roundcube tries to run cleandb.sh as unprivileged www-data user from cron
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
roundcube (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
The roundcube-core package contains this cron job:
0 5 * * * www-data test -x /usr/share/
The Roundcube packages do not install configuration files for any webserver so they should not presume that it will be possible to run a daily cron job as the unprivileged "www-data" user.
This user does not have access to the Roundcube configuration files and it definitely doesn't have access to the database.
This results in a daily email where the script tries to access the default mysql database because it can't read the custom config file:
PHP Fatal error: Uncaught Error: Undefined class constant 'MYSQL_
Stack trace:
#0 /usr/share/
#1 /usr/share/
#2 /usr/share/
#3 /usr/share/
#4 /usr/share/
#5 /usr/share/
#6 {main}
thrown in /usr/share/
The cron job needs to be removed or put in a separate package specifically for running Roundcube in a specific webserver environment where shared users like "www-data" are used.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: roundcube-core 1.3.6+dfsg.1-1
ProcVersionSign
Uname: Linux 4.15.0-117-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.17
Architecture: amd64
Date: Sun Sep 20 08:46:16 2020
InstallationDate: Installed on 2016-03-31 (1633 days ago)
InstallationMedia: Ubuntu-Server 15.10 "Wily Werewolf" - Release amd64 (20151021)
PackageArchitec
SourcePackage: roundcube
UpgradeStatus: Upgraded to bionic on 2020-09-19 (0 days ago)
modified.
Status changed to 'Confirmed' because the bug affects multiple users.