Luci & reForris interface not working after automatic update

netbat · January 3, 2023, 9:17pm

My Turris Omnia (version 6.2.0) is inaccessible after today’s update (January 3, 2023). A lighttpd daemon is not listening, both TCP ports 80 & 443 are not active. I can use only the SSH access to the router.

Listening ports:

netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:11883         0.0.0.0:*               LISTEN      3319/mosquitto
tcp        0      0 0.0.0.0:853             0.0.0.0:*               LISTEN      5104/kresd
tcp        0      0 127.0.0.1:9080          0.0.0.0:*               LISTEN      3372/python3
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      2703/sshd -D [liste
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      5104/kresd
tcp        0      0 :::2333                 :::*                    LISTEN      4242/sentinel-minip
tcp        0      0 :::853                  :::*                    LISTEN      5104/kresd
tcp        0      0 :::8033                 :::*                    LISTEN      4239/sentinel-minip
tcp        0      0 ::1:11883               :::*                    LISTEN      3319/mosquitto
tcp        0      0 :::5873                 :::*                    LISTEN      4241/sentinel-minip
tcp        0      0 :::22                   :::*                    LISTEN      2703/sshd -D [liste
tcp        0      0 :::53                   :::*                    LISTEN      5104/kresd
tcp        0      0 :::2133                 :::*                    LISTEN      4237/sentinel-minip

I found some errors in file /var/log/lighttpd/error.log

2023-01-03 21:44:14: (../src/server.c.1588) server started (lighttpd/1.4.67)
2023-01-03 21:44:14: (../src/mod_alias.c.70) url.alias: `/.well-known/acme-challenge/' will never match as `/' matched first
2023-01-03 21:44:14: (../src/server.c.1592) Configuration of plugins failed. Going down.

I have tried to reboot the router, but problem is still the same.

The web service looks like running, but no active lighttpd process is found.

Service status:

service lighttpd status
running

service 2>/dev/null | grep htt
/etc/init.d/lighttpd          	   enabled	   stopped

Processes including http (inc. lighttpd):

ps -ef | grep http
root      4217     1  0 21:17 ?        00:00:00 /usr/bin/sentinel-minipot --ftp=2133 --http=8033 --smtp=5873 --telnet=2333
nobody    4237  4217  0 21:17 ?        00:00:00 /usr/bin/sentinel-minipot --ftp=2133 --http=8033 --smtp=5873 --telnet=2333
nobody    4239  4217  0 21:17 ?        00:00:00 /usr/bin/sentinel-minipot --ftp=2133 --http=8033 --smtp=5873 --telnet=2333
nobody    4241  4217  0 21:17 ?        00:00:01 /usr/bin/sentinel-minipot --ftp=2133 --http=8033 --smtp=5873 --telnet=2333
nobody    4242  4217  0 21:17 ?        00:00:00 /usr/bin/sentinel-minipot --ftp=2133 --http=8033 --smtp=5873 --telnet=2333
root     11856  6373  0 22:30 pts/0    00:00:00 grep http

Pepe · January 3, 2023, 9:37pm

I’d say that the issue is here:

ACME is not included in the default installation and not tested by us. You might want to try run lighttpd in foreground to see more outputs.

netbat · January 3, 2023, 9:45pm

Thank you for your response.

Here is the daemon output if it is started manually (2 trials):

lighttpd -f /etc/lighttpd/lighttpd.conf -m /etc/lighttpd/modules.d/

2023-01-03 22:42:56: (../src/plugin.c.202) dlopen() failed for: /etc/lighttpd/modules.d/mod_indexfile.so Error loading shared library /etc/lighttpd/modules.d/mod_indexfile.so: No such file or directory
2023-01-03 22:42:56: (../src/server.c.1285) loading plugins finally failed
--------------------------

lighttpd -f /etc/lighttpd/lighttpd.conf 

daemonized server failed to start; check error log for details

The /etc/lighttpd/modules.d/ directory is empty.

In the error log file there is the same message as I pasted above.

netbat · January 3, 2023, 10:15pm

I found a workaround which solves the problem. The letsencrypt.conf file should be renamed or removed. Then the web daemon can be started by normal way and both web interfaces are working now.

cd /etc/lighttpd/conf.d
mv letsencrypt.conf   letsencrypt.conf.disabled
service lighttpd start

I do not know why the Let’s Encrypt config file is there. The acme packages are available (see below), but I did not install acme.

opkg list | grep -i acme
acme - 3.0.1-1 - A client for issuing Letsencrypt certificates.
acme-dnsapi - 3.0.1-1 - This package provides DNS API integration for ACME (Letsencrypt) client.

system · January 6, 2023, 10:15pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.