From 9e44c306591d4f08f45f76a3c3079e592b5565d9 Mon Sep 17 00:00:00 2001 From: sebres Date: Wed, 12 Jun 2019 00:39:18 +0200 Subject: [PATCH 1/2] systemd-backend: switched default flags to SYSTEM_ONLY(4), that avoid to open the user session files, so can prevent "Too many open files" errors (like gh-2208) on a lot of user sessions; (following Orion's proposal in gh-2392) --- fail2ban/server/filtersystemd.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fail2ban/server/filtersystemd.py b/fail2ban/server/filtersystemd.py index 5f17596a..be5a6dc4 100644 --- a/fail2ban/server/filtersystemd.py +++ b/fail2ban/server/filtersystemd.py @@ -86,10 +86,12 @@ class FilterSystemd(JournalFilter): # pragma: systemd no cover files.extend(glob.glob(p)) args['files'] = list(set(files)) + # Default flags is SYSTEM_ONLY(4). This would lead to ignore user session files, + # so can prevent "Too many open files" errors on a lot of user sessions (see gh-2392): try: args['flags'] = int(kwargs.pop('journalflags')) except KeyError: - pass + args['flags'] = 4 return args From 8a386103c12293cf45170ef4a2b555f0b62292de Mon Sep 17 00:00:00 2001 From: "Sergey G. Brester" Date: Tue, 25 Jun 2019 15:49:07 +0200 Subject: [PATCH 2/2] Update ChangeLog --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ChangeLog b/ChangeLog index 668842cf..8bfd3bef 100644 --- a/ChangeLog +++ b/ChangeLog @@ -35,6 +35,8 @@ ver. 0.10.5-dev-1 (20??/??/??) - development edition ----------- ### Fixes +* [compatibility] systemd backend: default flags changed to SYSTEM_ONLY(4), fixed in gh-2444 in order to ignore + user session files per default, so could prevent "Too many open files" errors on a lot of user sessions (see gh-2392) * [grave] fixed parsing of multi-line filters (`maxlines` > 1) together with systemd backend, now systemd-filter replaces newlines in message from systemd journal with `\n` (otherwise multi-line parsing may be broken, because removal of matched string from multi-line buffer window