Roundcube permissions

Discussion in 'Installation/Configuration' started by Chrys, May 27, 2023.

  1. Chrys

    Chrys Member

    Any ideas where to look?
    I have reinstalled roundcube 50 times deleting config files as well, but nothing.
    All php are 7.4 php-mysql is installed,
    ispconfig works well
    Roundcube is the only package left with this problem
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    There should be a more useful error message in one of the logs. Which exact URL do you use to access Roundcube, do you access it through the apps vhost on port 8081, or trough a website?
     
  3. Chrys

    Chrys Member

    1. i access it through https://localip:8080/roundcube (and through other listed aliases)
    2. the error log message is [client 192.168.0.102:50127] AH01630: client denied by server configuration: /var/lib/roundcube
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Try using the apps vhost, which means port 8081. Using ispconfig vhost on port 8080 can cause permission issues.
     
  5. Chrys

    Chrys Member

    nope same message
    Forbidden
    You don't have permission to access this resource.
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    You can try to configure permissions for whole /var/lib/roundcube folder in the roundcube phpmyadmin config file, currently you have only configurations for its subfolders (which is generally fine and enough to allow access, but there must be an old global config that might interfere here). When your system was quite old and has been updated for a long time, then it might be that it still contains bits and pieces in the global apache config that are from Apache < version 2.3 and apache has the known issue that mixing old allow syntax:

    Order allow,deny
    Allow from all

    with new one:

    Require all granted

    without putting it in matching <IfVersion brackets can cause issues as Apache is unable to grant access with Require All granted when access was denied with old syntax before.

    If you are not familiar with Apache grant syntax and its implications, it might be better for you to contact Thom from ISPConfig business support to fix that for you by remote login https://www.ispconfig.org/get-support/
     
    ahrasis likes this.
  7. Chrys

    Chrys Member

    OK thanks Till. I shall do that.
    It is apparent that every few years one needs to clean install the entire OS. Linux is not that sophisticated to withstand the test of back to back upgrades or even one as in this case..
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    No really. I've been upgrading some of my systems for many years successfully. But in the end, you'll have some custom config, then this config needs to be kept up to date and this requires some deeper knowledge on how systems work and how components of the system like the apache web server are changing over the time.
     
    ahrasis likes this.
  9. Chrys

    Chrys Member

    I have finally fixed the damn problem and I'd like to thank you for your patience.
    The problem, which as far as I can see is a very common one in upgrading linux, is the upgrading of packages and the tendency to keep the older versions. In this case it was PHP 7.3 which for some reason was persistently present and messing everything up. When I uninstalled it and purged its configurations (and reinstalling roundcube) everything lit up like a firecracker.
    I had other problems in the past with postgres which again refused to function pending deletion of its old version.
    Hope I have helped some other poor guy wasting hours..
     
    ahrasis likes this.
  10. Chrys

    Chrys Member

    ...and BTW your alias link in your perfect server guidelines should be corrected to point to public_html for Bullseye
     
  11. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    This differs, I haven't been able to pinpoint it... If we change it it breaks other systems.
     
  12. Chrys

    Chrys Member

    i use 6 different machines all buster upgrades to bullseye and all are using the public_html alias when they were using the previous alias version before, so I dont really know what to make of this other than a practical solution to a given problem in my cluster..
     

Share This Page