[Resolved] Strange behavior when enabling OPT_USE_AUTH

Forum for questions and support relating to the 1.30.x releases only.
Locked
Spart
Posts: 25
Joined: Fri Aug 31, 2012 4:10 pm

[Resolved] Strange behavior when enabling OPT_USE_AUTH

Post by Spart »

ZoneMinder 1.30.4-3 on CentOS 7.3.

When I enable OPT_USE_AUTH, I get essentially locked out of the web interface. The behavior is strange though, I'm not getting an invalid username/password message:
  • The screen briefly flashes to the normal "logging in" and then goes right back to the login page.
  • In /var/log/messages the only thing I see is "Oct 9 15:47:42 localhost web_php[75464]: INF [Login successful for user "admin"]"
  • There are no messages in the /var/log/httpd/error_log
  • When I use incorrect credentials, I get "Invalid username or password." as you would expect. But this message isn't displayed when I use the correct credentials.
I can get right back in by running a this command:

Code: Select all

mysql -uroot -p -e "update zm.Config set Value=0 where name like '%OPT_USE_AUTH';"
What I've already done to troubleshoot:
  • Used a different browser.
  • Before enabling OPT_USE_AUTH, editing the admin user and assigning a new password.
  • Before enabling OPT_USE_AUTH, adding a new user and trying those credentials.
  • Dropping the zm database and re-running zm_create.sql
What else can I do to probe what's going on?

I already prototyped this build in a virtual machine and didn't run into this problem. The only difference I can think of on the production build I'm working on is that I've followed these instructions to put my events and images directories on a different partition. And that part is working great, I have a cam setup and it's recording events just fine. Everything works perfect before I enable auth so I really doubt the partition is the cause?

Also, I should mention that I built my own package in order to use a different apache user/group based on the instructions in this thread. But again, I prototyped this on a VM and didn't run into this issue with enabling auth.
Last edited by Spart on Tue Oct 10, 2017 1:30 pm, edited 1 time in total.
rockedge
Posts: 1199
Joined: Fri Apr 04, 2014 1:46 pm
Location: Connecticut,USA

Re: Strange behavior when enabling OPT_USE_AUTH

Post by rockedge »

what is AUTH_TYPE and AUTH_RELAY set to?
Spart
Posts: 25
Joined: Fri Aug 31, 2012 4:10 pm

Re: Strange behavior when enabling OPT_USE_AUTH

Post by Spart »

rockedge wrote: Tue Oct 10, 2017 12:33 am what is AUTH_TYPE and AUTH_RELAY set to?
builtin and hashed respectively. Same as the test environment on the VM.
Spart
Posts: 25
Joined: Fri Aug 31, 2012 4:10 pm

Re: Strange behavior when enabling OPT_USE_AUTH

Post by Spart »

Figured it out! Switching debugging on in the options (under "Logging") helped.

I was getting these PHP warnings which were being suppressed without debugging on:

Code: Select all

Warning: session_start(): open(/var/lib/php/session/sess_rle6amfkmh8tpr5slqv8bltc25, O_RDWR) failed: Permission denied (13) in /usr/share/zoneminder/www/index.php on line 128

Warning: session_write_close(): open(/var/lib/php/session/sess_rle6amfkmh8tpr5slqv8bltc25, O_RDWR) failed: Permission denied (13) in /usr/share/zoneminder/www/index.php on line 193

Warning: session_write_close(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in /usr/share/zoneminder/www/index.php on line 193
I now dimly remember correcting this in the test environment, where I had first tried to install ZM and then manually change all the permissions and everything to get it to run as a user other than "apache" on CentOS. I believe I had PHP globally set to show errors there, which is why I saw the issue there and not on the production deployment.

The ownership on /var/lib/php/session was "root:apache" and it needs to be "root:whatever" where "whatever" is your new httpd user.

"chown -R root:whatever /var/lib/php/session" fixed this.
Locked