fail2ban: logpath isn't always /var/log/$app... Also only apply permi…

…ssions when it doesn't already exist
YunoHost · Jan 9, 2025 · 4767518 · 4767518
1 parent 346a349
commit 4767518
Showing 1 changed file with 11 additions and 4 deletions.
diff --git a/helpers/helpers.v2.1.d/fail2ban b/helpers/helpers.v2.1.d/fail2ban
@@ -102,13 +102,20 @@ ignoreregex =
 
     # Create the folder and logfile if they doesn't exist,
     # as fail2ban require an existing logfile before configuration
-    mkdir -p "/var/log/$app"
+    local logdir=$(dirname "$logpath")
+    if [ ! -d "$logdir" ]; then
+        mkdir -p "$logdir"
+        # Make sure log folder's permissions are correct
+        chown "$app:$app" "$logdir"
+        chmod u=rwX,g=rX,o= "$logdir"
+    fi
+
     if [ ! -f "$logpath" ]; then
         touch "$logpath"
+        # Make sure log file's permissions are correct
+        chown "$app:$app" "$logpath"
+        chmod u=rwX,g=rX,o= "$logpath"
     fi
-    # Make sure log folder's permissions are correct
-    chown -R "$app:$app" "/var/log/$app"
-    chmod -R u=rwX,g=rX,o= "/var/log/$app"
 
     ynh_systemctl --service=fail2ban --action=reload --wait_until="(Started|Reloaded) fail2ban.service" --log_path=systemd