[BR]: Process hangs/crash when calling fail2ban-client from within actionban=

[Olivier6767]

Environment:

• Fail2Ban version : v0.11.1
• OS, including release name/version : Alpine 3.13
• Fail2Ban installed via OS/distribution mechanisms
• You have not applied any additional foreign patches to the codebase
• Some customizations were done to the configuration (provide details below is so)

The issue:

I'm trying to use a jail to whitelist IP adresses that appear in a special log file (whitelist.log)
I've setup a new jail (whitelist) and set the filter to read the log file.
In my action file, I have:

actionban = fail2ban-client set <name> addignoreip <ip>
actionunban = fail2ban-client set <name> delignoreip <ip>

When a new entry is added to the whitelist.log file, fail2ban tries to run the actionban command and it hangs. After 60 seconds, the fail2ban server process crashes.
The same happens if I manually ban / unban the ip using : fail2ban-client set <jail> banip <ip>
If I replace the actionban by another action (sendmail), it works as intended.

Is this a know limitation or bug ?
Can it be resolved?

Thanks.

Relevant parts of /var/log/fail2ban.log file:

This is the log when trying to ban IP 99.99.99.99

2021-06-29 21:46:50,396 fail2ban.actions        [320]: NOTICE  [whitelist] Ban 99.99.99.99
2021-06-29 21:47:50,413 fail2ban.utils          [320]: ERROR   7feaa6352f10 -- exec: fail2ban-client set whitelist addignoreip 99.99.99.99
2021-06-29 21:47:50,414 fail2ban.utils          [320]: ERROR   7feaa6352f10 -- timed out after 60 seconds.
2021-06-29 21:47:50,616 fail2ban.utils          [320]: ERROR   fail2ban-client set whitelist addignoreip 99.99.99.99 -- failed with [Errno 3] No such process
2021-06-29 21:47:50,616 fail2ban.utils          [320]: ERROR   7feaa6352f10 -- stdout: ''
2021-06-29 21:47:50,616 fail2ban.utils          [320]: ERROR   7feaa6352f10 -- stderr: '2021-06-29 21:47:50,414 fail2ban                [381]: WARNING Caught signal 15. Exiting'
2021-06-29 21:47:50,616 fail2ban.utils          [320]: ERROR   7feaa6352f10 -- killed with signal 127 (return code: 255)
2021-06-29 21:47:50,617 fail2ban.actions        [320]: ERROR   Failed to execute ban jail 'whitelist' action 'whitelist' info 'ActionInfo({'ip': '99.99.99.99', 'family': 'inet4', 'fid': <function Actions.ActionInfo.<lambda> at 0x7feaa7488f70>, 'raw-ticket': <function Actions.ActionInfo.<lambda> at 0x7feaa7487670>})': Error banning 99.99.99.99

[sebres]

Although such a limitation is unknown to me but I can imagine that some lock could indeed bother here, since addignoreip would set synchronously.
It could be "fixed", just I still don't follow the intention.
It looks like whitelist is a jail which is used to whitelist IPs (to add them to ignored), but to do what exactly? To avoid add the (already whitelisted) IPs again?..
For instance if the filter of whitelist jail finds an IP 192.0.2.1 and will "ban" it (basically add it to ignore list), it would then ignore it later so can not "ban" this IP hereafter (basically can't add 192.0.2.1 to ignored anymore). But which real needs the jail should serve excepting this weird "ignore" carrousel?

I think ignorecommand facility may be better suitable for this purposes (that are still unknown to me). Also this can be cached using ignorecache (to speedup the lookup e. g. to avoid command invocation too often), take a look at #2013 (comment) for example.

[Olivier6767]

The idea was to add the whitelisted IPs to the ingored list of other jails (not to the whitelist jail itself).

However, thanks to your tip, I was able to achieve the desired result using the ignorecommand and ignorecache.