Thruk URL not working after httpd update

[Vani2468]

Hi,

We have observed that an issue with Thruk URL after httpd update to httpd-2.4.62-1. As per github issue #192, it is advised to update apache inside OMD to 2.4.60+.

Kindly let me know how to update apache inside OMD to 2.4.60+.

[sni]

You could simply update omd to a recent nightly version, then it should be fine again. There is no apache "in" omd. OMD uses the system apache.

[pbiering]

@sni - what was changed in addition, the update

• from EL9.4 httpd-2.4.57
• to EL9.5 httpd-2.4.62

while keeping OMD 5.40 and UnsafeAllow3F breaks, it looks like access to javascript URI /omdmon/thruk/cache/thruk-3.16.js is blocked and also authentication is suddenly required

Apache "base"

[21/Nov/2024:12:49:28 +0100] "GET /omdmon/thruk/cache/thruk-3.16.js HTTP/1.1" 302 253

Apache "OMD"

[21/Nov/2024:12:51:08 +0100] "GET /omdmon/thruk/cache/thruk-3.16.js HTTP/1.1" 302 253 "https://SERVER/omdmon/thruk/cgi-bin/login.cgi?nocookie" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"

[sni]

Question is if it's working with the nightly builds? I am not aware of any issues with the nightly builds.

[pbiering]

tried now OMD 5.41 from 20241120 and found during upgrade of the site the issue:

There was an additional change since 5.40 which causes now an issue on httpd > 2.4.57, auth: needs to be inserted

-RewriteRule ^/(.*)$                  /%1/%{REMOTE_ADDR}~~%{HTTP:Authorization}~~%{HTTP:X-Thruk-Auth-Key}~~%{HTTP:X-Thruk-Auth-User}/____/$1/____/%{QUERY_STRING} [C,NS]
+RewriteRule ^/(.*)$                  /auth:%1/%{REMOTE_ADDR}~~%{HTTP:Authorization}~~%{HTTP:X-Thruk-Auth-Key}~~%{HTTP:X-Thruk-Auth-User}/____/$1/____/%{QUERY_STRING} [C,NS

[sni]

Right, but this change has been incorporated into OMD already in Sep 1st: 693ede5
So it should just work with recent nightly OMD, right?

[pbiering]

Yes, working with OMD 5.41 from 20241120 and OMD 5.40 with patched file.

[fplancot]

After updating Red Hat 9 (and therefore the httpd package) and applying change 693ede5, I am able to connect. However, I have to re-authenticate constantly.

$ httpd -v
Server version: Apache/2.4.62 (Red Hat Enterprise Linux)
Server built:   Aug  3 2024 00:00:00
$ omd version
OMD - Open Monitoring Distribution Version 5.40-labs-edition, Python version 3.9.19

Do you have this issue with version 5.41?

[pbiering]

Since EL 9.4 there is a 2nd change required, related to "UnsafeAllow3F": #204

[lausser]

I have to re-authenticate constantly.

Even if you cleaned up the cache/cookies or using another browser?

[fplancot]

I did indeed clear my browser cache (Firefox) entirely after noticing that navigation worked with Chrome or Edge.
That indeed resolved the issue. Thank you!