Fail2ban sensor error when reading the log from /var/log/fail2ban.log

Running HA 0.84 on Raspbian 9.6

My HA fail2ban card is showing:

 The following components and platforms could not be set up:
 
     sensor.fail2ban
 
 Please check your config.

I have configured it as per instructions:
https://www.home-assistant.io/cookbook/fail2ban/

which reads:

In addition, Home Assistant must be able to read the fail2ban log file.

configuration.yaml includes…

   - platform: fail2ban
     jails:
       - ha
       - nginx-botsearch
       - nginx-http-auth
       - sshd
       - sshd-ddos
     file_path: /var/log/fail2ban.log
     scan_interval: 5

This issue may have to do with file_path. In the past I have changed permissions from

pi@raspberrypi:~ $ ls -al /var/log/fail2ban.log
-rw-r----- 1 root adm 35221 Jan  9 09:31 /var/log/fail2ban.log

to

pi@raspberrypi:~ $ ls -al /var/log/fail2ban.log
-rw-rw-rw- 1 root adm 35221 Jan  9 09:31 /var/log/fail2ban.log

to temporarily solve the problem and the sensor works ok UNTIL at some point fail2ban resets permissions to

pi@raspberrypi:~ $ ls -al /var/log/fail2ban.log
-rw-r----- 1 root adm 35221 Jan  9 09:31 /var/log/fail2ban.log

so the error is back.

Adding homeassistant user to adm group might solve it but… is that the expected way to go?

Please, kindly share your thoughs.

Thank you in advance,

I am in the same situation…

ahh ok, I have the same issue now
How can we permanently change the permission on the log file?

Anyone resolve this issue without having to manually re-apply permissions on the log file?

This is more of a workaround than a solution but adding a cron like…

0 1 * * * sudo chmod 666 /var/log/fail2ban.log #daily @1am

might be of help.

1 Like

thnx, that will do for now

If it can help, I’ve added homeassistant user to the adm group (log user group). See https://wiki.debian.org/SystemGroups

It works without issue since I ran the following command and reboot.

sudo adduser homeassistant adm
1 Like

usermod -a -G adm homeassistant
reboot