Passbolt Stalls at installation of validating GPG key

Installation Issues
1

Checklist
[ x] I have read the tutorials, help and searched for similar issues
[ x] I provide relevant information about my server (component names and versions, etc.)
[ x] I provide a copy of my logs and healthcheck
[ x] I describe the steps I have taken to trouble shoot the problem
[ x] I describe the steps on how to reproduce the issue

I never get to the screen asking to setup my first user with a password.
This is my health check.
dahoward@raspberrypi:~ $ sudo /usr/share/php/passbolt/bin/status-report

 ____                  __          ____
/ __ \____  _____ ____/ /_  ____  / / /_

/ // / __ `/ / / __ / __ / / _/
/ / // ( | ) // / // / / /
// _,///./_//__/

Open source password manager for teams

Passbolt CE 4.1.1
Cakephp 4.4.14
Linux raspberrypi 6.1.21-v8+ #1642 SMP PREEMPT Mon Apr 3 17:24:16 BST 2023 aarch64 GNU/Linux
PHP 7.4.33 (cli) (built: Jun 9 2023 16:51:37) ( NTS )
mysql Ver 15.1 Distrib 10.5.19-MariaDB, for debian-linux-gnueabihf (armv7l) using EditLine wrapper
gpg (GnuPG) 2.2.27
libgcrypt 1.8.8
ERROR: /usr/share/php/passbolt/bin/utils.sh: line 64: composer: command not found

 ____                  __          ____
/ __ \____  _____ ____/ /_  ____  / / /_

/ // / __ `/ / / __ / __ / / _/
/ / // ( | ) // / // / / /
// _,///./_//__/

Open source password manager for teams

Healthcheck shell

Environment

[PASS] PHP version 7.4.33.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable and not executable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.

Config files

[PASS] The application config file is present
[PASS] The passbolt config file is present

Core config

[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://passbolt.howardslife.net
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.

SSL Certificate

[PASS] SSL peer certificate validates
[PASS] Hostname is matching in SSL certificate.
[PASS] Not using a self-signed certificate

Database

[PASS] The application is able to connect to the database
[PASS] 32 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.

GPG Configuration

[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
[PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server OpenPGP key is not the default one
[PASS] The public key file is defined in /etc/passbolt/passbolt.php and readable.
[PASS] The private key file is defined in /etc/passbolt/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in /etc/passbolt/passbolt.php.
[PASS] The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
[PASS] The server public key format is Gopengpg compatible.
[PASS] The server private key format is Gopengpg compatible.

Application configuration

[PASS] Using latest passbolt version (4.1.1).
[PASS] Passbolt is configured to force SSL use.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[INFO] The Self Registration plugin is enabled.
[INFO] Registration is closed, only administrators can add users.
[PASS] The deprecated self registration public setting was not found in /etc/passbolt/passbolt.php.
[WARN] Host availability checking is disabled.
[HELP] Make sure this instance is not publicly available on the internet.
[HELP] Or set the PASSBOLT_EMAIL_VALIDATE_MX environment variable to true.
[HELP] Or set passbolt.email.validate.mx to true in /etc/passbolt/passbolt.php.
[PASS] Serving the compiled version of the javascript app.
[WARN] Some email notifications are disabled by the administrator.

JWT Authentication

[PASS] The JWT Authentication plugin is enabled
[PASS] The /etc/passbolt/jwt/ directory is not writable.
[PASS] A valid JWT key pair was found

SMTP Settings

[PASS] The SMTP Settings plugin is enabled.
[PASS] SMTP Settings coherent. You may send a test email to validate them.
[PASS] The SMTP Settings source is: database.
[WARN] The SMTP Settings plugin endpoints are enabled.
[HELP] It is recommended to disable the plugin endpoints.
[HELP] Set the PASSBOLT_SECURITY_SMTP_SETTINGS_ENDPOINTS_DISABLED environment variable to true.
[HELP] Or set passbolt.security.smtpSettings.endpointsDisabled to true in /etc/passbolt/passbolt.php.

[PASS] No error found. Nice one sparky!

 ____                  __          ____
/ __ \____  _____ ____/ /_  ____  / / /_

/ // / __ `/ / / __ / __ / / _/
/ / // ( | ) // / // / / /
// _,///./_//__/

Open source password manager for teams

Cleanup shell (dry-run)

2023-07-25 03:59:28 notice: Trying to get property ‘id’ of non-object
notice: 8 :: Trying to get property ‘id’ of non-object on line 339 of /usr/share/php/passbolt/plugins/PassboltCe/Folders/src/Model/Table/FoldersRelationsTable.php
2023-07-25 03:59:28 notice: Trying to get property ‘id’ of non-object
notice: 8 :: Trying to get property ‘id’ of non-object on line 339 of /usr/share/php/passbolt/plugins/PassboltCe/Folders/src/Model/Table/FoldersRelationsTable.php
No issue found, data looks squeaky clean!

