# denyhosts has PID, but status indicates stopped... ?

## barfo

hi all.

i have a reasonably up to date system and recently noticed this:

```
[ root@mrblack  4:08PM ]~$ /etc/init.d/denyhosts status

 * status:  stopped
```

so i did the reasonable thing - since i want it running (yes it should start on boot):

```
[ root@mrblack  4:10PM ]~$ /etc/init.d/denyhosts start

 * Starting DenyHosts daemon ...

DenyHosts could not obtain lock (pid: 9319)

[Errno 17] File exists: '/var/run/denyhosts.pid'                                                                                                                      [ !! ]
```

now - i investigate further:

```
[ root@mrblack  4:12PM ]~$ ps aux|grep `cat /var/run/denyhosts.pid`

root      9319  0.0  0.2  10668  6204 ?        S    15:55   0:00 /usr/bin/python2.6 /usr/bin/denyhosts --daemon -c /etc/denyhosts.conf

[ root@mrblack  4:12PM ]~$
```

so i do this:

```
[ root@mrblack  4:12PM ]~$ /etc/init.d/denyhosts stop

 * WARNING:  denyhosts has not yet been started.

[ root@mrblack  4:13PM ]~$ /etc/init.d/denyhosts start

 * Starting DenyHosts daemon ...

DenyHosts could not obtain lock (pid: 9319)

[Errno 17] File exists: '/var/run/denyhosts.pid'                                                                                                                      [ !! ]

[ root@mrblack  4:13PM ]~$ kill `cat /var/run/denyhosts.pid`

[ root@mrblack  4:13PM ]~$ /etc/init.d/denyhosts start

 * Starting DenyHosts daemon ...                                                                                                                                      [ !! ]

[ root@mrblack  4:13PM ]~$ /etc/init.d/denyhosts start

 * Starting DenyHosts daemon ...

DenyHosts could not obtain lock (pid: 19417)

[Errno 17] File exists: '/var/run/denyhosts.pid'                                                                                                                      [ !! ]

[ root@mrblack  4:14PM ]~$

