Home / server / Questions / 886290
In Process
Ex Umbris
Asked: 2017-12-03 10:28:04 +0800 CST

Overriding an entry in paths-common.conf with paths-common.local in fail2ban?

  • 772

OS is CentOS 6.9, with fail2ban-0.9.6-1.el6.1.noarch

According to the fail2ban manual:

Every .conf file can be overridden with a file named .local. The .conf file is read first, then .local, with later settings overriding earlier ones. Thus, a .local file doesn't have to include everything in the corresponding .conf file, only those settings that you wish to override.

Modifications should take place in the .local and not in the .conf. This avoids merging problem when upgrading. These files are well documented and detailed information should be available there.

However, this does not seem to apply to the paths-*.conf files. I tried creating paths-common.local to override:

dovecot_log = /var/log/dovecot.log

but this was ignored. I found I had to modify paths-common.conf to get fail2ban to look at the right log file.

Did I misunderstand, or is the documentation just a bit too eager with "Every .conf file..." (or maybe it's a bug I should file in the tracker?)

configuration

1 Answers

  1. In the fail2ban current version of paths-common.conf there is a section at the top for includes:

    [INCLUDES]

after  = paths-overrides.local

    To override paths-common.conf create paths-overrides.local in the fail2ban directory & add a default section header to the top of it:

    [DEFAULT]

dovecot_log = /path/to/mail.log
    • 0