vaultwarden
vaultwarden copied to clipboard
Published
20 hours ago •
dani-garcia
dani-garcia
vaultwarden silently fails if LOG_FILE is defined but has no permission to write there
Subject of the issue
I was running vaultwarden manually, env variables preloaded and failed silently with exit code 1. env variable LOG_FILE was set to a correct path, but that path had not yet the correct permission. After setting the correct permission and starting vaultwarden again, the log file existed and a new error message could be read. I can't say which part is the cause of the silent exit - either way vaultwarden should probably write an error message to stderr.
Deployment environment
- vaultwarden version: 1.27.0
-
Install method: source (debian packaging I just created and made publicly available: https://github.com/dionysius/vaultwarden-deb but its not relevant to understand this issue)
-
Clients used: none
-
Reverse proxy and version: none
-
MySQL/MariaDB or PostgreSQL version: sqlite3
-
Other relevant details: LOG_FILE has been removed as journalctl output is sufficient so I'm not affected anymore, but this is still a bug
Steps to reproduce
- set LOG_FILE to a folder where a user has no permission
- preload that env file or provide .env in the working dir
- start vaultwarden as that user (e.g. my debugging command was
sudo -HEu vaultwarden vaultwarden--Eovertakes env that has been preloaded before)
Expected behaviour
An error to stderr indicating the problem of the exit
Actual behaviour
No output
Troubleshooting data
Before fixing permissions
# journalctl -u vaultwarden
Dec 27 22:15:48 vaultwarden systemd[1]: Started Bitwarden Server (Rust Edition).
Dec 27 22:15:48 vaultwarden vaultwarden[27208]: /--------------------------------------------------------------------\
Dec 27 22:15:48 vaultwarden vaultwarden[27208]: | Starting Vaultwarden |
Dec 27 22:15:48 vaultwarden vaultwarden[27208]: |--------------------------------------------------------------------|
Dec 27 22:15:48 vaultwarden vaultwarden[27208]: | This is an *unofficial* Bitwarden implementation, DO NOT use the |
Dec 27 22:15:48 vaultwarden vaultwarden[27208]: | official channels to report bugs/features, regardless of client. |
Dec 27 22:15:48 vaultwarden vaultwarden[27208]: | Send usage/configuration questions or feature requests to: |
Dec 27 22:15:48 vaultwarden vaultwarden[27208]: | https://vaultwarden.discourse.group/ |
Dec 27 22:15:48 vaultwarden vaultwarden[27208]: | Report suspected bugs/issues in the software itself at: |
Dec 27 22:15:48 vaultwarden vaultwarden[27208]: | https://github.com/dani-garcia/vaultwarden/issues/new |
Dec 27 22:15:48 vaultwarden vaultwarden[27208]: \--------------------------------------------------------------------/
Dec 27 22:15:48 vaultwarden vaultwarden[27208]: [INFO] No .env file found.
Dec 27 22:15:49 vaultwarden systemd[1]: vaultwarden.service: Main process exited, code=exited, status=1/FAILURE
# ls -lah /var/log/vaultwarden/
total 3.0K
drwxr-xr-x 2 root root 2 Dec 27 21:27 .
drwxrwxr-x 9 root syslog 20 Dec 27 22:14 ..
# ls -lah /var/lib/vaultwarden/data/
total 6.0K
drwxr-xr-x 2 vaultwarden vaultwarden 4 Dec 27 22:15 .
drwxr-xr-x 3 root root 3 Dec 27 22:15 ..
-rw-r--r-- 1 vaultwarden vaultwarden 1.7K Dec 27 22:15 rsa_key.pem
-rw-r--r-- 1 vaultwarden vaultwarden 451 Dec 27 22:15 rsa_key.pub.pem
After fixing permissions:
# journalctl -u vaultwarden
Dec 27 22:29:00 vaultwarden systemd[1]: Started Bitwarden Server (Rust Edition).
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: /--------------------------------------------------------------------\
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: | Starting Vaultwarden |
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: |--------------------------------------------------------------------|
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: | This is an *unofficial* Bitwarden implementation, DO NOT use the |
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: | official channels to report bugs/features, regardless of client. |
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: | Send usage/configuration questions or feature requests to: |
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: | https://vaultwarden.discourse.group/ |
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: | Report suspected bugs/issues in the software itself at: |
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: | https://github.com/dani-garcia/vaultwarden/issues/new |
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: \--------------------------------------------------------------------/
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: [INFO] No .env file found.
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: [2022-12-27 22:29:00.152][vaultwarden][ERROR] Web vault is not found at 'web-vault/'. To in>
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: [2022-12-27 22:29:00.152][vaultwarden][ERROR] https://github.com/dani-garcia/vaultwarden/wi>
Dec 27 22:29:00 vaultwarden vaultwarden[27517]: [2022-12-27 22:29:00.152][vaultwarden][ERROR] You can also set the environment variable 'WE>
Dec 27 22:29:00 vaultwarden systemd[1]: vaultwarden.service: Main process exited, code=exited, status=1/FAILURE
# ls -lah /var/log/vaultwarden/
total 4.0K
drwxr-xr-x 2 vaultwarden vaultwarden 3 Dec 27 22:28 .
drwxrwxr-x 9 root syslog 20 Dec 27 22:14 ..
-rw-rw-r-- 1 vaultwarden vaultwarden 780 Dec 27 22:29 vaultwarden.log
# cat /var/log/vaultwarden/vaultwarden.log
[2022-12-27 22:28:28.714][vaultwarden][ERROR] Web vault is not found at 'web-vault/'. To install it, please follow the steps in:
[2022-12-27 22:28:28.728][vaultwarden][ERROR] https://github.com/dani-garcia/vaultwarden/wiki/Building-binary#install-the-web-vault
[2022-12-27 22:28:28.730][vaultwarden][ERROR] You can also set the environment variable 'WEB_VAULT_ENABLED=false' to disable it