```

so now i look at the log:

```
2009-12-04 16:14:25,454 - denyhosts   : INFO     DenyHosts launched with the following args:

2009-12-04 16:14:25,460 - denyhosts   : INFO        /usr/bin/denyhosts --daemon -c /etc/denyhosts.conf

2009-12-04 16:14:25,460 - prefs       : INFO     DenyHosts configuration settings:

2009-12-04 16:14:25,460 - prefs       : INFO        ADMIN_EMAIL: [None]

2009-12-04 16:14:25,460 - prefs       : INFO        AGE_RESET_INVALID: [864000]

2009-12-04 16:14:25,460 - prefs       : INFO        AGE_RESET_RESTRICTED: [2160000]

2009-12-04 16:14:25,461 - prefs       : INFO        AGE_RESET_ROOT: [2160000]

2009-12-04 16:14:25,462 - prefs       : INFO        AGE_RESET_VALID: [432000]

2009-12-04 16:14:25,462 - prefs       : INFO        ALLOWED_HOSTS_HOSTNAME_LOOKUP: [no]

2009-12-04 16:14:25,462 - prefs       : INFO        BLOCK_SERVICE: [ALL]

2009-12-04 16:14:25,463 - prefs       : INFO        DAEMON_LOG: [/var/log/denyhosts]

2009-12-04 16:14:25,463 - prefs       : INFO        DAEMON_LOG_MESSAGE_FORMAT: [%(asctime)s - %(name)-12s: %(levelname)-8s %(message)s]

2009-12-04 16:14:25,463 - prefs       : INFO        DAEMON_LOG_TIME_FORMAT: [None]

2009-12-04 16:14:25,463 - prefs       : INFO        DAEMON_PURGE: [3600]

2009-12-04 16:14:25,463 - prefs       : INFO        DAEMON_SLEEP: [30]

2009-12-04 16:14:25,463 - prefs       : INFO        DENY_THRESHOLD_INVALID: [2]

2009-12-04 16:14:25,463 - prefs       : INFO        DENY_THRESHOLD_RESTRICTED: [1]

2009-12-04 16:14:25,464 - prefs       : INFO        DENY_THRESHOLD_ROOT: [1]

2009-12-04 16:14:25,464 - prefs       : INFO        DENY_THRESHOLD_VALID: [5]

2009-12-04 16:14:25,464 - prefs       : INFO        FAILED_ENTRY_REGEX: [None]

2009-12-04 16:14:25,464 - prefs       : INFO        FAILED_ENTRY_REGEX2: [None]

2009-12-04 16:14:25,464 - prefs       : INFO        FAILED_ENTRY_REGEX3: [None]

2009-12-04 16:14:25,464 - prefs       : INFO        FAILED_ENTRY_REGEX4: [None]

2009-12-04 16:14:25,464 - prefs       : INFO        FAILED_ENTRY_REGEX5: [None]

2009-12-04 16:14:25,465 - prefs       : INFO        FAILED_ENTRY_REGEX6: [None]

2009-12-04 16:14:25,465 - prefs       : INFO        FAILED_ENTRY_REGEX7: [None]

2009-12-04 16:14:25,465 - prefs       : INFO        HOSTNAME_LOOKUP: [YES]

2009-12-04 16:14:25,465 - prefs       : INFO        HOSTS_DENY: [/etc/hosts.deny]

2009-12-04 16:14:25,465 - prefs       : INFO        LOCK_FILE: [/var/run/denyhosts.pid]

2009-12-04 16:14:25,465 - prefs       : INFO        PLUGIN_DENY: [None]

2009-12-04 16:14:25,465 - prefs       : INFO        PLUGIN_PURGE: [None]

2009-12-04 16:14:25,465 - prefs       : INFO        PURGE_DENY: [None]

2009-12-04 16:14:25,466 - prefs       : INFO        PURGE_THRESHOLD: [0]

2009-12-04 16:14:25,467 - prefs       : INFO        RESET_ON_SUCCESS: [no]

2009-12-04 16:14:25,467 - prefs       : INFO        SECURE_LOG: [/var/log/messages]

2009-12-04 16:14:25,467 - prefs       : INFO        SMTP_DATE_FORMAT: [%a, %d %b %Y %H:%M:%S %z]

2009-12-04 16:14:25,467 - prefs       : INFO        SMTP_FROM: [DenyHosts <nobody@localhost>]

2009-12-04 16:14:25,467 - prefs       : INFO        SMTP_HOST: [localhost]

