csf на centos8

[Satrier]

Здравствуйте!
Установил панель на centos8, но на нём не открывается web интерфейс csf.
Переустановка не помогает. Куда смотреть?

В логе такое:

Код: Выделить всё

Jun  1 22:46:11 host1 lfd[21683]: daemon started on host1 - csf v9.28 (generic)
Jun  1 22:46:11 host1 lfd[21683]: Restricting syslog/rsyslog socket acccess to group [mysyslog]...
Jun  1 22:46:11 host1 lfd[21683]: CSF Tracking...
Jun  1 22:46:11 host1 lfd[21683]: iptables appears to have been flushed - running *csf startup*...
Jun  1 22:46:12 host1 lfd[21683]: csf startup completed
Jun  1 22:46:12 host1 lfd[21683]: IPv6 Enabled...
Jun  1 22:46:12 host1 lfd[21683]: csf Integrated UI running up on port 4747...
Jun  1 22:46:13 host1 lfd[21683]: Country Code Lookups...
Jun  1 22:46:13 host1 lfd[21683]: System Integrity Tracking...
Jun  1 22:46:13 host1 lfd[21683]: Exploit Tracking...
Jun  1 22:46:13 host1 lfd[21683]: Directory Watching...
Jun  1 22:46:13 host1 lfd[21683]: Temp to Perm Block Tracking...
Jun  1 22:46:13 host1 lfd[22059]: CCL: Retrieving GeoLite Country database [http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz]
Jun  1 22:46:13 host1 lfd[22058]: UI: *Error* cannot open server on port 4747: Failed to load certificate from file (no PEM, DER or PKCS12) error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error, at line 8191
Jun  1 22:46:13 host1 lfd[21683]: Account Tracking...
Jun  1 22:46:13 host1 lfd[21683]: *Permissions* on /etc/csf reset to 0600 [currently: 0755]
Jun  1 22:46:13 host1 lfd[21683]: Watching /var/log/customlog...
Jun  1 22:46:13 host1 lfd[21683]: Watching /var/log/secure...
Jun  1 22:46:13 host1 lfd[21683]: Watching /var/log/messages...
Jun  1 22:46:13 host1 lfd[21683]: Watching /var/log/httpd/error_log...
Jun  1 22:46:28 host1 lfd[22059]: CCL Error: Unable to retrieve GeoLite Country database [http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz] - Unable to download: Can't connect to geolite.maxmind.com:80 (Неизвестное имя или служба)
Jun  1 22:51:13 host1 lfd[21683]: iptables appears to have been flushed - running *csf startup*...
Jun  1 22:51:14 host1 lfd[21683]: csf startup completed
Jun  1 22:56:14 host1 lfd[21683]: iptables appears to have been flushed - running *csf startup*...
Jun  1 22:56:15 host1 lfd[21683]: csf startup completed

Код: Выделить всё

[root@host1 ~]# service lfd status
Redirecting to /bin/systemctl status lfd.service
● lfd.service - ConfigServer Firewall & Security - lfd
   Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2020-06-01 22:46:11 EEST; 15min ago
  Process: 21590 ExecStart=/usr/sbin/lfd (code=exited, status=0/SUCCESS)
 Main PID: 21683 (lfd - sleeping)
    Tasks: 1 (limit: 26213)
   Memory: 46.6M
   CGroup: /system.slice/lfd.service
           └─21683 lfd - sleeping                                                                  

[sbury]

попробуйте так. Дать команду из под рута:

openssl req -newkey rsa:2048 -nodes -keyout /etc/csf/ui/server.key -x509 -days 365 -out /etc/csf/ui/server.crt

Дадите ответы на вопросы, например:

Country Name (2 letter code) [XX]:UA
State or Province Name (full name) []:Sah
Locality Name (eg, city) [Default City]:City
Organization Name (eg, company) [Default Company Ltd]:developer
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:localhost
Email Address []:noc@domain.com



потом
systemctl restart lfd

[Satrier]

Спасибо! Работает

[sbury]

у кого уже установлен CSF для CentOS 8, сделайте следующее
yum clean all
yum install perl-LWP-Protocol-https

потом сделать принудительное обновление до последней версии
csf -u

Переустанавливать сам CSF не надо

кто собирается ставить или устанавливает панель, этого уже делать не надо