Network Intrusion page causes Exception

Hi,
From System Admin page, click on Network Intrusion and the following is displayed:

Exception

Could not get banned list
/var/www/html/admin/modules/sysadmin/Sysadmin.class.php

  1. Exception
    /­var/­www/­html/­admin/­modules/­sysadmin/­Sysadmin.class.php1476
  2. FreePBX\modules\Sysadmin getFail2BanList
    /­var/­www/­html/­admin/­modules/­sysadmin/­functions.inc/­intrusion.php58
  3. sysadmin_get_banned
    /­var/­www/­html/­admin/­modules/­sysadmin/­page.sysadmin.php398
  4. include
    /­var/­www/­html/­admin/­config.php557

How to fix this?
Thanks.

First, try ‘fwconsole chown’

That should set the permissions on the fail2ban list file to what the system is expecting.

If the problem persists, I’m going to guess you’ll need to uninstall and reinstall the sysadmin module.

This is due to a key expiring. There’s a new framework module available that refreshes the key, or, you can refresh it manually by running this command:

su - asterisk -c "gpg --refresh-keys --keyserver pgp.mit.edu"

Hi X-Rob,
Thanks. I will try it. Just tried module admin updates now from GUI. While it was almost complete…

Exception

SQLSTATE[42S02]: Base table or view not found: 1146 Table ‘asterisk.endpoint_extensions’ doesn’t exist::
/var/www/html/admin/libraries/utility.functions.php

if(is_object($extended_text) && method_exists($extended_text,"getMessage")) {
	$e = $extended_text;
	$extended_text = htmlentities($e->getMessage());
	$code = $e->getCode();
	throw new \Exception($text . "::" . $extended_text,$code,$e);
} else {
	$extended_text = htmlentities($extended_text);
	throw new \Exception($text . "::" . $extended_text);
}

}

Hi X-Rob,
Updated just the framework module and now its working correctly.

Thanks for your help!

I’m having this same problem, but the above doesn’t work. When I do the su - asterisk -c “gpg --refresh-keys --keyserver pgp.mit.edu” I get “This account is currently not available.” Any other suggestions?

Logged in on the console as “root”, try this:

Then, as asterisk, try this command.

The point of the first command is to become “asterisk” (su = switch user).
The point of the second command is to refresh your keys.

This is what I get from that:

[root@ ~]# su -m asterisk
bash: /root/.bashrc: Permission denied
bash-4.1$ bash: /root/.bashrc: Permission denied
bash: bash:: command not found
bash-4.1$ gpg --refresh-keys --keyserver pgp.mit.edu
gpg: Fatal: can’t create directory `/root/.gnupg’: Permission denied
bash-4.1$

What is the result of:

# cat /etc/passwd | grep asterisk

asterisk:x:499:499::/var/lib/asterisk:/sbin/nologin

Carefully edit that file and change that single line to:

asterisk:x:499:499::/var/lib/asterisk:/bin/bash

cat /etc/passwd | grep asterisk
asterisk:x:499:499::/var/lib/asterisk:/bin/bash

There’s something else wrong here.

As ‘root’ (which is how you should have logged in), you shouldn’t get an error when you run ‘su -m’. Also, the error when you executed the ‘su’ was that the file .bashrc was not owned by root. This is ridiculous, since root doesn’t have ownership limitations. One of the points of using ‘root’ is that, as root, you own the entire system.

This line has a similar problem. The system is claiming that, as root, you don’t own root’s home directory. There is something seriously wrong at this point.

Finally, when making updates to the password system in most Unix systems, it is generally preferable to use the program ‘vipw’. That makes sure that all of the shadow password files get updated as well. Yes, it requires you to understand the syntax of the ‘vi’ program, but that shouldn’t be too big a challenge.

Just as an update. I finally got this resolved by changing where I went to refresh the keys.

su - asterisk -c “gpg --refresh-keys --keyserver keys.gnupg.net

refreshed the keys I needed and now the Intrusion Detection no longer throws an error. Thank you for all your help! I appreciate it.