I got it I got it... just follow my "research": > I'm running the unmodified init script. Hey, I hadn't noticed that: it > does add /sbin to the path. So maybe the problem is that this gets lost > somewhere in start-stop-daemon. Perhaps it's the -b option that does > this? nope -- I do use original script, thus I have -b as well (although it is not necessary, fail2ban detaches anyway (background config parameter in fail2ban.conf)
> It's not something I understand very well either, but adding "export" to > the PATH variable in the init script seems to help! hm... the same here... I've tried all of that before emailing you, but: Surely export helps but the miracle is that it was not necessary on the system I was testing it on with /root/.profile removed and default PATH without sbin. So it is still miracle for me: how start-stop-daemon got internal (non-exported) PATH into fail2ban? (not that miracle actually -- just follow on) It seems that exporting PATH from init.d is not that uncommon practice, I was trying to google up the answer but with no success... besides funny ones like http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=115138 O boy... I've found why it has happened and now it is all clear to me :-) sonyboy:/home/yoh/deb/debs/fail2ban/trunk# /tmp/2.sh P= P= sonyboy:/home/yoh/deb/debs/fail2ban/trunk# P=zzz /tmp/2.sh P=zzz P=BLAAA sonyboy:/home/yoh/deb/debs/fail2ban/trunk# cat /tmp/1.sh #!/bin/bash echo P=$P sonyboy:/home/yoh/deb/debs/fail2ban/trunk# cat /tmp/2.sh #!/bin/bash echo P=$P P=BLAAA /tmp/1.sh So, if a variable (such as PATH) was exported before entering to /etc/init.d/fail2ban, then it propagates inside called scripts without yet another export command If for "god-knows-why" a variable such as PATH was not exported before entering to init.d/fail2ban, it remains unexported (unless explicitely exported in the script). Such situation might happen (as it was reported) if such a script called from cfengine which doesn't setup the PATH on its own. So as a final decision I think that adding export wouldn't harm ;-) I will add export in the next release and will close a bug. and you review carefully what the hack you've done to your poor PATH variable :-) Cheers -- .-. =------------------------------ /v\ ----------------------------= Keep in touch // \\ (yoh@|www.)onerussian.com Yaroslav Halchenko /( )\ ICQ#: 60653192 Linux User ^^-^^ [175555]
pgpBZLr6LqCAW.pgp
Description: PGP signature
