[Resolved] Strange behavior when enabling OPT_USE_AUTH

[Spart]

ZoneMinder 1.30.4-3 on CentOS 7.3.

When I enable OPT_USE_AUTH, I get essentially locked out of the web interface. The behavior is strange though, I'm not getting an invalid username/password message:

• The screen briefly flashes to the normal "logging in" and then goes right back to the login page.
• In /var/log/messages the only thing I see is "Oct 9 15:47:42 localhost web_php[75464]: INF [Login successful for user "admin"]"
• There are no messages in the /var/log/httpd/error_log
• When I use incorrect credentials, I get "Invalid username or password." as you would expect. But this message isn't displayed when I use the correct credentials.

I can get right back in by running a this command:

Code: Select all

mysql -uroot -p -e "update zm.Config set Value=0 where name like '%OPT_USE_AUTH';"

What I've already done to troubleshoot:

• Used a different browser.
• Before enabling OPT_USE_AUTH, editing the admin user and assigning a new password.
• Before enabling OPT_USE_AUTH, adding a new user and trying those credentials.
• Dropping the zm database and re-running zm_create.sql

What else can I do to probe what's going on?

I already prototyped this build in a virtual machine and didn't run into this problem. The only difference I can think of on the production build I'm working on is that I've followed these instructions to put my events and images directories on a different partition. And that part is working great, I have a cam setup and it's recording events just fine. Everything works perfect before I enable auth so I really doubt the partition is the cause?

Also, I should mention that I built my own package in order to use a different apache user/group based on the instructions in this thread. But again, I prototyped this on a VM and didn't run into this issue with enabling auth.

[rockedge]

what is AUTH_TYPE and AUTH_RELAY set to?

[Spart]

what is AUTH_TYPE and AUTH_RELAY set to?

builtin and hashed respectively. Same as the test environment on the VM.

[Spart]

Figured it out! Switching debugging on in the options (under "Logging") helped.

I was getting these PHP warnings which were being suppressed without debugging on:

Code: Select all

Warning: session_start(): open(/var/lib/php/session/sess_rle6amfkmh8tpr5slqv8bltc25, O_RDWR) failed: Permission denied (13) in /usr/share/zoneminder/www/index.php on line 128

Warning: session_write_close(): open(/var/lib/php/session/sess_rle6amfkmh8tpr5slqv8bltc25, O_RDWR) failed: Permission denied (13) in /usr/share/zoneminder/www/index.php on line 193

Warning: session_write_close(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in /usr/share/zoneminder/www/index.php on line 193

I now dimly remember correcting this in the test environment, where I had first tried to install ZM and then manually change all the permissions and everything to get it to run as a user other than "apache" on CentOS. I believe I had PHP globally set to show errors there, which is why I saw the issue there and not on the production deployment.

The ownership on /var/lib/php/session was "root:apache" and it needs to be "root:whatever" where "whatever" is your new httpd user.

"chown -R root:whatever /var/lib/php/session" fixed this.