A few final touches on the Upstart job

(a) use static-network-up, since it is more generic than the started networking event
(b) do not hook into network deconfiguration to speed up shutdown
(c) expect fork, per the use of the "-f" option
(d) use a variable for the run directory to make changing it simpler
(e) handle the situation of a left over socket file
(f) use the -f option to be able to track the PID

1 files changed, 9 insertions, 6 deletions

diff --git a/files/fail2ban.upstart b/files/fail2ban.upstart
index baabb22b..18fafebd 100644
--- a/files/fail2ban.upstart
+++ b/files/fail2ban.upstart
@@ -1,17 +1,20 @@
 description "fail2ban - ban hosts that cause multiple authentication errors"
 
-start on filesystem and started networking
-stop on deconfiguring-networking
+start on filesystem and static-network-up
+stop on runlevel [016]
 
-expect daemon
+expect fork
 respawn
 
+env RUNDIR=/var/run/fail2ban
+
 pre-start script
-    [ -d /var/run/fail2ban ] || mkdir -p /var/run/fail2ban
+    test -d $RUNDIR || mkdir -p $RUNDIR
+    test ! -e $RUNDIR/fail2ban.sock || rm -f $RUNDIR/fail2ban.sock
 end script
 
-exec /usr/bin/fail2ban-client -x start
+exec /usr/bin/fail2ban-client -f -x start
 
 pre-stop exec /usr/bin/fail2ban-client stop
 
-post-stop exec rm -f /var/run/fail2ban/fail2ban.pid
+post-stop exec rm -f $RUNDIR/fail2ban.pid