Bug 193378

Comment 1 Kubilay Kocak 2014-09-06 11:14:55 UTC

Thanks for your report Andrew

Can you attach a log that highlights the issue please, and that includes the relevant startup failure as an example.

# /usr/local/sbin/sshguard -b 5:/var/db/sshguard/blacklist.db
Doesn't make sense to have a blacklist threshold lower than one abuse (40). Terminating.
Usage:
<big usage message>


With sshguard_blacklist="5:/var/db/sshguard/blacklist.db" in /etc/rc.conf, this is the only output when the rc script is invoked:

# service sshguard start
Starting sshguard.


Exactly the same output as if a good value (such as 40) were given and there is no indication of a problem. Only after seeing that the table in pf for sshguard had no changes (and that sshd logs still had a lot of noise) did I realize that sshguard was not running. With a valid value for sshguard_blacklist, sshguard runs without issues when invoked via the rc script.

Comment 3 Mark Felder 2014-11-03 21:11:49 UTC

sshguard doesn't have the ability to fork itself into the background cleanly so we use daemon(8) to do so. Currently we use the -f flag and it sends all stdout to syslog. This isn't very helpful.

I can remove the -f flag and it functions just fine. However, the output is a bit odd sometimes. At least the enduser will get proper notification if it isn't starting.

Comment 4 commit-hook 2014-11-03 21:11:59 UTC

A commit references this bug:

Author: feld
Date: Mon Nov  3 21:11:34 UTC 2014
New revision: 372123
URL: https://svnweb.freebsd.org/changeset/ports/372123

Log:
  Do not hide stdout from users by sending it to syslog. Users need to be
  able to readily view errors if they happen at startup.

  PR:		193378

Changes:
  head/security/sshguard/files/sshguard.in