Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Apache MPM Event compatibility #17057

Closed
2 tasks done
AlexTR85 opened this issue May 1, 2024 · 1 comment
Closed
2 tasks done

Apache MPM Event compatibility #17057

AlexTR85 opened this issue May 1, 2024 · 1 comment

Comments

@AlexTR85
Copy link

AlexTR85 commented May 1, 2024

Code of Conduct

  • I agree to follow this project's Code of Conduct

Is there an existing issue for this?

  • I have searched the existing issues

Version

10.0.15

Bug description

In Ubuntu 22.04.4, if Apache is configured with MPM Event, GLPI does not recognize the following parameters, resulting in this alert:
PHP directive "session.cookie_secure" should be set to "on" when GLPI can be accessed on the HTTPS protocol.
PHP directive "session.cookie_httponly" should be set to "on" to prevent client-side scripts from accessing cookie values.
image

The file currently in use according to Apache itself "info.php" is located at "Loaded Configuration File /etc/php/8.1/fpm/php.ini".

And the parameters are correct:
root@glpi:/etc/php/8.1/fpm/conf.d# find /etc/php/8.1/fpm/ -type f -exec grep -H "session.cookie_httponly" {} +
/etc/php/8.1/fpm/php.ini:session.cookie_httponly = on

I'm not sure if it's being applied correctly, or if GLPI is not compatible with MPM event.

Thank you

Relevant log output

PHP directive "session.cookie_secure" should be set to "on" when GLPI can be accessed on HTTPS protocol.
PHP directive "session.cookie_httponly" should be set to "on" to prevent client-side script to access cookie values

Page URL

https://192.168.0.15/glpi/front/central.php

Steps To reproduce

Install glpi on apache with MPM event
https://blog.jirivanek.eu/en/2023/07/04/how-to-configure-apache-with-mpm-event-and-php-fpm/

Your GLPI setup information

Operating system: Linux glpi 6.5.0-28-generic #​29~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu Apr 4 14:39:20 UTC 2 x86_64
PHP 8.1.2-1ubuntu2.15 fpm-fcgi (Core, FFI, PDO, Phar, Reflection, SPL, SimpleXML, Zend OPcache, apcu, bz2, calendar, cgi-fcgi,
ctype, curl, date, dom, exif, fileinfo, filter, ftp, gd, gettext, hash, iconv, intl, json, ldap, libxml, mbstring, mysqli,
mysqlnd, openssl, pcre, pdo_mysql, posix, readline, session, shmop, sockets, sodium, standard, sysvmsg, sysvsem, sysvshm,
tokenizer, xml, xmlreader, xmlrpc, xmlwriter, xsl, zip, zlib)
Setup: max_execution_time="30" memory_limit="128M" post_max_size="8M" safe_mode="" session.save_handler="files"
upload_max_filesize="2M" disable_functions=""
Software: Apache (Apache Server at 192.168.0.15 Port 443
)
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Server Software: Ubuntu 22.04
Server Version: 10.6.16-MariaDB-0ubuntu0.22.04.1
Server SQL Mode: STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
Parameters: glpi@localhost/glpi
Host info: Localhost via UNIX socket

PHP version (8.1.2-1ubuntu2.15) is supported.PHP version (8.1.2-1ubuntu2.15) is supported.
Sessions configuration is OK.Sessions configuration is OK.
Allocated memory is sufficient.Allocated memory is sufficient.
mysqli extension is installed.mysqli extension is installed.
Following extensions are installed: dom, fileinfo, filter, libxml, json, simplexml, xmlreader, xmlwriter.Following extensions are installed: dom, fileinfo, filter, libxml, json, simplexml, xmlreader, xmlwriter.
curl extension is installed.curl extension is installed.
gd extension is installed.gd extension is installed.
intl extension is installed.intl extension is installed.
zlib extension is installed.zlib extension is installed.
The constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES is present.The constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES is present.
Database engine version (10.6.16) is supported.Database engine version (10.6.16) is supported.
No files from previous GLPI version detected.No files from previous GLPI version detected.
The log file has been created successfully.The log file has been created successfully.
Write access to /var/www/glpi/files/_cache has been validated. Write access to /var/www/glpi/files/_cron has been validated. Write access to /var/www/glpi/files has been validated. Write access to /var/www/glpi/files/_dumps has been validated. Write access to /var/www/glpi/files/_graphs has been validated. Write access to /var/www/glpi/files/_lock has been validated. Write access to /var/www/glpi/files/_pictures has been validated. Write access to /var/www/glpi/files/_plugins has been validated. Write access to /var/www/glpi/files/_rss has been validated. Write access to /var/www/glpi/files/_sessions has been validated. Write access to /var/www/glpi/files/_tmp has been validated. Write access to /var/www/glpi/files/_uploads has been validated.Write access to /var/www/glpi/files/_cache has been validated.
Write access to /var/www/glpi/files/_cron has been validated.
Write access to /var/www/glpi/files has been validated.
Write access to /var/www/glpi/files/_dumps has been validated.
Write access to /var/www/glpi/files/_graphs has been validated.
Write access to /var/www/glpi/files/_lock has been validated.
Write access to /var/www/glpi/files/_pictures has been validated.
Write access to /var/www/glpi/files/_plugins has been validated.
Write access to /var/www/glpi/files/_rss has been validated.
Write access to /var/www/glpi/files/_sessions has been validated.
Write access to /var/www/glpi/files/_tmp has been validated.
Write access to /var/www/glpi/files/_uploads has been validated.

Web server root directory configuration seems safe.Web server root directory configuration seems safe.
PHP directive "session.cookie_secure" should be set to "on" when GLPI can be accessed on HTTPS protocol. PHP directive "session.cookie_httponly" should be set to "on" to prevent client-side script to access cookie values.PHP directive "session.cookie_secure" should be set to "on" when GLPI can be accessed on HTTPS protocol.
PHP directive "session.cookie_httponly" should be set to "on" to prevent client-side script to access cookie values.
OS and PHP are relying on 64 bits integers.OS and PHP are relying on 64 bits integers.
exif extension is installed.exif extension is installed.
ldap extension is installed.ldap extension is installed.
openssl extension is installed.openssl extension is installed.
Following extensions are installed: bz2, Phar, zip.Following extensions are installed: bz2, Phar, zip.
Zend OPcache extension is installed.Zend OPcache extension is installed.
Following extensions are installed: ctype, iconv, mbstring, sodium.Following extensions are installed: ctype, iconv, mbstring, sodium.
Write access to /var/www/glpi/marketplace has been validated.Write access to /var/www/glpi/marketplace has been validated.
Timezones seems loaded in database.Timezones seems loaded in database.

Anything else?

No response

@AlexTR85
Copy link
Author

AlexTR85 commented May 1, 2024

Done, just needed this: sudo systemctl restart php8.1-fpm...

@AlexTR85 AlexTR85 closed this as completed May 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant