Forum GLPI-Project

mps

Member

Registered: 2022-10-04

Posts: 32

Plugin Marketplace update broken after 10.0.7 and securing webserver

Hi!

After Update to 10.0.7 we were required to "secure" the webserver as per notice. After figuring out what to do now everything is working again and setup check also states everything OK. But now the automatic plugin installation via marketplace seems broken. The plugin update buttons has a tooltip "The plugin an available but its directory is not writable. Download archive manually, you must uncompress it. Plugins directory
(var/www/html/plugins)

That seems an error to me, as per documentation the only writeable directory should be marketplace not plugins. On the setup page, the check for marketplace is green: Write access to /var/www/html/glpi/marketplace has been validated.Write access to /var/www/html/glpi/marketplace has been validated.

Last edited by mps (2023-04-12 17:51:44)

deanb

Member

Registered: 2023-04-16

Posts: 3

Re: Plugin Marketplace update broken after 10.0.7 and securing webserver

Similar issue here,
Updated to v10.0.7, this worked for a short while but then started getting error 500 when performing certain functions i.e. adding follow-ups to tickets.
Also unable to access the Marketplace page error 500.
Have tried reverting to previous glpi.conf but this did not help.
Some forums point to an incompatible plug-in, on reviewing logs the Tag Management plugin warns that rights assignments now need to be updated per user. (This plugin was updated the day after performing the v10.0.7 update)
Rolled back to the previous night's replica which luckily did not have the error 500 issue and disabled the Tag Management plugin.
Will test this to see if it resolved....

Also worth mentioning that on updating to v10.0.7 I had also updated PHP from v7.4 to v8.2.5

Last edited by deanb (2023-04-16 04:34:39)

mps

Member

Registered: 2022-10-04

Posts: 32

Re: Plugin Marketplace update broken after 10.0.7 and securing webserver

And even if we grant write permission to the folder var/www/html/plugins it still doesn't work. It really seems a bug to me that was introduced with the new enforced "secure web layout" as it worked before like a charme

10.0.7 with PHP 8.1
NGINX conf

server {
   listen 443 ssl;   
   ssl_certificate /etc/nginx/certificates/glpi/name.pem;
   ssl_certificate_key /etc/nginx/certificates/glpi/name.key;
   
   root /var/www/html/glpi/public;
   server_name name;

   location / {
      try_files $uri /index.php$is_args$args;
   }

   location ~ ^/index\.php$ {
      fastcgi_pass unix:/run/php/php8.1-fpm.sock;

      fastcgi_split_path_info ^(.+\.php)(/.*)$;
      include fastcgi_params;

      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
   }
}

deanb

Member

Registered: 2023-04-16

Posts: 3

Re: Plugin Marketplace update broken after 10.0.7 and securing webserver

Ended up uninstalling some plugins which did the trick.
GLPI.conf is back to secured

mps

Member

Registered: 2022-10-04

Posts: 32

Re: Plugin Marketplace update broken after 10.0.7 and securing webserver

Ended up uninstalling some plugins which did the trick.

Installing plugins solved the permission problem? Can you tell, which plugins caused a problem?

deanb

Member

Registered: 2023-04-16

Posts: 3

Re: Plugin Marketplace update broken after 10.0.7 and securing webserver

Uninstalled unused plugins:
-Financial reports
-Web Resources
-Purchase Request
-Tag Management (Suspect this was the culprit though, logs indicated that user permission management has changed with the latest version)
-GLPI Inventory
-Releases
-Taskdrop
-VIP