dms00
commented
4 years ago I'd like to add that I have no evidence this is an issue in 0.45 or an upgrade issue. I haven't used Munin much in the past. I just happen to use it today after the upgrade.
Open dms00 opened 4 years ago
dms00
commented
4 years ago I'd like to add that I have no evidence this is an issue in 0.45 or an upgrade issue. I haven't used Munin much in the past. I just happen to use it today after the upgrade.
dms00
commented
4 years ago I've done a little more experimentation and here's what I see.
The initial issue occurred on a Safari browser that was in use on the mail server before and after the upgrade.
Tested the the Chrome browser with cookies cleared out at beginning of test. The issue could not be reproduced.
Tested on a Safari browser in "private" mode, and I could only trigger one "Failed login attempt..." message in syslog, despite loading just about every chart in Munin.
Now, there is one other thing I see that may be related, and I see this with every browser and every test. If you are logged into the system status page and choose "Munin Monitoring" under the System menu, then a "Failed login attempt..." message gets logged in syslog on the page before I've logged into Munin using it's login prompt. This may be normal, but wanted to report it also, in case it is not. And just to be clear, all login failure messages I've reported in this issue are above and beyond the first failure message you always get when you initially go to the Munin page and have not logged in yet.
kani-rifluxyss
commented
4 years ago I noticed it on Safari
timvnelson
commented
4 years ago I've also reproduced this in 0.50 in Safari 14.0.1 on Mac OS 11.0.1. Here is what I experienced:
While logged into the Admin panel when I click on the menu to go to Munin it brings me to the login screen for Munin and registers a failed attempt to login in /var/log/syslog without me doing anything at all. It then hangs on the Munin login screen showing a spot to enter user and password, while trying to load something. If I choose to enter my login information and hit enter, the Munin Overview page loads but it registers two failed login attempts in my logs. And then ever subsequent Munin page I load registers two more failed login attempts. After a couple more clicks fail2ban kicks in and I can no longer log into the MIAB admin console until fail2ban releases my IP.
I just upgraded from 0.44 to 0.45 successfully. Everything seems fine. While looking through the Munin graphs, I suddenly couldn't access the server (server cannot be contacted). I discovered that my IP had become banned by Fail2ban due to the maib-management-daemon.conf filter.
Upon further investigation/testing I've discovered that if I go to the Munin pages via the system status page, log in, and begin clicking through the various graphs, I see
Mail-in-a-Box Management Daemon: Failed login attempt from ip <MY IP> ...getting logged in syslog. I haven't figured out the pattern, but it doesn't seem to happen on every graph. More like every other graph. Once I've clicked on enough of the graphs that enough of these message have appreared, then Fail2ban kicks in and blocks my IP.