 ____                  __          ____
/ __ \____  _____ ____/ /_  ____  / / /_

/ // / __ `/ / / __ / __ / / _/
/ / // ( | ) // / // / / /
// _,///./_//__/

Open source password manager for teams

Data check shell
[PASS] Data integrity for AuthenticationTokens.
[PASS] Can validate: 2/2
[PASS] Data integrity for Comments.
[PASS] Can validate: 0/0
[PASS] Data integrity for Favorites.
[PASS] Can validate: 0/0
[PASS] Data integrity for Gpgkeys.
[PASS] Can encrypt: 0/0
[PASS] Pass validation service checks: 0/0
[PASS] Entity data and armored key data matches: 0/0
[PASS] Is not expired: 0/0
[PASS] Is armored key format valid: 0/0
[PASS] Data integrity for Groups.
[PASS] Can validate: 0/0
[PASS] Data integrity for Profiles.
[PASS] Can validate: 1/1
[PASS] Data integrity for Resources.
[PASS] Can validate: 0/0
[PASS] Data integrity for Secrets.
[PASS] Can validate: 0/0
[PASS] Data integrity for Users.
[PASS] Can validate: 1/1
2023-07-25 03:17:15 warning: file_get_contents(/etc/passbolt/gpg/serverkey.asc): failed to open stream: No such file or directory
Request URL: /install/system_check
Referer URL: https://passbolt.howardslife.net/install
Client IP: 192.168.1.1
2023-07-25 03:17:15 warning: file_get_contents(/etc/passbolt/gpg/serverkey_private.asc) [<a href='https://secure.php.net/function.file-get-contents'>function.file-get-contents</a>]: failed to open stream: No such file or directory
Request URL: /install/system_check
Referer URL: *https://passbolt.howardslife.net/install*
Client IP: 192.168.1.1
2023-07-25 03:21:14 warning: chmod(): Operation not permitted
Request URL: /install/installation/do_install.json
Referer URL: *https://passbolt.howardslife.net/install/installation*
Client IP: 192.168.1.1
2023-07-25 03:21:14 warning: chmod() [<a href='https://secure.php.net/function.chmod'>function.chmod</a>]: Operation not permitted
Request URL: /install/installation/do_install.json
Referer URL: *https://passbolt.howardslife.net/install/installation*
Client IP: 192.168.1.1
2023-07-25 03:21:14 warning: chmod() [<a href='https://secure.php.net/function.chmod'>function.chmod</a>]: Operation not permitted
Request URL: /install/installation/do_install.json
Referer URL: *https://passbolt.howardslife.net/install/installation*
Client IP: 192.168.1.1
2023-07-25 03:21:14 warning: chmod() [<a href='https://secure.php.net/function.chmod'>function.chmod</a>]: Operation not permitted
Request URL: /install/installation/do_install.json
Referer URL: *https://passbolt.howardslife.net/install/installation*
Client IP: 192.168.1.1
2023-07-25 03:21:14 warning: chmod() [<a href='https://secure.php.net/function.chmod'>function.chmod</a>]: Operation not permitted
Request URL: /install/installation/do_install.json
Referer URL: *https://passbolt.howardslife.net/install/installation*
Client IP: 192.168.1.1
2023-07-25 03:42:43 error: [Cake\Routing\Exception\MissingRouteException] A route matching “/install” could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /install
Client IP: 192.168.1.1
2023-07-25 03:46:41 error: [Cake\Routing\Exception\MissingRouteException] A route matching “/https://passbolt.howardslife.net/” could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: */https://passbolt.howardslife.net/*
Client IP: 154.28.229.189
2023-07-25 03:58:22 error: [Cake\Routing\Exception\MissingRouteException] A route matching “/install” could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /install
Client IP: 192.168.1.1

2

Hello @Protfire , welcome to our community :slight_smile:

I never get to the screen asking to setup my first user with a password.

Have you been able to go through the WebInstaller though? Because, one of the last steps is creating the first admin user and it’s redirecting to the whole process of creating or importing a gpg key for this user.

Or, are you talking about creating another user? It’s a bit hard to understand what is happening and what do you expect to happen with that little of information. If you can describe a bit more the issues it’d be really helpful :slight_smile:

3

At the end of the webinstaller. At step 2.7 of the guide. Passbolt Help | Install Passbolt CE on Raspberry PI
Before it says complete.
I am running this on a raspberry Pi 4.

