Home Security Firewall How To Fix CSF Error open3: exec of /usr/bin/systemctl is-active firewalld failed

How To Fix CSF Error open3: exec of /usr/bin/systemctl is-active firewalld failed

1428
0

As we know that since version 13.05 was released to the public, CSF (ConfigServer Security & Firewall) has fully supported VestaCP with user interface integration. However, if you configure VestaCP and CSF on the Ubuntu 18.04 LTS server you might get the same error message like this when restarting the CSF.:

[email protected]:/usr/local/src/csf# csf -r
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `PREROUTING'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `PREROUTING'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
open3: exec of /usr/bin/systemctl is-active firewalld failed: No such file or directory at /usr/sbin/csf line 906.

SOLUTION:

1.) Don’t panic, to solve this problem is very easy. First of all, please open the csf.conf configuration file on your server.

$ nano /etc/csf/csf.conf

2.) Under “SECTION:OS Specific Settings”, please look for the SYSTEMCTL = “/usr/bin/systemctl” line

###############################################################################
# SECTION:OS Specific Settings
###############################################################################
# Binary locations
IPTABLES = "/sbin/iptables"
IPTABLES_SAVE = "/sbin/iptables-save"
IPTABLES_RESTORE = "/sbin/iptables-restore"
IP6TABLES = "/sbin/ip6tables"
IP6TABLES_SAVE = "/sbin/ip6tables-save"
IP6TABLES_RESTORE = "/sbin/ip6tables-restore"
MODPROBE = "/sbin/modprobe"
IFCONFIG = "/sbin/ifconfig"
SENDMAIL = "/usr/sbin/sendmail"
PS = "/bin/ps"
VMSTAT = "/usr/bin/vmstat"
NETSTAT = "/bin/netstat"
LS = "/bin/ls"
MD5SUM = "/usr/bin/md5sum"
TAR = "/bin/tar"
CHATTR = "/usr/bin/chattr"
UNZIP = "/usr/bin/unzip"
GUNZIP = "/bin/gunzip"
DD = "/bin/dd"
TAIL = "/usr/bin/tail"
GREP = "/bin/grep"
ZGREP = "/usr/bin/zgrep"
IPSET = "/usr/sbin/ipset"
SYSTEMCTL = "/usr/bin/systemctl"
HOST = "/usr/bin/host"
IP = "/sbin/ip"

3.) Then we need to find the location of the systemctl command on your server. Systemctl is a central management tool for controlling init system on CentOS 7. Just run the following command to find the location of systemctl.

$ which systemctl
$ whereis systemctl

4.) Well, you will get output like this after running the above command.

$ which systemctl
/bin/systemctl
$ whereis systemctl
systemctl: /bin/systemctl /usr/share/man/man1/systemctl.1.gz
------------------------------------------------------

5.) Next, we need to open the csf.conf file again

READ:  How To Change VestaCP Default Port (Securing VestaCP Login)

And please change from:

$ SYSTEMCTL = "/usr/bin/systemctl"

To

$ SYSTEMCTL = "/bin/systemctl"

The result will be like this:

###############################################################################
# SECTION:OS Specific Settings
###############################################################################
# Binary locations
IPTABLES = "/sbin/iptables"
IPTABLES_SAVE = "/sbin/iptables-save"
IPTABLES_RESTORE = "/sbin/iptables-restore"
IP6TABLES = "/sbin/ip6tables"
IP6TABLES_SAVE = "/sbin/ip6tables-save"
IP6TABLES_RESTORE = "/sbin/ip6tables-restore"
MODPROBE = "/sbin/modprobe"
IFCONFIG = "/sbin/ifconfig"
SENDMAIL = "/usr/sbin/sendmail"
PS = "/bin/ps"
VMSTAT = "/usr/bin/vmstat"
NETSTAT = "/bin/netstat"
LS = "/bin/ls"
MD5SUM = "/usr/bin/md5sum"
TAR = "/bin/tar"
CHATTR = "/usr/bin/chattr"
UNZIP = "/usr/bin/unzip"
GUNZIP = "/bin/gunzip"
DD = "/bin/dd"
TAIL = "/usr/bin/tail"
GREP = "/bin/grep"
ZGREP = "/usr/bin/zgrep"
IPSET = "/usr/sbin/ipset"
SYSTEMCTL = "/bin/systemctl"
HOST = "/usr/bin/host"
IP = "/sbin/ip"

6.) OK All Done, now you can restart CSF and LFD with the following command.

$ csf -r
$ lfd -r

LEAVE A REPLY

Please enter your comment!
Please enter your name here