2009-12-04 16:14:25,467 - prefs       : INFO        SMTP_PASSWORD: [None]

2009-12-04 16:14:25,467 - prefs       : INFO        SMTP_PORT: [25]

2009-12-04 16:14:25,468 - prefs       : INFO        SMTP_SUBJECT: [DenyHosts Report]

2009-12-04 16:14:25,468 - prefs       : INFO        SMTP_USERNAME: [None]

2009-12-04 16:14:25,468 - prefs       : INFO        SSHD_FORMAT_REGEX: [None]

2009-12-04 16:14:25,468 - prefs       : INFO        SUCCESSFUL_ENTRY_REGEX: [None]

2009-12-04 16:14:25,468 - prefs       : INFO        SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS: [YES]

2009-12-04 16:14:25,468 - prefs       : INFO        SYNC_DOWNLOAD: [yes]

2009-12-04 16:14:25,468 - prefs       : INFO        SYNC_DOWNLOAD_RESILIENCY: [18000]

2009-12-04 16:14:25,468 - prefs       : INFO        SYNC_DOWNLOAD_THRESHOLD: [3]

2009-12-04 16:14:25,469 - prefs       : INFO        SYNC_INTERVAL: [3600]

2009-12-04 16:14:25,469 - prefs       : INFO        SYNC_SERVER: [None]

2009-12-04 16:14:25,469 - prefs       : INFO        SYNC_UPLOAD: [yes]

2009-12-04 16:14:25,469 - prefs       : INFO        SYSLOG_REPORT: [no]

2009-12-04 16:14:25,469 - prefs       : INFO        WORK_DIR: [/var/lib/denyhosts]
```

now - curiously, i see also in the log that additions to hosts.deny have been made recently:

```
[ root@mrblack  4:20PM ]~$ tail -n 460 /var/log/denyhosts |head -20

2009-11-26 08:54:58,874 - denyhosts   : INFO     new denied hosts: ['200.195.127.215']

2009-11-26 22:23:09,453 - denyhosts   : INFO     new denied hosts: ['140.174.90.16']

2009-11-27 01:32:12,600 - denyhosts   : INFO     new denied hosts: ['218.15.143.206']

2009-11-27 11:00:20,854 - denyhosts   : INFO     new denied hosts: ['221.6.14.103']

2009-11-27 20:39:29,416 - denyhosts   : INFO     new denied hosts: ['201.120.27.221']

2009-11-28 03:06:05,143 - denyhosts   : INFO     new denied hosts: ['59.173.21.94']

2009-11-28 07:41:38,929 - denyhosts   : INFO     new denied hosts: ['85.62.95.198']

2009-11-28 08:59:10,170 - denyhosts   : INFO     new denied hosts: ['124.172.245.17']

2009-12-01 03:10:31,335 - denyhosts   : INFO     /var/log/messages has been rotated

2009-12-01 04:13:02,563 - denyhosts   : INFO     new denied hosts: ['59.120.158.172']

2009-12-01 15:20:11,083 - denyhosts   : INFO     new denied hosts: ['211.154.144.28']

2009-12-02 17:59:31,920 - denyhosts   : INFO     new denied hosts: ['60.191.2.228']

2009-12-03 19:10:25,462 - denyhosts   : INFO     new denied hosts: ['123.127.26.230']

2009-12-03 19:36:26,382 - denyhosts   : INFO     new denied hosts: ['210.110.36.86']

2009-12-04 12:24:16,755 - denyhosts   : INFO     new denied hosts: ['218.76.193.140']

2009-12-04 15:50:20,176 - denyhosts   : INFO     new denied hosts: ['s15290850.onlinehome-server.info']

2009-12-04 15:54:06,999 - denyhosts   : INFO     DenyHosts launched with the following args:

2009-12-04 15:54:07,070 - denyhosts   : INFO        /usr/bin/denyhosts --daemon -c /etc/denyhosts.conf

2009-12-04 15:54:07,070 - prefs       : INFO     DenyHosts configuration settings:

2009-12-04 15:54:07,071 - prefs       : INFO        ADMIN_EMAIL: [None]

[ root@mrblack  4:20PM ]~$
```