4

Alright, what happened after step 2.7 since it seems that you haven’t been able to see the success box? Was the installation too long and you refreshed the page, have you been redirected, did you close the browser? Did you saw any errors ?

With the datacheck, it seems that the admin has been successfully created but not yet configured. If you run this query:

 SELECT email, subject, template_vars FROM email_queue ORDER BY id ASC LIMIT 1;

Do you see “Welcome to passbolt, ${admin_name}” in the subject row?
If yes, inside the template_vars row, there is some arrays but we are searching for the token array, it should like like this:
token”:{"user_id":“73a51858-0435-47d5-bc7f-62eb7ff10590”," token":“98cec5d3-5b87-4ec7-8aad-cafe0cf9b6e3”}

Copy the user_id and token from MySQL and replace the placeholders:

  • https://<YOUR_URL>/setup/install/{user_id}/{token}

Then, you should be able to configure the admin account :wink:

5 
 SELECT email, subject, template_vars FROM email_queue ORDER BY id ASC LIMIT 1;

This command is a SQL querry? I do not know the command to initiate this querry.

6

Alright, what happened after step 2.7 since it seems that you haven’t been able to see the success box?Correct. Was the installation too long and you refreshed the page, have you been redirected, did you close the browser? The installation was too long. I left it for an hour. I refreshed the page and get the please enter your email to continue and when I put my email in I don’t get an email back. Did you saw any errors ? I never saw any errors.

7

I ran the query and got a response of Empty set

8

I reinstalled passbolt again and got the same stall.

image.png
image.png1100×457 17.2 KB

9

Have you already tried to navigate to https://passbolt.howardslife.net, are you able to see something like this ?

Screenshot 2023-07-26 at 07.28.20
Screenshot 2023-07-26 at 07.28.20796×563 15.3 KB

If yes, could you run this mysql query?

mysql -u YOUR_DB_USER -p YOUR_DATABASE
-> ENTER YOUR DB_USER_PASSWORD
SELECT * FROM users;

Is there any rows in there?

10

Yes

image.png
image.png704×380 8.32 KB

11

Alright, thanks for sharing the output.

I’ve reprocued your issues, installing Passbolt CE via package installation, and after steps 2.7 I closed the browser, so I had also an empty set in email_queue table.

What I’ve done is, I have nagivated to the fullBaseUrl (e.g. https://passbolt.local), then I’ll see this prompt asking me to enter the email, I have written the administrator email that I’ve just created through the WebInstaller:

Screenshot 2023-07-27 at 07.47.09
Screenshot 2023-07-27 at 07.47.09887×638 16.8 KB

Then, you should have a message “We sent you a link to verify your email. Check your spam folder if you do not hear from us after a while.”

Now, please comeback to the database and use:
SELECT email, subject, template_vars FROM email_queue ORDER BY id ASC LIMIT 3;

You should not see an empty set but being able to see one of the subject being “Welcome to passbolt, ${admin} !” following my previous message, I have highlighted what we want to retrieve here:

Screenshot 2023-07-27 at 07.53.26
Screenshot 2023-07-27 at 07.53.261489×85 2.95 KB

So, inside the token array, we need the user_id and the token id, once you’ve got them you can create a setup link:
https://<YOUR_URL>/setup/install/<USER_ID>/<TOKEN_ID>, for me it will looks like:

Navigate to the setup url, and you’ll be able to see this page or the page asking you to install the browser extension:

Screenshot 2023-07-27 at 07.48.52
Screenshot 2023-07-27 at 07.48.52806×779 38.2 KB

Finish the account setup process, and you should be able to enjoy Passbolt :smile:

I really hope it helps.

1 Like
12

Thank you so much for working with me. I was able to get in using your information and get my passport set up.

1 Like
13

Hi Antony, I have another problem with my passbolt. Passbolt is creating other users but, not sending out the email with the invitation. I checked the database and get this.

image.png
image.png1852×1016 43.4 KB

I created the Howard account but thought it might be working because it is tied to the passbolt. So I created the Brihow account but, I have no invite email or token listed.

14

Hey @Protfire ,

Since you are looking for the latest emails in the database, could you try:
SELECT email, subject, tempPreformatted textlate_vars FROM email_queue ORDER BY created DESC LIMIT 3;

You should be able to see latest three emails and perform the same workaround I’ve provided earlier. Also, since emails are not sending, you can also take a look at this guide ?