docker-lemonldap icon indicating copy to clipboard operation
docker-lemonldap copied to clipboard

Published 20 hours ago verified publisher icon tiredofit

Apache:Session module failed

Open tomflenner opened this issue 3 years ago • 5 comments

Summary

After fresh install on 2.0-latest or 2.0-alpine-latest cant connect to dwho/dwho demonstration

Steps to reproduce

Just install fresh docker container and try to connect to demonstration's user dwho/dwho

What is the expected correct behavior?

Get logged in

Relevant logs and/or screenshots

image

Environment

Image version / tag: tiredofit/lemonldap:2.0-alpine-latest or tiredofit/lemonldap:2.0-latest Host OS: Debian 4.19.160-2 (2020-11-28) x86_64 GNU/Linux

Any logs | docker-compose.yml 
version: '2'

services:
  lemonldap-app:
    image: tiredofit/lemonldap:2.0-alpine-latest
    container_name: lemonldap-app
    volumes:
    - ./data/etc/lemonldap-ng:/etc/lemonldap-ng
    - ./data/var/lib/lemonldap-ng/conf:/var/lib/lemonldap-ng/conf
    - ./data/var/lib/lemonldap-ng/sessions:/var/lib/lemonldap-ng/sessions
    - ./data/var/lib/lemonldap-ng/psessions:/var/lib/lemonldap-ng/psessions
    - ./logs:/www/logs
    #- ./assets/custom:/assets/custom
    environment:
    - VIRTUAL_HOST=sso.m1miaa.fr,manager.sso.m1miaa.fr,handler.sso.m1miaa.fr
    - VIRTUAL_NETWORK=nginx-proxy
    - VIRTUAL_PORT=80
    - LETSENCRYPT_HOST=sso.m1miaa.fr,manager.sso.m1miaa.fr,handler.sso.m1miaa.fr
    - [email protected]

    - ZABBIX_HOSTNAME=lemonldap-app

    - DOMAIN_NAME=m1miaa.fr
    - API_HOSTNAME=api.manager.sso.m1miaa.fr
    - MANAGER_HOSTNAME=manager.sso.m1miaa.fr
    - PORTAL_HOSTNAME=sso.m1miaa.fr
    - HANDLER_HOSTNAME=handler.sso.m1miaa.fr
    networks:
      - proxy-tier
    cap_add:
      - NET_ADMIN
    privileged: true
    restart: always

networks:
  proxy-tier:
    external:
      name: nginx-proxy

lemonldap-app    | [Thu May 13 23:49:10 2021] [LLNG:1219] [error] Session cannot be tied: Could not open file (/var/lib/lemonldap-ng/sessions/lock//Apache-Session-87ead0f92c763915baecba325303aa6e.lock) for writing: No such file or directory at /usr/share/perl5/vendor_perl/Apache/Session/Lock/File.pm line 75.

Possible fixes

Dont find anything, the Apache::Session is present on the container.

I found this after quick search : https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/1421 but not seems to be the solution

EDIT:

After deep search, it seems to be an error due to the missing folder "lock" under "/var/lib/lemonldap-ng/sessions/" with rights on llng user/group

Maybe check for "lock" under "/var/lib/lemonldap-ng/psessions/" too

Tell me if im right or not ! 👯

tomflenner avatar May 13 '21 23:05 tomflenner

You are right. Interesting how that surfaced, this came up years ago. Will look into and re add the check to force the lock folder to be built.

tiredofit avatar May 14 '21 01:05 tiredofit

OK, I see how it snuck back in. Building tiredofit/lemonldap:2.0.3 is building and should be on DockerHub shortly.

tiredofit avatar May 14 '21 01:05 tiredofit

@tiredofit I'm having the same issue on 2.0.51

radokristof avatar May 27 '23 22:05 radokristof

Fixed it by removing sessions and pgsessions from volume mapping

radokristof avatar Jun 01 '23 16:06 radokristof

Best to map /var/lib/lemonldap, if you absolutely have to create seperate mappings, then ensure that your folders are owned by llng or 2884 and make sure you have a lock directory in each of them.

tiredofit avatar Jun 01 '23 17:06 tiredofit