Detect malformed fail2ban database

[danboid]

I've had a quick look at this template and I don't think it will detect the main error I'm looking to avoid with fail2ban.

Today I discovered f2b had stopped working on one of our servers. When I requested the status of the service I saw an error like this:

# systemctl status fail2ban
● fail2ban.service - Fail2Ban Service
   Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2020-10-20 19:53:17 BST; 14h ago
     Docs: man:fail2ban(1)
 Main PID: 3181 (fail2ban-server)
    Tasks: 3
   Memory: 34.8M
      CPU: 40.139s
   CGroup: /system.slice/fail2ban.service
           └─3181 /usr/bin/python3 /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b

Oct 20 19:53:14 OURSERVER systemd[1]: Starting Fail2Ban Service...
Oct 20 19:53:17 OURSERVER fail2ban-client[2645]: 2020-10-20 19:53:17,313 fail2ban.server         [3175]: INFO    Starting Fail2ban v0.
Oct 20 19:53:17 OURSERVER fail2ban-client[2645]: 2020-10-20 19:53:17,313 fail2ban.server         [3175]: INFO    Starting in daemon mo
Oct 20 19:53:17 OURSERVER fail2ban-client[2645]: ERROR  NOK: ('database disk image is malformed',)
Oct 20 19:53:17 OURSERVER systemd[1]: Started Fail2Ban Service.

As you can see, systemd thought the service was still active and running when really it wasn't due to the corrupted database. It seems the current template only checks to see if fail2ban-server is running and I suspect that in my case the template would not have detected.

Does fail2ban-server stop running when the database is corrupted? It doesn't seem to stop the systemd service.

[hermanekt]

Thank you for fix:) (merged)

[hermanekt]

Merged