[BlueOnyx:17525] Re: Roundcube - general issues and permanent fix

Wed May 6 00:35:01 -05 2015

Hi Alberto,

> Solarspeed Mod PHP v. 5.5.22-1

Thank you. I just tried this on a 5208R with PHP-5.5.22-1 and RoundCube
1.0.3 installed and I could replicate the problem you mentioned:

After deployment of RoundCube it insisted that a connection to the MySQL
database could not be established. Although: The same MySQL login
details that RoundCube was configured with worked just fine from the CLI
or with phpMyAdmin.

This problem has plagued us for quite some time now and it was not
always replicable. On 5209R for example it works always fine. No matter
what. Depending on PHP and MySQL versions it also worked fine. Or not.

After a lengthy bug hunt I think I came to the bottom of this:

MySQL related issue:
====================

Some BlueOnyx versions (and some MySQL versions we ship) have the
following defined in /etc/my.cnf:

old_passwords=1

*** This is NOT compatible with RoundCube. ***

It used to be compatible, but eventually they did away with this.
RoundCube uses MySQL hashes to authenticate against MySQLd. If you have
"old_passwords=1" configured, the has has only 16 characters instead of
41 characters. And RoundCube expects 41 characters for a proper full
length password hash.

So I just published an updated base-mysql for BlueOnyx 5207R and 5208R
which will check /etc/my.cnf for the entry "old_passwords=1". If that
entry is found, it is changed to "old_passwords=0" and MySQLd is restarted.

But there is more: PHP related issues
======================================

Starting with the 1.0.0 series of RoundCube also changed the mechanism
in PHP with which they connect to MySQL. For the new mechanism to work
*some* (but not all) PHP versions need the following configured in php.ini:

mysql.default_socket = /var/lib/mysql/mysql.sock
mysqli.default_socket = /var/lib/mysql/mysql.sock
pdo_mysql.default_socket = /var/lib/mysql/mysql.sock

Previously that wasn't needed and like said: Some PHP versions just use
these exact defaults if php.ini doesn't say otherwise.

So I just updated base-vsite for 5207R, 5208R and 5209R to check for the
presence of these settings in php.ini, too. If these values are
unconfigured, the safe defaults will be set.

If suPHP is enabled, this will automatically update the separate php.ini
files of all Vsites that have suPHP enabled.

That fixes the PHP end of things as far as RoundCube is concerned.

Lastly: To get it all working ....
====================================

If you have a 5207R or 5208R and RoundCube shows you that it's unable to
connect to MySQL, then please do this:

1.) Run a "yum update" to get the latest base-mysql and base-vsite RPMs.

2.) Restart CCEd: /sbin/service cced.init restart

3.) Check if RoundCube is now working.

If it is? Fine. Nothing else to do.

If it is *still* not working, then please perform these extra steps:

1.) Make sure you have the latest RoundCube from NewLinQ installed. If a
newer one is available, then please upgrade it to the latest version.

2.) For each Vsite where RoundCube is not working, go to "Server
Management" / "Web Applications" / "WebApp Installer" and click on the
icon for the Vsite in question.

- Then click on the "Action" icon for RoundCube.

- Uninstall RoundCube. You may have to do this twice for some strange
reason.

- Once the RoundCube page says that RoundCube is no longer installed for
this Vsite use the GUI to install it again.

The reason for the reinstall? The password hashes in MySQL. When the
RoundCube user was initially created while old_passwords was set to "1",
then it was created in MySQL with the 16 character password hash and not
the 41 character hash.

There is a MySQL command available with which passwords can be converted
from the old to the new hash format, but I think that's more complicated
than using the GUI to reinstall RoundCube.

Please try the above and if you still have problems with RoundCube, then
let me know.

-- 
With best regards

Michael Stauber