so - is this normal?  i suppose not - is something amiss here?

thanks for any assistance!

----------

## Jaglover

Managed to double-post   :Embarassed: Last edited by Jaglover on Fri Dec 04, 2009 11:33 pm; edited 1 time in total

----------

## Jaglover

Did you do 

rm /var/run/denyhosts.pid

/etc/init.d/denyhosts start 

----------

## barfo

yep - sorry - i left that out of the post...

but for completeness:

```
[ root@mrblack  5:07PM ]~$ rm /var/run/denyhosts.pid 

[ root@mrblack  5:07PM ]~$ /etc/init.d/denyhosts start

 * Starting DenyHosts daemon ...                                                                                            [ !! ]

[ root@mrblack  5:07PM ]~$ 
```

and now the tail of denyhosts.log:

```
2009-12-04 17:07:39,024 - denyhosts   : INFO     DenyHosts launched with the following args:

2009-12-04 17:07:39,031 - denyhosts   : INFO        /usr/bin/denyhosts --daemon -c /etc/denyhosts.conf

2009-12-04 17:07:39,031 - prefs       : INFO     DenyHosts configuration settings:

2009-12-04 17:07:39,031 - prefs       : INFO        ADMIN_EMAIL: [None]

2009-12-04 17:07:39,031 - prefs       : INFO        AGE_RESET_INVALID: [864000]

2009-12-04 17:07:39,031 - prefs       : INFO        AGE_RESET_RESTRICTED: [2160000]

2009-12-04 17:07:39,031 - prefs       : INFO        AGE_RESET_ROOT: [2160000]

2009-12-04 17:07:39,032 - prefs       : INFO        AGE_RESET_VALID: [432000]

2009-12-04 17:07:39,032 - prefs       : INFO        ALLOWED_HOSTS_HOSTNAME_LOOKUP: [no]

2009-12-04 17:07:39,032 - prefs       : INFO        BLOCK_SERVICE: [ALL]

2009-12-04 17:07:39,033 - prefs       : INFO        DAEMON_LOG: [/var/log/denyhosts]

2009-12-04 17:07:39,033 - prefs       : INFO        DAEMON_LOG_MESSAGE_FORMAT: [%(asctime)s - %(name)-12s: %(levelname)-8s %(message)s]

2009-12-04 17:07:39,033 - prefs       : INFO        DAEMON_LOG_TIME_FORMAT: [None]

2009-12-04 17:07:39,034 - prefs       : INFO        DAEMON_PURGE: [3600]

2009-12-04 17:07:39,034 - prefs       : INFO        DAEMON_SLEEP: [30]

2009-12-04 17:07:39,034 - prefs       : INFO        DENY_THRESHOLD_INVALID: [2]

2009-12-04 17:07:39,034 - prefs       : INFO        DENY_THRESHOLD_RESTRICTED: [1]

2009-12-04 17:07:39,034 - prefs       : INFO        DENY_THRESHOLD_ROOT: [1]

2009-12-04 17:07:39,034 - prefs       : INFO        DENY_THRESHOLD_VALID: [5]

2009-12-04 17:07:39,034 - prefs       : INFO        FAILED_ENTRY_REGEX: [None]

2009-12-04 17:07:39,035 - prefs       : INFO        FAILED_ENTRY_REGEX2: [None]

2009-12-04 17:07:39,035 - prefs       : INFO        FAILED_ENTRY_REGEX3: [None]

2009-12-04 17:07:39,035 - prefs       : INFO        FAILED_ENTRY_REGEX4: [None]

2009-12-04 17:07:39,036 - prefs       : INFO        FAILED_ENTRY_REGEX5: [None]

2009-12-04 17:07:39,036 - prefs       : INFO        FAILED_ENTRY_REGEX6: [None]

2009-12-04 17:07:39,036 - prefs       : INFO        FAILED_ENTRY_REGEX7: [None]

2009-12-04 17:07:39,036 - prefs       : INFO        HOSTNAME_LOOKUP: [YES]

2009-12-04 17:07:39,036 - prefs       : INFO        HOSTS_DENY: [/etc/hosts.deny]

2009-12-04 17:07:39,036 - prefs       : INFO        LOCK_FILE: [/var/run/denyhosts.pid]

2009-12-04 17:07:39,036 - prefs       : INFO        PLUGIN_DENY: [None]

2009-12-04 17:07:39,036 - prefs       : INFO        PLUGIN_PURGE: [None]

2009-12-04 17:07:39,037 - prefs       : INFO        PURGE_DENY: [None]

2009-12-04 17:07:39,037 - prefs       : INFO        PURGE_THRESHOLD: [0]

2009-12-04 17:07:39,037 - prefs       : INFO        RESET_ON_SUCCESS: [no]

2009-12-04 17:07:39,037 - prefs       : INFO        SECURE_LOG: [/var/log/messages]

2009-12-04 17:07:39,037 - prefs       : INFO        SMTP_DATE_FORMAT: [%a, %d %b %Y %H:%M:%S %z]

2009-12-04 17:07:39,037 - prefs       : INFO        SMTP_FROM: [DenyHosts <nobody@localhost>]

2009-12-04 17:07:39,038 - prefs       : INFO        SMTP_HOST: [localhost]

2009-12-04 17:07:39,038 - prefs       : INFO        SMTP_PASSWORD: [None]

2009-12-04 17:07:39,038 - prefs       : INFO        SMTP_PORT: [25]

2009-12-04 17:07:39,038 - prefs       : INFO        SMTP_SUBJECT: [DenyHosts Report]

2009-12-04 17:07:39,039 - prefs       : INFO        SMTP_USERNAME: [None]

2009-12-04 17:07:39,039 - prefs       : INFO        SSHD_FORMAT_REGEX: [None]

2009-12-04 17:07:39,039 - prefs       : INFO        SUCCESSFUL_ENTRY_REGEX: [None]

2009-12-04 17:07:39,039 - prefs       : INFO        SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS: [YES]

2009-12-04 17:07:39,039 - prefs       : INFO        SYNC_DOWNLOAD: [yes]

2009-12-04 17:07:39,039 - prefs       : INFO        SYNC_DOWNLOAD_RESILIENCY: [18000]

2009-12-04 17:07:39,039 - prefs       : INFO        SYNC_DOWNLOAD_THRESHOLD: [3]

2009-12-04 17:07:39,039 - prefs       : INFO        SYNC_INTERVAL: [3600]

2009-12-04 17:07:39,040 - prefs       : INFO        SYNC_SERVER: [None]

2009-12-04 17:07:39,040 - prefs       : INFO        SYNC_UPLOAD: [yes]

2009-12-04 17:07:39,040 - prefs       : INFO        SYSLOG_REPORT: [no]

2009-12-04 17:07:39,040 - prefs       : INFO        WORK_DIR: [/var/lib/denyhosts]

2009-12-04 17:07:39,042 - denyhosts   : INFO     restricted: set([])

2009-12-04 17:07:39,044 - denyhosts   : INFO     launching DenyHosts daemon (version 2.6)...

2009-12-04 17:07:39,046 - denyhosts   : INFO     DenyHosts daemon is now running, pid: 19679

2009-12-04 17:07:39,048 - denyhosts   : INFO     send daemon process a TERM signal to terminate cleanly

2009-12-04 17:07:39,048 - denyhosts   : INFO       eg.  kill -TERM 19679

2009-12-04 17:07:39,102 - denyhosts   : INFO     monitoring log: /var/log/messages

2009-12-04 17:07:39,102 - denyhosts   : INFO     sync_time: 3600

2009-12-04 17:07:39,103 - denyhosts   : INFO     purging of /etc/hosts.deny is disabled

2009-12-04 17:07:39,103 - denyhosts   : INFO     denyhosts synchronization disabled
```

same as before...

----------

## Raistlin

Same problems here...

----------

## Raistlin

Solution (found here):

(/etc/init.d/denyhosts: )

```

start() {

        ebegin "Starting DenyHosts daemon"

#       start-stop-daemon --name denyhosts --start --exec /usr/bin/denyhosts -- --daemon -c /etc/denyhosts.conf

        start-stop-daemon --name $(eselect python show) --pidfile /var/run/denyhosts.pid --start --exec /usr/bin/denyhosts -- --daemon -c /etc/denyhosts.conf

        eend $?

}

```

hth

----------

## barfo

perfect!

it's fixed - thanks a lot.

----------

