sshguard exiting with status 1



  • Noticed in my logs (and in others) that sshguard is exiting with error code 1.

    syslogd 	Logging subprocess xxxxx (exec /usr/local/sbin/sshguard) exited with status 1.
    

    looking further into sbin/sshguard, that exit code is related to missing either FILES or LOGREADER in the conf file created by inc/syslog.inc. According to the sample conf, neither FILE or LOGREADER have default values, but the FILES statement is not commented out, suggesting it or LOGREADER is required.

    Adding the following to /etc/inc/syslog.inc causes the sshguard.conf to be formed correctly and eliminates the message:

    $sshguard_config[] = 'FILES="/var/log/auth.log /var/log/maillog"' . "\n";
    

  • Rebel Alliance Developer Netgate

    I've been seeing this as well. It shouldn't be pointed at a log file directly since we call it from syslogd. Something must have changed in its config recently to trigger the error. I opened https://redmine.pfsense.org/issues/9971 to look into it.

    Thanks!


Log in to reply