You are not logged in.

Announcement

 Téléchargez la dernière version stable de GLPI      -     Et vous, que pouvez vous faire pour le projet GLPI ? :  Contribuer
 Download last stable version of GLPI                      -     What can you do for GLPI ? :  Contribute

Pages: 1

#1 2024-06-28 08:20:34

LuminousWings
Member
Registered: 2019-01-11
Posts: 25

Unable to update GLPI due to security changes

Hi all,

We're currently running on GLPI version 10.0.9 and I wanted to upgrade to the .15 version due to some issues we're having.
But while upgrading I ran into some new security settings that makes my upgrade fail, now I know nothing about hosting websites, php, etc...
So can anyone explain to me what I need to do to be able to upgrade? Explain it to me like i'm 5 sad

Edit: Our location of the GLPI install is: C:\inetpub\wwwroot\glpi

https://imgur.com/jnvzsu7

Last edited by LuminousWings (2024-06-28 09:32:24)

Offline

#2 2024-06-28 11:58:29

cconard96
Moderator
Registered: 2018-07-31
Posts: 2,809
Website

Re: Unable to update GLPI due to security changes

None of the shown items should be required. They are highly recommended, but shouldn't block the upgrade.

- Safe configuration of web root directory: This is supposed to be optional for GLPI 10 versions. It will be required in GLPI 11 though. The installation documentation shows example configurations for various web servers for changing the document root and setting up rewrite/redirects so that all requests to your GLPI site are proxied through the "public" folder.
https://glpi-install.readthedocs.io/en/ … web-server

- Safe path for data directories: This also shouldn't be required, but again it is explained by the installation documentation.
https://glpi-install.readthedocs.io/en/ … -locations

- Security configuration for sessions: If you don't access GLPI via HTTPS, this isn't needed. If you do, you should ensure that the referenced PHP configuration options are enabled and also redirect basic HTTP requests to HTTPS.

GLPI Collaborator and Plugin Developer.
My non-English comments are automated translations. Sorry for any confusion that causes.
Mes commentaires non anglais sont des traductions automatiques. Désolé pour toute confusion qui cause.
Mis comentarios que no están en inglés son traducciones automáticas. Perdón por cualquier confusión que cause.

Offline

#3 2024-06-28 13:21:47

LuminousWings
Member
Registered: 2019-01-11
Posts: 25

Re: Unable to update GLPI due to security changes

Weird because nothing else was red, some options were "yellow" but those have always been like that.

Offline

#4 2024-06-29 02:09:27

cconard96
Moderator
Registered: 2018-07-31
Posts: 2,809
Website

Re: Unable to update GLPI due to security changes

The "requirements" shown on this page are red for unmet required items as well as optional items that are recommended for security reasons. That was changed in the GLPI 10.0.11 update because the optional security related items were often ignored.
https://github.com/glpi-project/glpi/pull/16013

There should still be the option at the bottom of the page to continue the upgrade.

GLPI Collaborator and Plugin Developer.
My non-English comments are automated translations. Sorry for any confusion that causes.
Mes commentaires non anglais sont des traductions automatiques. Désolé pour toute confusion qui cause.
Mis comentarios que no están en inglés son traducciones automáticas. Perdón por cualquier confusión que cause.

Offline

#5 2024-07-02 11:44:52

LuminousWings
Member
Registered: 2019-01-11
Posts: 25

Re: Unable to update GLPI due to security changes

When the documentation tells me the following options should be changed like this:

GLPI_CONFIG_DIR: set path to the configuration directory;

GLPI_VAR_DIR : set path to the files directory;

GLPI_LOG_DIR : set path to logs files.

Where do I find GLPI_Config_DIR and the others?

Offline

#6 2024-07-02 11:48:31

LaDenrée
HELPER
Registered: 2012-11-19
Posts: 6,287

Re: Unable to update GLPI due to security changes

read the documentation till the end : https://glpi-install.readthedocs.io/en/ … index.html

There are many other configuration directives available, the ones we talked about are the main to take into account for a more secure installation.

Directories choice is entirely up to you; the following example will follow the FHS recommendations.

Our GLPI instance will be installed in /var/www/glpi, a specific virtual host in the web server configuration will reflect this path.

GLPI configuration will be stored in /etc/glpi, just copy the contents of the config directory to this place. GLPI requires read rights on this directory to work; and write rights during the installation process.

GLPI data will be stored in /var/lib/glpi, just copy the contents of the files directory to this place. GLPI requires read and write rights on this directory.

GLPI logs files will be stored in /var/log/glpi, there is nothing to copy here, just create the directory. GLPI requires read and write access on this directory.

Following this instructions, we’ll create a inc/downstream.php file into GLPI directory with the following contents:

<?php
define('GLPI_CONFIG_DIR', '/etc/glpi/');

if (file_exists(GLPI_CONFIG_DIR . '/local_define.php')) {
   require_once GLPI_CONFIG_DIR . '/local_define.php';
}

Warning

GLPI packages will certainly provide a inc/downstream.php file. This one must not be edited!

GLPI looks for a local_define.php file in its own config directory. If you want to use one from new config directory, you have to load it.

Then, create a file in /etc/glpi/local_define.php with the following contents:

<?php
define('GLPI_VAR_DIR', '/var/lib/glpi');
define('GLPI_LOG_DIR', '/var/log/glpi');

Trouver la panne avant de réparer...
GLPI10.0.16 (ubuntu 22.04 PHP8.1  Mariadb10.6 ) plugins : comportements 2.7.3 reports 1.16.0 formcreator 2.13.9, datainjection 2.13.5 fields 1.21.9

Offline

Pages: 1

Board footer

Powered by FluxBB