After the last upgrade to Horde 5.2.17-1 users can’t login.
I tried with username and email address as usual but users can’t login.
I think the upgrade broken something with authentication even if it was installed without errors.
I tried to rejoin this server (a slave) and the operation was successful (also 50horde join script).
What can I do?
Someone wrote a reply here few minutes ago, but now was deleted. I was trying to check what that person (I don’t remember who) wrote and the result was:
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
Yeah, that was me. I deleted the post because the check I asked you to run was broken and did not reflect what the PHP code was actually trying to do. I’m currently investigating further.
The problem is definitely in the newly introduced pre-authentication hooks. What happens in my case is that the LDAP bind succeeds, an LDAP search is run with the following filter: (&(|(uid=llarsen@mbu-test.intranet)(mailprimaryaddress=llarsen@mbu-test.intranet))(objectclass=univentionmail)) Problem is: no result is returned. However, if I run the same query with the same bind parameters on the shell instead of inside Horde via PHP, I do get a result: the user object I’m trying to log in with.
Still investigating.
Ok thanks @Moritz_Bunkus. I’m waiting new informations when you finished your investigation.
Got it. It’s a bug in the pre-authentication check.
You can circumvent it for the time being by doing the following:
univention-app shell horde
/etc/univention/templates/files/etc/horde/imp
hooks.php, e.g. vim hooks.php
$ldapconn = ldap_connect("ldaps://$ldaphost", $ldapport);
$ldapconn = ldap_connect("ldaps://$ldaphost:7636");
I’ll file a bug report for this.
Here’s the bug report in case you want the gory details: https://forge.univention.org/bugzilla/show_bug.cgi?id=47225
BTW, you can also edit the file directly on the host without entering the container:
/var/lib/univention-appcenter/apps/horde/etc-horde/imp/hooks.php
Thanks @Moritz_Bunkus now it works also for me!
Thanks for the research, this is a bummer, we will fix this asap and provide an update for the horde app.
Best regards,
Felix
Should be fixed in version 5.2.17-2 (use hostname an port, not uri in ldap_connect, issue ldap_start_tls before bind)
Thanks again,
best regards
Felix
Is the fix already in the App Repository? I am getting the following Error when trying to upgrade Horde 5.2.7-3 on a 4.3-1 errata116 to 5.2.17-2:
# tac /var/log/univention/appcenter.log | less
> 2407 actions.upgrade.progress 18-04-11 14:05:53 [ DEBUG]: 100
> 2407 actions.upgrade-search.progress 18-04-11 14:05:53 [ DEBUG]: 100
> 2407 actions.upgrade-search 18-04-11 14:05:53 [ DEBUG]: Checking horde=5.2.17-2
> 2407 actions.upgrade-search.progress 18-04-11 14:05:53 [ DEBUG]: 0
> 2407 actions.upgrade-search 18-04-11 14:05:53 [ DEBUG]: Calling upgrade-search
> 2407 utils 18-04-11 14:05:51 [ DEBUG]: tracking information: {'status': 431, 'uuid': '08e5ba34-c003-4464-9af5-ad7f9f4f2edd', 'app': u'horde', 'version': u'5.2.17-2', 'role': 'domaincontroller_master', 'action': 'upgrade', 'system-uuid': '970cbdca-4082-4e71-aef7-1d1607f60304'}
> 2407 utils 18-04-11 14:05:51 [ DEBUG]: send_information: action=upgrade app=horde value=None status=431
> 2407 actions.start.progress 18-04-11 14:05:51 [ DEBUG]: 100
> 2407 actions.start 18-04-11 14:05:51 [ DEBUG]: /etc/init.d/docker-app-horde returned with 0
> 2407 actions.start 18-04-11 14:05:51 [ INFO]: Starting docker-app-horde (via systemctl): docker-app-horde.service.
> 2407 actions.start 18-04-11 14:05:51 [ DEBUG]: Calling /etc/init.d/docker-app-horde start
> 2407 actions.start.progress 18-04-11 14:05:51 [ DEBUG]: 0
> 2407 actions.start 18-04-11 14:05:51 [ DEBUG]: Calling start
> 2407 actions.upgrade 18-04-11 14:05:51 [ WARNING]: Aborting...
> 2407 actions.upgrade 18-04-11 14:05:51 [CRITICAL]: App upgrade script failed
> 2407 packages 18-04-11 14:05:51 [ DEBUG]: Releasing LOCK
>
> 2407 actions.upgrade 18-04-11 14:05:51 [CRITICAL]: Could not register Component
> 2407 actions.upgrade.container.a0ae 18-04-11 14:05:50 [ WARNING]: Could not register Component
> 2407 actions.upgrade.container.a0ae 18-04-11 14:05:50 [ WARNING]: univention-app register: error: Unable to find version 5.2.17-2 of app horde. Maybe "/usr/bin/univention-app update" to get the latest list of applications?
> 2407 actions.upgrade.container.a0ae 18-04-11 14:05:50 [ WARNING]: [apps [apps ...]]
> 2407 actions.upgrade.container.a0ae 18-04-11 14:05:50 [ WARNING]: [--do-it] [--undo-it]
> 2407 actions.upgrade.container.a0ae 18-04-11 14:05:50 [ WARNING]: [--host] [--app] [--database] [--attributes]
> 2407 actions.upgrade.container.a0ae 18-04-11 14:05:50 [ WARNING]: [--pwdfile PWDFILE] [--component] [--files]
> 2407 actions.upgrade.container.a0ae 18-04-11 14:05:50 [ WARNING]: usage: univention-app register [-h] [--noninteractive] [--username USERNAME]
> 2407 actions.upgrade.container.a0ae 18-04-11 14:04:52 [ INFO]: Downloading "http://appcenter.software-univention.de/meta-inf/4.1/all.tar.zsync"...
> 2407 actions.upgrade.container.a0ae 18-04-11 14:04:51 [ INFO]: Downloading "https://appcenter.software-univention.de/meta-inf/license_types.ini"...
> 2407 actions.upgrade.container.a0ae 18-04-11 14:04:51 [ INFO]: Downloading "https://appcenter.software-univention.de/meta-inf/rating.ini"...
> 2407 actions.upgrade.container.a0ae 18-04-11 14:04:51 [ INFO]: Downloading "https://appcenter.software-univention.de/meta-inf/categories.ini"...
> 2407 actions.upgrade.container.a0ae 18-04-11 14:04:51 [ INFO]: Downloading "https://appcenter.software-univention.de/meta-inf/4.1/all.tar.gpg"...
> 2407 actions.upgrade.container.a0ae 18-04-11 14:04:51 [ INFO]: Downloading "https://appcenter.software-univention.de/meta-inf/4.1/index.json.gz.gpg"...
> 2407 actions.upgrade.container.a0ae 18-04-11 14:04:51 [ INFO]: Downloading "https://appcenter.software-univention.de/meta-inf/4.1/index.json.gz"...
> 2407 actions.upgrade.container.a0ae 18-04-11 14:04:43 [ INFO]: Installing packages for horde=5.2.17-2
> 2407 actions.upgrade.container.a0ae 18-04-11 14:04:42 [ DEBUG]: Calling docker exec a0ae32xx008264fe4f72 /usr/share/univention-docker-container-mode/update_app_version --username Administrator --app horde --error-file /var/univention/tmp/tmpDqulyS --password-file /var/univention/tmp/tmpYT3IMz --app-version 5.2.17-2
> 2407 actions.upgrade.container.a0ae 18-04-11 14:04:42 [ DEBUG]: Using container.a0ae for container a0ae32xx21bff008264fe4f72
> 2407 actions.upgrade 18-04-11 14:04:39 [ INFO]: Executing interface update_app_version for horde
> 2407 actions.upgrade 18-04-11 14:04:39 [ INFO]: Upgrading app (u'5.2.17-2')
> 2407 actions.upgrade.container.a0ae 18-04-11 14:04:36 [ DEBUG]: Calling docker exec a0ae32378xx21bff008264fe4f72 /usr/share/univention-docker-container-mode/update_available --app horde --app-version 5.2.17-2 --error-file /var/univention/tmp/tmpN8YtnK
> 2407 actions.upgrade.container.a0ae 18-04-11 14:04:36 [ DEBUG]: Using container.a0ae for container a0ae323781c46b3xx64e9c99a2b21bff008264fe4f72
> 2407 actions.upgrade 18-04-11 14:04:36 [ INFO]: Executing interface update_available for horde
> 2407 actions.start.progress 18-04-11 14:04:36 [ DEBUG]: 100
> 2407 actions.start 18-04-11 14:04:36 [ DEBUG]: /etc/init.d/docker-app-horde returned with 0
> 2407 actions.start 18-04-11 14:04:36 [ INFO]: Starting docker-app-horde (via systemctl): docker-app-horde.service.
> 2407 actions.start 18-04-11 14:04:35 [ DEBUG]: Calling /etc/init.d/docker-app-horde start
> 2407 actions.start.progress 18-04-11 14:04:35 [ DEBUG]: 0
> 2407 actions.start 18-04-11 14:04:35 [ DEBUG]: Calling start
> 2407 packages 18-04-11 14:04:35 [ DEBUG]: Holding LOCK
> 2407 actions.upgrade.readme 18-04-11 14:04:30 [ INFO]: the old to the new container.
> 2407 actions.upgrade.readme 18-04-11 14:04:30 [ INFO]: * During this update the /etc/horde configuration files are copied from
For me, the upgrade of the container Horde 5.2.7-3 on UCS 4.3.0 to 5.2.17-2 also doesn’t work.
same in appcenter.log
…
univention-app register: error: Unable to find version 5.2.17-2 of app horde
…
@botner: Is this a problem in the appcenter?
hmm, i just tested the update from 5.2.7-3 to 5.2.17-2 and it worked for me. Is there anything helpful in the /var/log/univention/appcenter.log on the docker host.
Could you also check /var/log/univention/appcenter.log and /var/log/univention/updater.log in the horde container?
univention-app shell horde cat /var/log/univention/updater.log
univention-app shell horde cat /var/log/univention/appcenter.log
Both files in the horde container are last modified in April, so I guess the process did not reach the container at all. On the container host appcenter.log is appended above, updater.log does not show anything except for the hint about “Most of the output for App upgrades goes to *appcenter.log”.
And it is still the same today.
The system is running in a virtual machine and has been upgraded all the way from 4.1, is that maybe a problem?
Removing and reinstalling seems to work from command line (it is installing now), now I need to figure out whether there are any side effects (is the Postgres Database removed?).
No, the horde Database is not removed when removing the horde app.
Thank you, I can confirm this. Also the database is upgraded during the update, as Horde does not show any open SQL upgrades in the administration interface. In this case I assume it is safe to remove the horde app and reinstall it.
Removing and reinstalling the horde app has solved my issue. All the data was still there.