An internal error occurred when trying to share a resource with a group

Installation Issues
1

Clean installation and I was trying to add a group to a resource when it failed.
It doesn’t appear the searched group or user.

info-passbolt-internal-error
info-passbolt-internal-error1915×980 209 KB

This is the healthcheck. It thorws an error becauseof the debug mode.

/ __ ____ _____ / / ____ / / /
/ // / __ `/ / / __ / __ / / _/
/ / // ( | ) // / // / / /
// _,///./_//__/

Open source password manager for teams

Healthcheck shell

Environment

[PASS] PHP version 7.2.32-1+ubuntu18.04.1+deb.sury.org+1.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable.
[PASS] The public image directory and its content are writable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.

Config files

[PASS] The application config file is present
[PASS] The passbolt config file is present

Core config

[FAIL] Debug mode is on.
[HELP] Set debug = false; in config/passbolt.php
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://vault.sieterecursos.com
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.

SSL Certificate

[PASS] SSL peer certificate validates
[PASS] Hostname is matching in SSL certificate.
[PASS] Not using a self-signed certificate

Database

[PASS] The application is able to connect to the database
[PASS] 23 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.

GPG Configuration

[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /home/admin/.gnupg.
[PASS] The directory /home/admin/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server gpg key is not the default one
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in config/passbolt.php.
[PASS] The server public key defined in the config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.

Application configuration

[PASS] Using latest passbolt version (2.13.5).
[PASS] Passbolt is configured to force SSL use.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] Registration is closed, only administrators can add users.
[PASS] Serving the compiled version of the javascript app
[PASS] All email notifications will be sent.

1 error(s) found. Hang in there!

Checklist
[x ] I have read intro post: About the Installation Issues category
[x ] I have read the tutorials, help and searched for similar issues
[ ] I provide relevant information about my server (component names and versions, etc.)
[x] I provide a copy of my logs and healthcheck
[x] I describe the steps I have taken to trouble shoot the problem
[x] I describe the steps on how to reproduce the issue

2

Hello @raducostinas,

Can you please provide us with the API response output and the API error log ?

Checkout the browser extension debug network to retrieve the API response:

Connect to your server and copy/paste here any relevant information from the logs/error.log file.

3

Please also provide this information.

4

This is the error.log file

2020-08-06 18:24:45 Error: [Cake\Routing\Exception\MissingRouteException] A route matching “/folders.json” could not be found. (/home/admin/web/vault.sieterecursos.com/public_html/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /folders.json?api-version=v2&contain%5Bpermission%5D=1

2020-08-06 19:02:40 Error: [Cake\Routing\Exception\MissingRouteException] A route matching “/folders.json” could not be found. (/home/admin/web/vault.sieterecursos.com/public_html/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /folders.json?api-version=v2&contain%5Bpermission%5D=1

2020-08-06 19:27:13 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/home/admin/web/vault.sieterecursos.com/public_html/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json

2020-08-06 19:27:14 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/home/admin/web/vault.sieterecursos.com/public_html/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json

2020-08-06 20:23:30 Error: [Cake\Routing\Exception\MissingRouteException] A route matching “/folders.json” could not be found. (/home/admin/web/vault.sieterecursos.com/public_html/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /folders.json?api-version=v2&contain%5Bpermission%5D=1

2020-08-06 20:31:53 Error: [Cake\Routing\Exception\MissingRouteException] A route matching “/folders.json” could not be found. (/home/admin/web/vault.sieterecursos.com/public_html/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Exception Attributes: array (
‘url’ => ‘/folders.json’,
)
Request URL: /folders.json?api-version=v2&contain%5Bpermission%5D=1

2020-08-06 20:38:53 Error: [Cake\Routing\Exception\MissingRouteException] A route matching “/folders.json” could not be found. (/home/admin/web/vault.sieterecursos.com/public_html/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Exception Attributes: array (
‘url’ => ‘/folders.json’,
)
Request URL: /folders.json?api-version=v2&contain%5Bpermission%5D=1

info-passbolt-get-request
info-passbolt-get-request823×397 39.1 KB

5

It’s an ubuntu 18.04 with vestacp installed

This is the nginx config

server {

if ($host = vault.domain.com) {
    return 301 https://$host$request_uri;
} # managed by Certbot


listen      198.187.203.112:80;
server_name vault.domain.com;
error_log  /var/log/apache2/domains/vault.domain.com.error.log error;
return 301 https://vault.sieterecursos.com$request_uri;

}

server {
listen 198.187.203.112:443 ssl http2;
server_name vault.sieterecursos.com;
ssl_certificate /etc/letsencrypt/live/vault.domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/vault.domain.com/privkey.pem; # managed by Certbot
ssl_session_timeout 1d;
ssl_session_tickets off;

add_header Strict-Transport-Security max-age=15768000;

ssl_stapling on;
ssl_stapling_verify on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_protocols TLSv1.2 TLSv1.3;
resolver 8.8.8.8 8.8.4.4;

error_log  /var/log/apache2/domains/vault.domain.com.error.log error;

proxy_read_timeout 720s;
proxy_connect_timeout 720s;
proxy_send_timeout 720s;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;

location / {
    proxy_pass      http://198.187.203.112:8080;
    location ~* ^.+\.(jpg|jpeg|gif|png|ico|svg|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|odt|ods|odp|odf|tar|wav|bmp|rtf|js|mp3|avi|mpeg|flv|html|htm)$ {
        root           /home/admin/web/vault.sieterecursos.com/public_html/webroot/;
        access_log     /var/log/apache2/domains/vault.domain.com.log combined;
        access_log     /var/log/apache2/domains/vault.domain.com.bytes bytes;
        expires        max;
        try_files      $uri @fallback;
    }
}

location /error/ {
    alias   /home/admin/web/vault.domain.com/document_errors/;
}

location /share/ {
    alias   /home/admin/web/vault.domain.com/share/;
}

location @fallback {
    proxy_pass      http://198.187.203.112:8080;
}

location ~ /\.ht    {return 404;}
location ~ /\.svn/  {return 404;}
location ~ /\.git/  {return 404;}
location ~ /\.hg/   {return 404;}
location ~ /\.bzr/  {return 404;}

include /home/admin/conf/web/nginx.vault.domain.com.conf*;

}

info-passbolt-permissions
info-passbolt-permissions455×649 16.1 KB

6

The error on the request made to folders.json is an expected result and it should not block you to share a resource with a user or a group. The extension has been updated yesterday and it happens in very rare case that the extension doesn’t restart properly after it. Can you try to shut completely your browser and try again?

7

I didn’t see, but you also get a 404 on the share/search-aros.json request, which is quite unusual.
No error appears in the logs/error.log file of passbolt regarding the entry point share/search-aros.json, I guess the error is linked to vestacp and how the services are configured.

Maybe this rule?

location /share/ {
    alias   /home/admin/web/vault.domain.com/share/;
}
8

Hi @cedric,
I shutted down the server and install everything again. i realized that I skipped a step during the first installation.

I didn’t export the server key :man_facepalming:
gpg --armor --export user@domain.com > /home/user/web/domain.com/public_html/config/gpg/serverkey.asc

Thank u so much for helping me!

9

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.