GPG Errors in healthcheck

Installation Issues
1

I am getting gpg errors running the passbolt healthcheck after installation.

Fresh new install with CentOS 7, mariDB, nginx, php. I followed the instructions in passbolt centOS7 instructions.

I can access the passbolt main website, but when I enter the created admin user web link (to activate admin user) I get an error. I am thinking I cant proceed with activating admin user/using passbolt until these gpg error get resolved.

Config

    'App' => [
        'fullBaseUrl' => 'https://localhost_ip',
    ],
    'Datasources' => [
        'default' => [
            'host' => 'localhost_ip',
            //'port' => 'non_standard_port_number',
            'username' => 'user',
            'password' => 'password',
            'database' => 'database',
        ],
    ],
    'passbolt' => [
        'gpg' => [
            'serverKey' => [
                // Server private key fingerprint.
                'fingerprint' => '11111100000011111110000000',
                'public' => CONFIG . 'gpg' . DS . 'serverkey.asc',
                'private' => CONFIG . 'gpg' . DS . 'serverkey_private.asc',
        ],
    ],

Errors gpg healthchecks

[root@localhost]# su -s /bin/bash -c "/var/www/passbolt/bin/cake passbolt healthcheck --gpg" nginx
 Healthcheck shell.Exception: data signing failed in [/var/www/passbolt/src/Utility/Healthchecks/GpgHealthchecks.php, line 304]

Passing healthchecks

[root@localhost]# su -s /bin/bash -c "/var/www/passbolt/bin/cake passbolt healthcheck --application --configFiles --core --database --environment --ssl" nginx
---------------------------------------------------------------
 Healthcheck shell
---------------------------------------------------------------

 Environment

 [PASS] PHP version 7.2.9.
 [PASS] PCRE compiled with unicode support.
 [PASS] The temporary directory and its content are writable.
 [PASS] The public image directory and its content are writable.
 [PASS] The logs directory and its content are writable.
 [PASS] GD or Imagick extension is installed.
 [PASS] Intl extension is installed.
 [PASS] Mbstring extension is installed.

 Config files

 [PASS] The application config file is present
 [PASS] The passbolt config file is present

 Core config

 [PASS] Debug mode is off.
 [PASS] Cache is working.
 [PASS] Unique value set for security.salt
 [PASS] Full base url is set to https://172.16.10.78
 [PASS] App.fullBaseUrl validation OK.
 [PASS] /healthcheck/status is reachable.

 SSL Certificate

 [PASS] SSL peer certificate validates
 [PASS] Hostname is matching in SSL certificate.
 [WARN] Using a self-signed certificate

 Database

 [PASS] The application is able to connect to the database
 [PASS] 18 tables found
 [PASS] Some default content is present
 [PASS] The database schema up to date.

 Application configuration

 [PASS] Using latest passbolt version (2.2.0).
 [PASS] Passbolt is configured to force SSL use.
 [PASS] App.fullBaseUrl is set to HTTPS.
 [PASS] Selenium API endpoints are disabled.
 [PASS] Search engine robots are told not to index content.
 [PASS] Registration is closed, only administrators can add users.
 [PASS] Serving the compiled version of the javascript app
 [PASS] All email notifications will be sent.

 No error found. Nice one sparky!

log errors

[root@localhost]# cat var/log/nginx/error.log
2018/08/24 09:08:21 [error] 2223#0: *44 FastCGI sent in stderr: "PHP message: PHP Warning:  file_put_contents(/var/www/passbolt/logs/error.log) [<a href='https://secure.php.net/function.file-put-contents'>function.file-put-contents</a>]: failed to open stream: Permission denied in /var/www/passbolt/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 133" while reading upstream, client: 172.x.x.x, server: localhost, request: "GET /setup/install/b5694242-3622-4e9c-b58b-5039962a2ab6/a0b0d2c6-8d79-4382-a31b-5b7b31e86a66 HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "localhost"

2018/08/24 09:08:28 [error] 2222#0: *46 FastCGI sent in stderr: "PHP message: PHP Warning:  file_put_contents(/va" while reading upstream, client: 172.x.x.x, server: localhost, request: "GET /setup/install/b5694242-3622-4e9c-b58b-5039962a2ab6/a0b0d2c6-8d79-4382-a31b-5b7b31e86a66 HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "localhost"

2018/08/24 09:08:28 [error] 2222#0: *46 FastCGI sent in stderr: "r/www/passbolt/logs/error.log) [<a href='https://secure.php.net/function.file-put-contents'>function.file-put-contents</a>]: failed to open stream: Permission denied in /var/www/passbolt/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 133" while reading upstream, client: 172.x.x.x, server: localhost, request: "GET /setup/install/b5694242-3622-4e9c-b58b-5039962a2ab6/a0b0d2c6-8d79-4382-a31b-5b7b31e86a66 HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "localhost"

2018/08/24 10:31:18 [error] 2221#0: *50 FastCGI sent in stderr: "PHP message: PHP Warning:  file_put_contents(/var/www/passbolt/logs/error.log) [<a href='https://secure.php.net/function.file-put-contents'>function.file-put-contents</a>]: failed to open stream: Permission denied in /var/www/passbolt/vendor/cakephp/cakephp/src/Log/Engine/FileLog.php on line 133" while reading response header from upstream, client: 172.x.x.x, server: localhost, request: "GET /auth/login HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "localhost"

full disclosure this is my first forum post - if additional info will help let me know and I can add :slight_smile:

2

Hi @sudo,
I will need a few more information / things to try:

  1. What is the error that you get when you try to access the admin user web link?
  2. Could you try to set permissions manually inside /var/www/passbolt/logs ? It seems that these files can’t be opened in write mod. Please do a chown -R nginx:nginx /var/www/passbolt/logs
  3. Is the user / group correctly set to nginx in php-fpm (/etc/php-fpm.d/www.conf) ? Did you restart php-fpm afterwards?

Cheers,
Kevin

3

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.