How To Fix CSF Error open3: exec of /usr/bin/systemctl is-active firewalld failed

Start your VPS now with FREE $100 credit.

As we know that since version 13.05 was released to the public, CSF (ConfigServer Security & Firewall) has fully supported VestaCP with user interface integration.

However, if you configure VestaCP and CSF on the Ubuntu 18.04 LTS server you might get the same error message like this when restarting the CSF.:

root@serv:/usr/local/src/csf# csf -r
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `PREROUTING'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
Flushing chain `PREROUTING'
Flushing chain `OUTPUT'
Flushing chain `PREROUTING'
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `POSTROUTING'
open3: exec of /usr/bin/systemctl is-active firewalld failed: No such file or directory at /usr/sbin/csf line 906.

How to Fix It

1.) Don’t panic, to solve this problem is very easy. First of all, please open the csf.conf configuration file on your server.

$ nano /etc/csf/csf.conf

2.) Under “SECTION:OS Specific Settings”, please look for the SYSTEMCTL = “/usr/bin/systemctl” line

###############################################################################
# SECTION:OS Specific Settings
###############################################################################
# Binary locations
IPTABLES = "/sbin/iptables"
IPTABLES_SAVE = "/sbin/iptables-save"
IPTABLES_RESTORE = "/sbin/iptables-restore"
IP6TABLES = "/sbin/ip6tables"
IP6TABLES_SAVE = "/sbin/ip6tables-save"
IP6TABLES_RESTORE = "/sbin/ip6tables-restore"
MODPROBE = "/sbin/modprobe"
IFCONFIG = "/sbin/ifconfig"
SENDMAIL = "/usr/sbin/sendmail"
PS = "/bin/ps"
VMSTAT = "/usr/bin/vmstat"
NETSTAT = "/bin/netstat"
LS = "/bin/ls"
MD5SUM = "/usr/bin/md5sum"
TAR = "/bin/tar"
CHATTR = "/usr/bin/chattr"
UNZIP = "/usr/bin/unzip"
GUNZIP = "/bin/gunzip"
DD = "/bin/dd"
TAIL = "/usr/bin/tail"
GREP = "/bin/grep"
ZGREP = "/usr/bin/zgrep"
IPSET = "/usr/sbin/ipset"
SYSTEMCTL = "/usr/bin/systemctl"
HOST = "/usr/bin/host"
IP = "/sbin/ip"

3.) Then we need to find the location of the systemctl command on your server. Systemctl is a central management tool for controlling init system on CentOS 7. Just run the following command to find the location of systemctl.

$ which systemctl
$ whereis systemctl

4.) Well, you will get output like this after running the above command.

$ which systemctl
/bin/systemctl

$ whereis systemctl
systemctl: /bin/systemctl /usr/share/man/man1/systemctl.1.gz
------------------------------------------------------

5.) Next, we need to open the csf.conf file again

READ: How To Fix 8 Common Errors on CSF (ConfigServer Security & Firewall)

And please change from:

$ SYSTEMCTL = "/usr/bin/systemctl"

$ SYSTEMCTL = "/bin/systemctl"

The result will be like this:

###############################################################################
# SECTION:OS Specific Settings
###############################################################################
# Binary locations
IPTABLES = "/sbin/iptables"
IPTABLES_SAVE = "/sbin/iptables-save"
IPTABLES_RESTORE = "/sbin/iptables-restore"
IP6TABLES = "/sbin/ip6tables"
IP6TABLES_SAVE = "/sbin/ip6tables-save"
IP6TABLES_RESTORE = "/sbin/ip6tables-restore"
MODPROBE = "/sbin/modprobe"
IFCONFIG = "/sbin/ifconfig"
SENDMAIL = "/usr/sbin/sendmail"
PS = "/bin/ps"
VMSTAT = "/usr/bin/vmstat"
NETSTAT = "/bin/netstat"
LS = "/bin/ls"
MD5SUM = "/usr/bin/md5sum"
TAR = "/bin/tar"
CHATTR = "/usr/bin/chattr"
UNZIP = "/usr/bin/unzip"
GUNZIP = "/bin/gunzip"
DD = "/bin/dd"
TAIL = "/usr/bin/tail"
GREP = "/bin/grep"
ZGREP = "/usr/bin/zgrep"
IPSET = "/usr/sbin/ipset"
SYSTEMCTL = "/bin/systemctl"
HOST = "/usr/bin/host"
IP = "/sbin/ip"

6.) OK All Done, now you can restart CSF and LFD with the following command.

$ csf -r
$ lfd -r

Node35 Editorial Team

We are a bunch of people who are still continue to learn Linux servers. Only high passion keeps pushing us to learn everything.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

How To Fix CSF Error open3: exec of /usr/bin/systemctl is-active firewalld failed

How to Fix It

Related Articles

Leave a Comment Cancel reply