Closed Alex-developer closed 1 month ago
@Alex-developer, how long was the WebUI page up before you saved the settings.
Do you have Use Login
enabled or not? I assume "yes" since that's when it creates a session.
In version v2023.05.01_04 lighttpd is running as root so the php sessions are created with as a root user
root@pi5:/home/pi/allsky/html# ll /var/lib/php/sessions total 4 -rw------- 1 root root 83 Aug 2 22:01 sess_h5nejbkmlecu7dqbatvvua36ea
In v2024.xx.xx lighttpd is running as www-data so lightpd cannot access the previous sessions
Are you sure v2023.05.01_04 lighttpd ran as root? I'm pretty sure it's always run as www-data for as long as I've been involved in Allsky. Either way, my /var/lib/php/sessions directory is owned by root and has nothing in it. I have "Require WebUI Login" disabled so have no sessions.
Are you sure v2023.05.01_04 lighttpd ran as root? I'm pretty sure it's always run as www-data for as long as I've been involved in Allsky. Either way, my /var/lib/php/sessions directory is owned by root and has nothing in it. I have "Require WebUI Login" disabled so have no sessions.
Yes, the v2023.05.01_04 doesnt specify a user, they are commented out in the config so the server will start as root.
#server.username = "www-data"
#server.groupname = "www-data"
Just to confirm this. After a clean install lighttpd is running as root and php sessions written as root
pi@pi5:~ $ ps -ef | grep lightt
root 979 1 0 17:31 ? 00:00:00 /usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
pi@pi5:~ $ sudo ls -sl /var/lib/php/sessions/
total 4
4 -rw------- 1 www-data www-data 83 Aug 3 17:32 sess_ieap0b8kdpaarlv290up76la2o
Good detective work @Alex-developer.
@Alex-developer, do we also need to make sure /var/lib/php/sessions/ is writable by the web server? Mine isn't.
@Alex-developer, do we also need to make sure /var/lib/php/sessions/ is writable by the web server?
Mine isn't.
Probably, I am testing a fix at the moment but need to do a final one to check the permissions on the session directory
When upgrading to the 2024 branch you are unable to save the settings
Clearing the sites cookies, containing the php session id allows the settings to be saved
Need to find out whats going on