Package: gosa Version: 2.7.4+reloaded3-3 Severity: important Hi,
trying to setup gosa from scratch is successful with Lighttpd but fails with Apache; in this case a user can't finish step 1 of 8, an error message isn't shown. Reason: Since Stretch, apache2 is using a Systemd unit file with setting 'PrivateTmp=true'. As the user, who is setting up GOsa, is informed to echo the session ID to /tmp/gosa.auth the conflict is clear: Both the user and www-data are seeing a different /tmp dir, www-data can't read the file to get the session ID and the setup process is stuck. Unless a smarter solution can be found, maybe some information like the following should be provided on the welcome page. If using Apache, the apache2 PrivateTmp directory needs to be disabled for 'Step 1' to work; so run as root: (1) service apache2 stop (2) sed -i 's/Tmp=true/Tmp=false/' /lib/systemd/system/apache2.service (3) systemctl daemon-reload (4) service apache2 start After 'Step 1' has been successful, the change should be reverted for security reasons: (1) service apache2 stop (2) sed -i 's/Tmp=false/Tmp=true/' /lib/systemd/system/apache2.service (3) systemctl daemon-reload (4) service apache2 start (Another way might be to tell the user to echo the session ID as root to /tmp/<apache-private-dir>/gosa.auth, where the private dir name contains random strings...) Please check. Wolfgang
signature.asc
Description: PGP signature
