Checking for dependencies... /bin/bash: /root/bin/zmcontrol: about certbot-zimbra HOT 7 CLOSED

Hi,
The instructions in certbot_zimbra.sh at lines 162, 739 etc... are pointing to "$HOME"/bin/zmcontrol but Zimbra is installed in /opt/zimbra, so when I run it it stops with this message:

Checking for dependencies...
/bin/bash: /root/bin/zmcontrol: Permission denied
Error: Unable to detect Zimbra version.

In fact all "$HOME"/bin.... are not pointing to Zimbra folder and "HOME" is not defined at the beginning as it should be "$zmpath" which points to "/opt/zimbra"
So it all redirects to the root folder.
Please advise, thank you.

from certbot-zimbra.

Yes, that's definitely a problem that I missed when not testing the previous "fix". Looks like capsh does not set HOME to the user's home. Reverting to sudo will be necessary. I'm working on it.

from certbot-zimbra.

Can you please test https://raw.githubusercontent.com/YetOpen/certbot-zimbra/master/certbot_zimbra.sh

from certbot-zimbra.

Hi Jernej,
Sorry, still not working: bash: /usr/local/bin/certbot_zimbra.sh: Permission denied
I have replaced all $HOME with /opt/zimbra/bash in the previous file yesterday and it worked but I got the limit as too many certificates (5) already issued because of all the errors I got, so I have to wait to retry.
I also still see $HOME/bin in many lines in your updated file, not sure how this will work, maybe I am missing something.
Thank you.

from certbot-zimbra.

bash: /usr/local/bin/certbot_zimbra.sh: Permission denied

That means the permissions on the script file itself are not correct. After installing it you need to chmod +x and chown root:, then run it as root (with sudo).

I have replaced all $HOME with /opt/zimbra/bash

That was supposed to expand to /opt/zimbra which is the zimbra user's home, as set in /etc/passwd and can be seen with echo ~zimbra.

I also still see $HOME/bin in many lines in your updated file, not sure how this will work, maybe I am missing something.

It expands to /opt/zimbra/bin. The expansion is done after changing the user, so HOME is supposed to be set to zimbra's home. I did not test the previous "fix" which actually broke everything because I did not know that capsh did not set HOME but kept it at /root which is why it was failing.

from certbot-zimbra.

You're right it worked after I did chmod +x but I was already running as root.
It looks good so far, I will need to wait for the time it will reset the certificates to 0, thank you for your efforts.

from certbot-zimbra.

I also encountered a different bug caused by using capsh. When the script was ran from certbot as a pre-hook, it would error: Error: "capsh" not found or executable. I think this is caused by PATH not containing /sbin or /bin, possibly because cron does not put them in PATH for commands ran from root's crontab. It would be possible to fix it but since the fix for this issue already switched back to using sudo, it's not needed any more.
I tested the latest script from cron (a root crontab that ran /usr/local/certbot_zimbra.sh -p and -d directly) and it all worked. I don't want to test it from certbot as that would require force renewing the certificate, but it should work as I'm pretty sure certbot preserves PATH.

from certbot-zimbra.