How to restart CSF lfd on failure

brad100 · March 14, 2022, 7:39am

SYSTEM INFORMATION
OS type and version	Debian 9
Virtualmin version	6.17-3

Hi there

I hope all is well…

May I ask if anyone can offer any advice on how I monitor and restart CSF lfd service.

I do use monit to keep track of all my services and restart them if needed - so far this works very well.

However I have never managed to configure monit to monitor CSF.

On the most part CSF run perfectly using the Webmin module but occasionally (as of yesterday on an important server) I get a server where this service is intermittently stopping - without any real indication, I can find, in the log files, to cause this.

Any help or advice on how to close this loop would be gratefully accepted.

Kind regards
Brad

Ilia · March 14, 2022, 10:01am

Try checking for the cause of what may have killed lfd process:

dmesg -T | egrep -i 'killed process'

lfd is the regular daemon, which can be controlled by using standard sub-commands, like start/stop/restart/status, i.e.:

systemctl restart lfd

However I have never managed to configure monit to monitor CSF.

You can configure the monitor on Tools ⇾ System and Server Status page, and automatically restart lfd on failure.

Although, I would suggest to find the reason why lfd is crashing and eliminate the cause instead. lfd mustn’t crash.

brad100 · March 14, 2022, 10:34am

Hi Ilia

Thank you very much for your help

Yes you are absolutely right lfd should never crash - I will try your command after the next crash (currently there are no results)

I have always used csf -e etc for commands not systemctl … thank you

But actually a very interesting issue which I have now seen on two servers in the last few days
(both completely up to date) I wonder if this has anything to do with lfd stalling

Running a command using systemctl generates this error

Failed to add /run/systemd/ask-password to directory watch: No space left on device

On both cases there are ample of resources.

using df -h and df -i shows everything is far from full.

All the best
Brad

brad100 · March 14, 2022, 10:48am

Ah found the issue - it is relating to wazuh-agent - stopping the agent via Webmin as ssh was not able to - solved the issue for now

dimitrist · March 14, 2022, 1:02pm

csf -ra restarts both CSF+LFD

brad100 · March 14, 2022, 1:19pm

Thanks for your reply
would you use this in the " If monitor goes down, run command " field just like that?
I am not sure how to test this - until it fails . if I use csf -x than you cannot restart using any commands until you have run csf -e .

I have added

All the best
Brad

tmiland · March 15, 2022, 11:45am

Had this issue too in the past, and implemented a basic script to check if services where running, if not restart the service.

Put a script named

watch-service.sh

in /root/scripts folder

#!/usr/bin/env bash

email=root

service=$*
/bin/systemctl -q is-active "$service.service"
status=$?
if [ "$status" == 0 ]; then
    echo "OK"
else
    /bin/systemctl restart "$service.service" | mail -s "Restarted $service" $email
fi

Give it execution permissions

chmod +x /root/scripts/watch-service.sh

Then add services to watch in cron with

crontab -e

Then add (or remove) what you need

# Ensure service are running
* * * * * /root/scripts/watch-service.sh csf > /dev/null
* * * * * /root/scripts/watch-service.sh lfd > /dev/null
* * * * * /root/scripts/watch-service.sh webmin > /dev/null
* * * * * /root/scripts/watch-service.sh nginx > /dev/null
* * * * * /root/scripts/watch-service.sh postfix > /dev/null
* * * * * /root/scripts/watch-service.sh usermin > /dev/null
* * * * * /root/scripts/watch-service.sh saslauthd > /dev/null
* * * * * /root/scripts/watch-service.sh dovecot > /dev/null
* * * * * /root/scripts/watch-service.sh postgrey > /dev/null
* * * * * /root/scripts/watch-service.sh bind9 > /dev/null

Regards.

brad100 · March 15, 2022, 1:19pm

Hi Gentlemen

Thank you very much for all your help on this matter.

I have got it working on monit using the help from this post

###############################################################################
## CSF - lfd 
###############################################################################
check process lfd with pidfile /run/lfd.pid
   start program = "/bin/systemctl start lfd" with timeout 60 seconds
   stop  program = "/bin/systemctl stop lfd"
###############################################################################
###############################################################################

This has been on my list for the longest time … Thanks again …

All the best
Brad

system · March 23, 2022, 1:19pm

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.