TeamPass
TeamPass copied to clipboard
nilsteampassnet
Upgrade to 2.1.27.16: upgrade_run_defuse_for_files.php hangs
Steps to reproduce
- upgrade TeamPass 2.1.27.16 from 2.1.27.6
- Follow steps in install/upgrade.php
- Hangs on executing scripts
Expected behaviour
No issues should occur
Actual behaviour
the upgrade process stalls at install/upgrade_run_defuse_for_files.php
Server configuration
Operating system: CentOS 7
Web server: httpd 2.4
Database: mysql 5.6
PHP version: php-5.6.36
Teampass version: 2.1.27.6
Teampass configuration file:
<?php
global $SETTINGS;
$SETTINGS = array (
'max_latest_items' => '10',
'enable_favourites' => '1',
'show_last_items' => '1',
'enable_pf_feature' => '0',
'log_connections' => '1',
'log_accessed' => '1',
'time_format' => 'H:i:s',
'date_format' => 'd/m/Y',
'duplicate_folder' => '1',
'item_duplicate_in_same_folder' => '0',
'duplicate_item' => '0',
'number_of_used_pw' => '3',
'manager_edit' => '1',
'cpassman_dir' => '/var/www/TeamPass',
'cpassman_url' => 'https://teampass.xxxx.com',
'favicon' => 'https://teampass.xxxx.com/favicon.ico',
'path_to_upload_folder' => '/var/www/TeamPass/upload',
'url_to_upload_folder' => 'https://teampass.xxxx.com/upload',
'path_to_files_folder' => '/var/www/TeamPass/files',
'url_to_files_folder' => 'https://teampass.xxxx.com/files',
'activate_expiration' => '0',
'pw_life_duration' => '0',
'maintenance_mode' => '0',
'enable_sts' => '1',
'encryptClientServer' => '1',
'cpassman_version' => '2.1.27',
'ldap_mode' => '1',
'ldap_type' => 'posix',
'ldap_suffix' => '',
'ldap_domain_dn' => 'cn=users,cn=accounts,dc=corp,dc=xxxx,dc=com',
'ldap_domain_controler' => 'ldap.xxxx.com',
'ldap_user_attribute' => 'uid',
'ldap_ssl' => '0',
'ldap_tls' => '0',
'ldap_elusers' => '0',
'ldap_search_base' => 'cn=users,cn=compat,dc=corp,dc=xxxx,dc=com',
'richtext' => '0',
'allow_print' => '0',
'roles_allowed_to_print' => '2',
'show_description' => '1',
'anyone_can_modify' => '0',
'anyone_can_modify_bydefault' => '0',
'nb_bad_authentication' => '0',
'utf8_enabled' => '1',
'restricted_to' => '0',
'restricted_to_roles' => '0',
'enable_send_email_on_user_login' => '0',
'enable_user_can_create_folders' => '1',
'insert_manual_entry_item_history' => '0',
'enable_kb' => '0',
'enable_email_notification_on_item_shown' => '0',
'enable_email_notification_on_user_pw_change' => '1',
'custom_logo' => '',
'custom_login_text' => '',
'default_language' => 'english',
'send_stats' => '0',
'send_statistics_items' => 'stat_users;stat_items;stat_items_shared;stat_folders;stat_folders_shared;stat_admins;stat_managers;stat_ro;stat_mysqlversion;stat_phpversion;stat_languages;',
'send_stats_time' => '1487074644',
'get_tp_info' => '1',
'send_mail_on_user_login' => '0',
'nb_items_by_query' => 'auto',
'enable_delete_after_consultation' => '0',
'enable_personal_saltkey_cookie' => '0',
'personal_saltkey_cookie_duration' => '31',
'email_smtp_server' => '',
'email_smtp_auth' => '',
'email_auth_username' => '',
'email_auth_pwd' => '',
'email_port' => '',
'email_security' => '',
'email_server_url' => '',
'email_from' => '',
'email_from_name' => '',
'pwd_maximum_length' => '92',
'google_authentication' => '0',
'delay_item_edition' => '30',
'allow_import' => '1',
'proxy_ip' => '',
'proxy_port' => '',
'upload_maxfilesize' => '10mb',
'upload_docext' => 'doc,docx,dotx,xls,xlsx,xltx,rtf,csv,txt,pdf,ppt,pptx,pot,dotx,xltx',
'upload_imagesext' => 'jpg,jpeg,gif,png',
'upload_pkgext' => '7z,rar,tar,zip',
'upload_otherext' => 'sql,xml',
'upload_imageresize_options' => '1',
'upload_imageresize_width' => '800',
'upload_imageresize_height' => '600',
'upload_imageresize_quality' => '90',
'use_md5_password_as_salt' => '0',
'ga_website_name' => 'TeamPass for ChangeMe',
'api' => '0',
'subfolder_rights_as_parent' => '0',
'show_only_accessible_folders' => '0',
