How To Fix CSF Error open3: exec of /usr/bin/systemctl is-active firewalld failed

DigitalOcean Referral Badge
Start your VPS now with FREE $100 credit.

As we know that since version 13.05 was released to the public, CSF (ConfigServer Security & Firewall) has fully supported VestaCP with user interface integration.

However, if you configure VestaCP and CSF on the Ubuntu 18.04 LTS server you might get the same error message like this when restarting the CSF.:

root@serv:/usr/local/src/csf# csf -r
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `PREROUTING'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `PREROUTING'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
open3: exec of /usr/bin/systemctl is-active firewalld failed: No such file or directory at /usr/sbin/csf line 906.

How to Fix It

1.) Don’t panic, to solve this problem is very easy. First of all, please open the csf.conf configuration file on your server.

$ nano /etc/csf/csf.conf

2.) Under “SECTION:OS Specific Settings”, please look for the SYSTEMCTL = “/usr/bin/systemctl” line

###############################################################################
# SECTION:OS Specific Settings
###############################################################################
# Binary locations
IPTABLES = "/sbin/iptables"
IPTABLES_SAVE = "/sbin/iptables-save"
IPTABLES_RESTORE = "/sbin/iptables-restore"
IP6TABLES = "/sbin/ip6tables"
IP6TABLES_SAVE = "/sbin/ip6tables-save"
IP6TABLES_RESTORE = "/sbin/ip6tables-restore"
MODPROBE = "/sbin/modprobe"
IFCONFIG = "/sbin/ifconfig"
SENDMAIL = "/usr/sbin/sendmail"
PS = "/bin/ps"
VMSTAT = "/usr/bin/vmstat"
NETSTAT = "/bin/netstat"
LS = "/bin/ls"
MD5SUM = "/usr/bin/md5sum"
TAR = "/bin/tar"
CHATTR = "/usr/bin/chattr"
UNZIP = "/usr/bin/unzip"
GUNZIP = "/bin/gunzip"
DD = "/bin/dd"
TAIL = "/usr/bin/tail"
GREP = "/bin/grep"
ZGREP = "/usr/bin/zgrep"
IPSET = "/usr/sbin/ipset"
SYSTEMCTL = "/usr/bin/systemctl"
HOST = "/usr/bin/host"
IP = "/sbin/ip"

3.) Then we need to find the location of the systemctl command on your server. Systemctl is a central management tool for controlling init system on CentOS 7. Just run the following command to find the location of systemctl.

$ which systemctl
$ whereis systemctl

4.) Well, you will get output like this after running the above command.

$ which systemctl
/bin/systemctl
$ whereis systemctl
systemctl: /bin/systemctl /usr/share/man/man1/systemctl.1.gz
------------------------------------------------------

5.) Next, we need to open the csf.conf file again

READ:  How To Install Firewalld on CentOS Stream 9

And please change from:

$ SYSTEMCTL = "/usr/bin/systemctl"

To

$ SYSTEMCTL = "/bin/systemctl"

The result will be like this:

###############################################################################
# SECTION:OS Specific Settings
###############################################################################
# Binary locations
IPTABLES = "/sbin/iptables"
IPTABLES_SAVE = "/sbin/iptables-save"
IPTABLES_RESTORE = "/sbin/iptables-restore"
IP6TABLES = "/sbin/ip6tables"
IP6TABLES_SAVE = "/sbin/ip6tables-save"
IP6TABLES_RESTORE = "/sbin/ip6tables-restore"
MODPROBE = "/sbin/modprobe"
IFCONFIG = "/sbin/ifconfig"
SENDMAIL = "/usr/sbin/sendmail"
PS = "/bin/ps"
VMSTAT = "/usr/bin/vmstat"
NETSTAT = "/bin/netstat"
LS = "/bin/ls"
MD5SUM = "/usr/bin/md5sum"
TAR = "/bin/tar"
CHATTR = "/usr/bin/chattr"
UNZIP = "/usr/bin/unzip"
GUNZIP = "/bin/gunzip"
DD = "/bin/dd"
TAIL = "/usr/bin/tail"
GREP = "/bin/grep"
ZGREP = "/usr/bin/zgrep"
IPSET = "/usr/sbin/ipset"
SYSTEMCTL = "/bin/systemctl"
HOST = "/usr/bin/host"
IP = "/sbin/ip"

6.) OK All Done, now you can restart CSF and LFD with the following command.

$ csf -r
$ lfd -r

Leave a Comment