If you're seeing that fail2ban fails to start in Cockpit

I noticed that the fail2ban service was not starting as shown in Cockpit. The relevant log text includes:

fail2ban ERROR NOK: ("can't start new thread",)

A bit of Web searching led me to: ERROR NOK: ("can't start new thread",) with certail jails · Issue #2922 · fail2ban/fail2ban · GitHub

As instructed I created /etc/fail2ban/fail2ban.local with the following content:

# See: https://github.com/fail2ban/fail2ban/issues/2922#issuecomment-770393004

# Options: stacksize
# Notes.: Specifies the stack size (in KiB) to be used for subsequently created threads,
#         and must be 0 or a positive integer value of at least 32.
# Values: [ SIZE ] Default: 0 (use platform or configured default)
stacksize = 32

I then started fail2ban from Cockpit and it started successfully.

The key is to raise the value of stacksize as instructed in the comment.

This is on an Olimex LIME2, a.k.a. Freedombox Pioneer system.


Thanks for this, @Nate. fail2ban makes me feel secure and comfortable - I’d rather not be without it.

Intel Atom user checking in with fail2ban starting okay. This may be a function of the platform default and I’m glad you’ve successfully overridden that. I’m seeing that customizations made before the release upgrade did not carry through. I’m glad to have your notes here.

1 Like