'enable_suggestion' => '0',
'otv_expiration_period' => '7',
'default_session_expiration_time' => '60',
'duo' => '0',
'enable_server_password_change' => '0',
'ldap_object_class' => 'posixAccount',
'bck_script_path' => '/var/www/TeamPass/backups',
'bck_script_filename' => 'bck_cpassman',
'syslog_enable' => '0',
'syslog_host' => 'localhost',
'syslog_port' => '514',
'manager_move_item' => '1',
'create_item_without_password' => '1',
'otv_is_enabled' => '1',
'agses_authentication_enabled' => '0',
'item_extra_fields' => '0',
'saltkey_ante_2127' => 'redacted',
'menu_type' => 'context',
'teampass_version' => '2.1.27',
'ldap_usergroup' => 'cn=users,cn=compat,dc=corp,dc=xxxx,dc=com',
'ldap_bind_dn' => 'uid=ldaper,cn=users,cn=compat,dc=corp,dc=xxxx,dc=com',
'ldap_bind_passwd' => 'passwordhere',
'ldap_port' => '389',
'copy_to_clipboard_small_icons' => '1',
'tree_counters' => '1'
);
Updated from an older Teampass or fresh install: Updated.
Client configuration
Browser: Chrome latest, Firefox latest
Operating system: Fedora 28 Workstation
Logs
Web server error log
no errors (POST 200)
Log from the web-browser developer console (CTRL + SHIFT + i)
TypeError: data is null[Learn More]
upgrade.php:143:1
Also encountered this during upgrade_run_2.1.27.php:
[{"error" : "includes/config/tp.config.php file already exists and cannot be renamed. Please do it by yourself and click on button Launch.", "result":"", "index" : "", "multiple" : ""}]
Permissions of that file are:
-rw-r--r--. 1 apache apache 5200 Jun 12 07:59 includes/config/tp.config.php
So I am using this as a workaround as one of the next scripts, upgrade_run_defuse_for_pwds.php, requires the file to be there.
mv includes/config/tp.config.php{,.bak} && sync && sleep 0.3s && mv includes/config/tp.config.php{.bak,} && sync
So that the scripts can continue. But it still fails at the point in the issue description (just reran and added the Developer Console output).
I didn't actually have any encrypted files/uploads, so I worked around it by changing:
< if ($SETTINGS['enable_attachment_encryption'] === "0") {
---
> if ("0" === "0") {
So the script probably needs a check if there are actually any files to encrypt ...
The script then continued to upgrade_run_final.php where I had to rename the tp.config.php file again.
Then on the next step (Step 5 - Miscellaneous), I get
document.getElementById("res_step5").innerHTML = "Setting.php file already exists and cannot be renamed. Please do it by yourself and click on button Launch.";document.getElementById("loader").style.display = "none";document.getElementById("but_next").disabled = "";
Renaming it causes:
document.getElementById("res_step1_error").innerHTML = "File settings.php does not exist in folder includes/! If it is an upgrade, it should be there, otherwise select install!";document.getElementById("loader").style.display = "none";
Setting permissions to 777 doesn't help either.
-rwxrwxrwx. 1 apache apache 655 Jun 11 07:39 includes/config/settings.php
SELinux is enabled, context was not writeable, so changed it to:
chcon -R -t httpd_sys_rw_content_t includes/config/
And then back again so that:
restorecon -R includes/config/
ls -lZh includes/config/
-rw-r--r--. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 include.php
-rwxrwxrwx. apache apache system_u:object_r:httpd_sys_content_t:s0 settings.php
-rw-r--r--. apache apache system_u:object_r:httpd_sys_content_t:s0 settings.php.2017_07_28
-rw-r--r--. apache apache unconfined_u:object_r:httpd_sys_content_t:s0 tp.config.php
-rw-r--r--. apache apache system_u:object_r:httpd_sys_content_t:s0 tp.config.php.2017_07_28
This also should probably be included in some script and documentation, to check the SELinux Context.
Upgrade finally succeeded, leaving it open as the mentioned issues might need to be worked on.