Zentyal 2.3 fails to enable per user public_html and to change web server listening port

[nouseva.voima@…]

When trying to enable per user public_html, Zentyal says "Listening port 80 already exists." Log:

2012/04/27 09:22:35 DEBUG> GeneralSettings.pm:94 EBox::WebServer::Model::GeneralSettings::validateTypedRow - Listening port 80 already exists.

When attempting to change the listening port to work around that, Zentyal tells I've hit a bug, with this in zentyal.log:

2012/04/27 09:21:47 DEBUG> Base.pm:576 EBox::CGI::Base::setErrorFromException
- Not a HASH reference at /usr/share/perl5/EBox/Samba.pm line 778.
$VAR1 = bless( {
                 '-file' => '/usr/share/perl5/EBox/Samba.pm',
                 '-text' => 'Not a HASH reference',
                 '-line' => '778',
                 '-package' => 'Error'
               }, 'Error::Simple' );

[jamor@…]

Hello Nouseva Voima.

thanks for your report. I think is the same than #4005 . Please, refer to that ticket and if I am wrong reopen this one and explain what differences have you found.

Regards.

Javier

[nouseva.voima@…]

Replying to jamor@…:

Hello Nouseva Voima.

thanks for your report. I think is the same than #4005 . Please, refer to that ticket and if I am wrong reopen this one and explain what differences have you found.

Regards.

Javier

I don't believe it's the same, as my server answers in port 80 ("It works!" etc.). Besides, the workaround described is not possible, as the port can't be changed.

Is it possible that another Apache-related package could cause a conflict? I used tasksel to install the standard LAMP stack, but didn't notice any errors.

I installed my Zentyal from PPA on top of a regular 12.04 server install, in case it matters.

[jamor@…]

Hello Nouseva Voima,

I think that is #4005, that your server answers in 80 is normal since it is the default value. However the 'Not a HASH reference' bug makes you unable to apply the workaround.

This last bug is fixed in #4264 . If you apply the fix presented on that ticket you could apply the workaround.

Regards,

Javier

[nouseva.voima@…]

I applied the workaround for 4264. Initially it didn't change anything, but after a reboot I finally managed to change the port, enable public_html and change the port back to 80.

Unfortunately per user public_html still doesn't work as expected. Apache now responds "Forbidden" and its log reveals the following (most of the time only the first two lines per request):

[Mon Apr 30 08:58:06 2012] [error] mod_ldap_userdir: bind as cn=zentyal,dc=zentyal failed: Invalid credentials
[Mon Apr 30 08:58:06 2012] [error] [client 10.0.0.2] (13)Permission denied: access to /~username/ denied
[Mon Apr 30 08:58:06 2012] [error] [client 10.0.0.2] mod_ldap_userdir: LDAP search failed: Operations error
[Mon Apr 30 08:58:06 2012] [error] [client 10.0.0.2] (13)Permission denied: access to /~username/ denied

Is this perhaps related, or should I file a new ticket?

[nouseva.voima@…]

Reopening, as I still can't figure out a way to get per user public_html's working, despite working around the initial port bugs. The latest details are in my previous comment. Apparently Apache doesn't play along with LDAP.

[jamor@…]

What are your exact versions of users, samba and webserver?. You can paste the output of this command: "apt-cahce policy zentyal-webserver zentyal-users zentyal-samba"

[nouseva.voima@…]

Here they are. Had to get rid of 'http' to get past the spam filter.

zentyal-webserver:
  Installed: 2.3.2
  Candidate: 2.3.2
  Version table:
 *** 2.3.2 0
       1001 hxxp://ppa.launchpad.net/zentyal/2.3/ubuntu/ precise/main amd64 Packages
        100 /var/lib/dpkg/status
zentyal-users:
  Installed: 2.3.7
  Candidate: 2.3.7
  Version table:
 *** 2.3.7 0
       1001 hxxp://ppa.launchpad.net/zentyal/2.3/ubuntu/ precise/main amd64 Packages
        100 /var/lib/dpkg/status
     2.3.4 0
        500 hxxp://fi.archive.ubuntu.com/ubuntu/ precise/universe amd64 Packages
zentyal-samba:
  Installed: 2.3.5
  Candidate: 2.3.5
  Version table:
 *** 2.3.5 0
       1001 hxxp://ppa.launchpad.net/zentyal/2.3/ubuntu/ precise/main amd64 Packages
        100 /var/lib/dpkg/status
     2.3.3 0
        500 hxxp://fi.archive.ubuntu.com/ubuntu/ precise/universe amd64 Packages

[jamor@…]

There was a bug in LDAP connection in zentyal-webserver 2.3.2; it is fixed now in [1666b30].

If you want to hotfix your server

1. Replace /usr/share/perl5/EBox/WEbServer with this new version ->  http://git.zentyal.org/zentyal.git/blob_plain/1666b305169f1fc2bd41e34a1c8300e177b81c4a:/main/webserver/src/EBox/WebServer.pm
2. Replace /usr/share/zentyal/stubs/webserver/ldap_userdir.conf.mas with this new version ->  http://git.zentyal.org/zentyal.git/blob_plain/1666b305169f1fc2bd41e34a1c8300e177b81c4a:/main/webserver/stubs/ldap_userdir.conf.mas
3. Excute 'sudo /etc/init.d/zentyal webserver restart'

Please, remember that to made work the public_html feature you have also to give read/execution permission to home directories. They don't have it by default.

Regards,

Javier

[nouseva.voima@…]

The hotfix along with chmod 0755 solved the issue. Thanks!

It sounds a bit troublesome to chmod every user home just to allow them to publish some of their documents; In my case there will be dozens or even hundreds of user accounts coming and going. Is this something temporary or will Zentyal 3.0 require it as well?

[jamor@…]

You are welcome Nouseva Voima.

I forgot to told you that you can change the umask for home directories in the file /etc/zentyal/users.conf. Look for the key 'dir_umask'. However this only applies for new users, old ones should have changed the directory permissions by hands.