[horde] "Error: User is not authorized for imp" with PHP 5.6
Simon B
simon.buongiorno at gmail.com
Fri Jun 6 19:23:03 UTC 2014
On 6 Jun 2014 21:00, "Mauricio Jose T. Tecles" <mtecles at biof.ufrj.br> wrote:
>
> ----- Mensagem de adorman at ironicdesign.com ---------
> Data: Fri, 06 Jun 2014 09:20:08 -0500
> De: Andy Dorman <adorman at ironicdesign.com>
> Assunto: Re: [horde] "Error: User is not authorized for imp" with PHP 5.6
> Para: horde at lists.horde.org
>
>
>
>> On 05/29/2014 03:08 PM, Michael M Slusarz wrote:
>>>
>>> Quoting Ernie Dunbar <maillist at lightspeed.ca>:
>>>
>>>> After yesterday's difficulty in getting Horde set up (I moved the
>>>> directory back to its original installation value and changed back what
>>>> configuration I had changed), I'm now up against something totally new.
>>>>
>>>> I'm able to log in to Horde with a regular user as well as the
>>>> administrator, authenticate against our IMAP server (I can see the
>>>> successful authentication in the IMAP server's logs), but nobody can
use
>>>> IMP. I just see that panel filled with the message:
>>>>
>>>> "ERROR
>>>>
>>>> User is not authorized for imp"
>>>>
>>>> If I try to click on the "Mail" menu at the top, I apparently get
logged
>>>> out, which seems strange.
>>>
>>>
>>> No... you are being kicked out to the IMP authentication screen. I've
>>> been meaning to make this more clear on the login screen, so I should
>>> probably do it before we release 5.2.
>>>
>>> michael
>>>
>>> ___________________________________
>>> Michael Slusarz [slusarz at horde.org]
>>>
>>
>> I just ran into the same problem, imp login failure, but I believe it is
because php 5.6 has apparently changed something that is causing imp
authentication to fail. So far I have not found a good indication of what
that might be.
>>
>> We run a development server where we test the latest debian release of
Horde Groupware Webmail (currently Horde 5.1.6/IMP 6.1.7-1).
>>
>> It has been working well with only a couple of minor issues (apparent
cookie timeouts and such). Last night it was working fine and I read my
email with no problems.
>>
>> This morning I updated the development server to PHP 5.6.0-beta3 and was
very surprised when I tried to log in and got the Horde fatal error page at
the end of this email.
>>
>> I mainly want to alert the community that there may be a coming issue
with PHP 5.6 that needs to be addressed. And if anyone knows of a
suggested patch to test, I will be happy to try it.
>>
>> We are using Apache2 with php-fpm and there is nothing in the php-fpm
log that indicates a problem.
>
>
> Just a hint, I don't know if this is the problem. I cote from a recent
Debian Wheezy PHP update:
> "php5 (5.4.4-14+deb7u9) stable; urgency=medium
I did the same update and have the same symptoms...
Simon
> * The default PHP FPM socket permission has been changed from 0666
> to 0660 to mitigate security vulnerability (CVE-2014-0185) in PHP
> FPM that allowed any local user to run a PHP code under the active
> user of FPM process via crafted FastCGI client.
>
> The default Debian setup now correctly sets the listen.owner and
> listen.group to www-data:www-data in default php-fpm.conf. If you
> have more FPM instances or a webserver not running under www-data
> user you need to adjust the configuration of FPM pools in
> /etc/php5/fpm/pool.d/ so the accessing process has rights to
> access the socket.
>
> -- Ondrej Surý <ondrej at debian.org> Mon, 12 May 2014 14:23:05 +0200"
>
> Mauricio
>
>
>>
>> I checked the cyrus IMAP log and it indicated a successful login:
>>
>> ==== cyrus log ====
>>>
>>> 2014-06-06T08:24:16.559279-05:00 yorick cyrus/lmtp[29949]: accepted
connection
>>> 2014-06-06T08:24:16.559389-05:00 yorick cyrus/lmtp[29949]: connection
from yorick.ironicdesign.com [192.168.0.23]
>>> 2014-06-06T08:24:16.560739-05:00 yorick cyrus/lmtp[29949]: login:
yorick.ironicdesign.com [192.168.0.23] cyrus PLAIN User logged in
>>
>> ...
>>
>> The horde logs are currently set to NOTICE and we see our local "last
login" update followed by login success to horde and then ingo and horde
reporting "User is not authorized for imp".
>>
>> ==== Horde logs ====
>>>
>>> 2014-06-06T08:56:14.411195-05:00 yorick HORDE: [imp] Setting hostname "
yorick.ironicdesign.com" from client [76.29.224.98] [pid 28978 on line 31
of "/etc/horde/imp/backends.local.php"]
>>> 2014-06-06T08:56:14.684240-05:00 yorick HORDE: [imp] modified
fmLastLogin for uid=andydorman at comehome.net,ou=addresses,o=antespam.com to
be Fri Jun 6 13:56:14 2014 [pid 28978 on line 84 of
"/etc/horde/imp/backends.local.php"]
>>> 2014-06-06T08:56:14.734835-05:00 yorick HORDE: [horde] Login success
for andydorman at comehome.net [76.29.224.98] to horde. [pid 28978 on line 150
of "/usr/share/horde/login.php"]
>>> 2014-06-06T08:56:15.461147-05:00 yorick HORDE: [ingo] Finding sieve
hostname "yorick.ironicdesign.com" from client [76.29.224.98] [pid 28979 on
line 102 of "/etc/horde/ingo/backends.local.php"]
>>> 2014-06-06T08:56:15.562690-05:00 yorick HORDE: [ingo] User is not
authorized for imp [pid 28979 on line 1552 of
"/usr/share/php/Horde/Registry.php"]
>>> 2014-06-06T08:56:15.563162-05:00 yorick HORDE: [horde] User is not
authorized for imp [pid 28979 on line 1645 of
"/usr/share/php/Horde/Registry.php"]
>>
>>
>> I can expand the Horde log level and try another login and report back
if that would help.
>>
>> I can also post my config & registry.local files if it will help, but
there is nothing in the registry.local.php that sets anything related to
imp.
>>
>> Here is the fatal error web page that displays after login. When I
reload the page I get the Horde portal with the imp block showing "User is
not authorized for imp"
>>
>
> ----- Final da mensagem de adorman at ironicdesign.com -----
>
>
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>
> --
> Horde mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
More information about the horde
mailing list