Fail2ban Application cannot run as user Debian-snmp (default snmpd user) Ubuntu

jonakarl · 29 January 2019 11:03

Hi,

The program exits with these error messages: when tested from snmpwalk

Permission denied to socket: /var/run/fail2ban/fail2ban.sock, (you must be root)
{“version”:“1”,“errorString”:“fail2ban-client exited with 255”,“error”:“255”,“data”:{“jails”:{},“total”:0}}

the same errors also comes up when run localally
sudo -u Debian-snmp /etc/snmp/fail2ban
Permission denied to socket: /var/run/fail2ban/fail2ban.sock, (you must be root)
{“errorString”:“fail2ban-client exited with 255”,“error”:“255”,“data”:{“total”:0,“jails”:{}},“version”:“1”}

running as root work
/etc/snmp/fail2ban
{“data”:{“total”:3,“jails”:{“sshd”:“3”}},“errorString”:“fail2ban-client exited with 0”,“version”:“1”,“error”:“0”}

TheGreatDoc · 29 January 2019 11:04

Did you tried adding the command with nopassword to the sudoers file?

jonakarl · 29 January 2019 11:22

Hi,

No I did not, will try and post results, thanks

jonakarl · 29 January 2019 11:34

Thanks,

By adding this line to /etc/sudoers:
Debian-snmp ALL = NOPASSWD: /etc/snmp/fail2ban

and changing this line in /etc/snmp/snmpd.conf:
extend fail2ban /etc/snmp/fail2ban ->
extend fail2ban /usr/bin/sudo /etc/snmp/fail2ban

It now works