csf DA plugin bug @ centos7

Post Reply
wonderwall
Junior Member
Posts: 10
Joined: 14 Nov 2014, 21:21

csf DA plugin bug @ centos7

Post by wonderwall »

I am posting this as a bug because it looks like one. :)

I have installed the csf plugin for Directadmin on a server running the fairly new and shiny Centos 7. The script as such in functioning well, but in Directadmin's service monitor, the process shows up using 0 memory and cannot be (re)started or stopped. The error is as follows:

Cannot find the script in /etc/systemd/system or /usr/lib/systemd/system
Details
/usr/lib/systemd/system/lfd.service

Quite some troubleshooting time went into this (including reinstall and tweaking files) but no luck so far. The theory is now that the plugin may simply not be compatible with systemd (new component in Centos 7 I suppose) yet and thus need a fix.
ForumAdmin
Moderator
Posts: 1523
Joined: 01 Oct 2008, 09:24

Re: csf DA plugin bug @ centos7

Post by ForumAdmin »

That will be an issue with the integration with DirectAdmins service monitor as lfd uses the supported legacy hook into init for interaction with systemd:

Code: Select all

# systemctl status lfd
lfd.service - LSB: csf Login Failure Daemon (lfd)
   Loaded: loaded (/etc/rc.d/init.d/lfd)
   Active: active (running) since Sat 2014-11-15 08:28:16 GMT; 1min 11s ago
  Process: 10417 ExecStop=/etc/rc.d/init.d/lfd stop (code=exited, status=0/SUCCESS)
  Process: 10421 ExecStart=/etc/rc.d/init.d/lfd start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/lfd.service
           10423 lfd - sleeping
           10427 lfd UI

Nov 15 08:28:16 localhost.localdomain systemd[1]: Starting LSB: csf Login Failure Daemon (lfd)...
Nov 15 08:28:16 localhost.localdomain lfd[10421]: Starting lfd:[  OK  ]
Nov 15 08:28:16 localhost.localdomain systemd[1]: Started LSB: csf Login Failure Daemon (lfd).
We won't be able to look into why the DA service monitor isn't working with checking lfd for a while as we do not have DA on CentOS v7.
wonderwall
Junior Member
Posts: 10
Joined: 14 Nov 2014, 21:21

Re: csf DA plugin bug @ centos7

Post by wonderwall »

Well since I do - is there any way I can help? Note that this is a production server, but I haven't uploaded the actual accounts yet, so if you're quick... Feel free to contact me via the email address associated with my account, this is probably something that shouldn't be discussed in public (at least not in detail).

Btw. there's probably at least one more issue that needs to be adressed: CSF is complaining about syslog and rsyslos not being active, but it seems like in CentOS 7 the logging works entirely differently. Since CSF relies on log access, I suppose it means it isn't working properly until the script is adapted accordingly?
wonderwall
Junior Member
Posts: 10
Joined: 14 Nov 2014, 21:21

Re: csf DA plugin bug @ centos7

Post by wonderwall »

PS: Never mind the second paragraph, solved that by installing rsyslog.
Karel
Junior Member
Posts: 28
Joined: 11 Jul 2013, 20:22
Contact:

Re: csf DA plugin bug @ centos7

Post by Karel »

wonderwall wrote:I have installed the csf plugin for Directadmin on a server running the fairly new and shiny Centos 7. The script as such in functioning well, but in Directadmin's service monitor, the process shows up using 0 memory and cannot be (re)started or stopped.
I'm running Centos7 / DirectAdmin and csf/lfd as well and run into simular problems.

DA service monitor always shows the below, whether lfd is running or not:

Code: Select all

Service 	Status 	Memory Usage 	Start 	Stop 	Restart 	Reload
lfd	lfd (pid 1234)	0 B	Start	Stop	Restart	Reload
Perhaps this provides some inside on what is going on on a Centos7 machine.

Code: Select all

# service lfd restart
Redirecting to /bin/systemctl restart  lfd.service

# service lfd status
Redirecting to /bin/systemctl status  lfd.service
lfd.service - ConfigServer Firewall & Security - lfd
   Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled)
   Active: active (running) since Sun 2015-02-08 12:20:04 CET; 17min ago
  Process: 2345 ExecStart=/usr/sbin/lfd (code=exited, status=0/SUCCESS)
 Main PID: 3456(lfd - sleeping)
   CGroup: /system.slice/lfd.service
           └─3456lfd - sleeping

Feb 08 12:20:04 xxx systemd[1]: Starting ConfigServer Firewall & Security - lfd...
Feb 08 12:20:04 xxx systemd[1]: Started ConfigServer Firewall & Security - lfd.
I need to restart lfd from root with service lfd restart because when I change the firewall configuration of csf/lfd within the DA user interface LFD won't start. Also a lfd restart from the DA csf/lfd ui does not work.
ForumAdmin
Moderator
Posts: 1523
Joined: 01 Oct 2008, 09:24

Re: csf DA plugin bug @ centos7

Post by ForumAdmin »

csf v7.61 should hopefully fix the restart issues via the DA UI:
http://blog.configserver.com/

I cannot help with the DA service monitor as I do not know how it retrieves the memory usage. The Stop/Start and Restart options should work for systemd on DA so long as DA is correctly using the systemctl commands to restart it.
Karel
Junior Member
Posts: 28
Joined: 11 Jul 2013, 20:22
Contact:

Re: csf DA plugin bug @ centos7

Post by Karel »

Installed v7.61 and did two tests.
Restarted LFD from DA UI. Result: Firewall Status: Enabled and Running
Changed some setting in Firewall Configuration pressed change in DA UI. Restarting CSF and LFD. Result: Firewall Status: Enabled and Running

Looks like this problem is fixed. Thanks!

Will alert the DA devs to this thread. Perhaps they can be of assistance.
The DA service monitor for LFD is nice to have but not essential.
Karel
Junior Member
Posts: 28
Joined: 11 Jul 2013, 20:22
Contact:

Re: csf DA plugin bug @ centos7

Post by Karel »

I've got a reply from DirectAdmin support, CentOS 7 64-bit, ready for BETA testing

Here is a copy paste:
Memory usage on the services monitor page is taken from this script:

Code: Select all

/usr/local/directadmin/scripts/service_memory_usage.sh
where the memory usage is taken from all processes of the same name from the "ps axo comm,rss" output.

As for start/stop/restart on systemd, for "lfd", DA would call:

Code: Select all

/usr/bin/systemctl restart lfd.service 2>&1
it also checks to ensure that:

Code: Select all

/etc/systemd/system/lfd.service
exists before the command is run. If it doesn't exist, it then checks for

Code: Select all

/usr/lib/systemd/system/lfd.service
which would also be found by the systemctl command.. so either lfd.service file can be used (but in DA, we use /etc/systemd/system/*.service)

John
Hope this helps to solve the problem.
Post Reply