server start
Server ready

localhost:~ # fail2ban-server get dbfile
Database currently disabled

localhost:~ # fail2ban-server -d
'set', 'syslogsocket', 'auto']
'set', 'loglevel', 'INFO']
'set', 'logtarget', '/var/log/fail2ban.log']
'set', 'dbfile', '/var/lib/fail2ban/fail2ban.sqlite3']
'set', 'dbpurgeage', '1d']


In logfile:


2019-08-20 12:43:09,176 fail2ban.server         [2307]: INFO    --------------------------------------------------
2019-08-20 12:43:09,176 fail2ban.server         [2307]: INFO    Starting Fail2ban v0.10.4
2019-08-20 12:43:09,178 fail2ban.server         [2307]: INFO    Daemon started
2019-08-20 12:43:09,186 fail2ban.server         [2307]: ERROR   Unable to import fail2ban database module as sqlite is not available.
2019-08-20 12:43:09,188 fail2ban.transmitter    [2307]: WARNING dbpurgeage setting was not in effect since no db yet

The result is the same - SQLite can not be used …

I ask myself why? What am I doing wrong?
And how can I correct this?

I solved the problem.
By default, TW installs python3 on the system. However, Fail2Ban apparently needs Python 2, but does not have it as a prerequirement for the package.

I have manually installed python2 and then fail2ban can also use SQLite:


localhost:~ # zypper install python
Loading repository data...
Reading installed packages...
Resolving package dependencies...

The following NEW package is going to be installed:
  python

1 new package to install.
Overall download size: 320.0 KiB. Already cached: 0 B. After the operation, additional 1.5 MiB
will be used.
Continue? [y/n/v/...? shows all options] (y):
Retrieving package python-2.7.16-3.1.x86_64               (1/1), 320.0 KiB (  1.5 MiB unpacked)
Retrieving: python-2.7.16-3.1.x86_64.rpm ................................................[done]

Checking for file conflicts: ............................................................[done]
(1/1) Installing: python-2.7.16-3.1.x86_64 ..............................................[done]

localhost:~ # fail2ban-server start
Server ready

localhost:~ # fail2ban-server get dbfile
Current database file is:
`- /var/lib/fail2ban/fail2ban.sqlite3

localhost:~ # fail2ban-server -d
'set', 'syslogsocket', 'auto']
'set', 'loglevel', 'INFO']
'set', 'logtarget', '/var/log/fail2ban.log']
'set', 'dbfile', '/var/lib/fail2ban/fail2ban.sqlite3']
'set', 'dbpurgeage', '1d']

In logfile:


2019-08-20 15:16:30,432 fail2ban.server         [5016]: INFO    --------------------------------------------------
2019-08-20 15:16:30,432 fail2ban.server         [5016]: INFO    Starting Fail2ban v0.10.4
2019-08-20 15:16:30,435 fail2ban.server         [5016]: INFO    Daemon started
2019-08-20 15:16:30,465 fail2ban.database       [5016]: INFO    Connected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3'

Thanks to everyone who tried to help me. I hope that the developers correct the preconditions for the fail2ban package accordingly.