Articles in this section

See more

Unable to log in to Horde on Plesk server: Horde reloads the login page when entering the correct password

Avatar
Marc López
Updated
Follow
Plesk for Linux kb: technical ABT: Group B

Applicable to:

  • Plesk for Linux

Symptoms

  • Unable to log in to Horde on Plesk server as it reloads the login page when entering the correct password

  • SELinux is enabled

    # getenforce
    Enforcing

  • The following can be seen in the /var/log/audit/audit.log file:

    CONFIG_TEXT: type=AVC msg=audit(1603459707.800:2782049): avc: denied { write } for pid=61114 comm="php-cgi" name="proactive.sock" dev="dm-0" ino=1312865 scontext=system_u:system_r:httpd_sys_script_t:s0 tcontext=system_u:object_r:lib_t:s0 tclass=sock_file permissive=0
    type=SYSCALL msg=audit(1603459707.800:2782049): arch=c000003e syscall=42 success=no exit=-13 a0=7 a1=7ffeb5336030 a2=6e a3=bb items=0 ppid=45029 pid=61114 auid=4294967295 uid=987 gid=1008 euid=987 suid=987 fsuid=987 egid=1008 sgid=1008 fsgid=1008 tty=(none) ses=4294967295 comm="php-cgi" exe="/opt/plesk/php/7.3/bin/php-cgi" subj=system_u:system_r:httpd_sys_script_t:s0 key=(null)

  • In /var/log/maillog:

    CONFIG_TEXT: Dovecot
    ns22 dovecot: imap-login: Login: user=<joedoe@example.com>, method=CRAM-MD5, rip=::1, lip=::1, mpid=5403, TLS, session=<L7bg/PShIs0AAAAAAAAAAAAAAAAAAAAB>
    ns22 dovecot: service=imap, user=joedoe@example.com, ip=[::1]. Logged out rcvd=26, sent=512
    Courier
    ns22 courier-imaps: LOGIN, user=joedoe@example.com, ip=[::1], port=[52772], protocol=IMAP
    ns22 courier-imaps: LOGOUT, user=joedoe@example.com, ip=[::1], headers=0, body=0, rcvd=46, sent=350, time=0, starttls=1

  • With Horde debugging enabled the following notice appear in log file /var/log/psa-horde/psa-horde.log

    CONFIG_TEXT: HORDE Guest user is not authorized for Horde

  • stracing the Apache process provides the following line:

    CONFIG_TEXT: open("/var/lib/php/session/sess_l2mscgvjj03gefioseknson8b6", O_RDWR|O_CREAT|O_NOFOLLOW, 0600) = -1 EACCES (Permission denied) <0.000069>

Cause

The directory /var/lib/php/session/ has incorrect SELinux context.

Resolution

Restore the SELinux context:

  1. Connect to the server via SSH

  2. Restore the SELinux context:

    # restorecon -R -v /var/lib/php/session/

  3. In case the issue remains, reinstall "psa-selinux" package to reapply Plesk SELinux policies:

    # yum reinstall psa-selinux

Comments

0 comments

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles