Text only | Text with Images

OPNsense Forum

English Forums => 25.7 Series => Topic started by: hip.dimmy on August 06, 2025, 10:00:12 AM

Title: Captive Portal Not Working
Post by: hip.dimmy on August 06, 2025, 10:00:12 AM
Good day,

I'm evaluating opnsense for use as central captive portal in our enterprise.

However, after updating to the latest version, Captive portal is not able to start, the log showing some permission issue.

Code Select
2025-08-06T07:47:02 Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/server.c.1978) Configuration of plugins failed. Going down.
2025-08-06T07:47:02 Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.1712) [ERROR]: spawning gw failed.
2025-08-06T07:47:02 Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.568) bind() unix:/var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
2025-08-06T07:47:02 Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.533) connect() /var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
2025-08-06T07:39:27 Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/server.c.1978) Configuration of plugins failed. Going down.
2025-08-06T07:39:27 Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.1712) [ERROR]: spawning gw failed.
2025-08-06T07:39:27 Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.568) bind() unix:/var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
2025-08-06T07:39:27 Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.533) connect() /var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
2025-08-06T07:39:15 Error lighttpd (/usr/obj/u
I also notice segmentation fault during the update.

OOT, is there any way to evaluate the business version (perhaps trial version)?
I want to make sure everything is work as expected before purchasing to business subscription.


Title: Re: Captive Portal Not Working
Post by: sopex8260 on August 06, 2025, 11:34:44 AM
I see no problems at 25.7.1_1 in my testing environment.

Any chance you have enabled "Strict security" in Administration?
Title: Re: Captive Portal Not Working
Post by: hip.dimmy on August 07, 2025, 06:37:07 AM
Quote from: sopex8260 on August 06, 2025, 11:34:44 AMI see no problems at 25.7.1_1 in my testing environment.

Any chance you have enabled "Strict security" in Administration?

Are you referring to `HTTP Strict Transport Security`? if yes, it's disabled.

How I repro the error is:
1. Launch ec2 with ami opensense t3.micro
2. update to the latest firmware 25.1 into 25.7.2 (upon update there is segmentation fault error in the console)
3. Add captive zone 0 and it won't start.

Are you using AWS EC2?
Title: Re: Captive Portal Not Working
Post by: franco on August 07, 2025, 07:50:02 AM
Can you run this command to compare the output?

# grep wwwonly /etc/group /etc/master.passwd
/etc/group:wwwonly:*:789:
/etc/master.passwd:wwwonly:*:789:789::0:0:World Wide Web Only:/nonexistent:/usr/sbin/nologin


Cheers,
Franco
Title: Re: Captive Portal Not Working
Post by: samp on August 15, 2025, 04:05:02 AM
Hi,

I'm having exactly the same issue since upgrading to 25.7.1. The lighttpd instance for the api dispatcher will not run and this will be in /var/log/lighttpd/latest.log:

<29>1 2025-08-15T09:48:26+10:00 <omitted> lighttpd 33291 - [meta sequenceId="16"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/server.c.1974) server started (lighttpd/1.4.79)
<27>1 2025-08-15T09:48:26+10:00 <omitted> lighttpd 33291 - [meta sequenceId="17"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.533) connect() /var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
<27>1 2025-08-15T09:48:26+10:00 <omitted> lighttpd 33291 - [meta sequenceId="18"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.568) bind() unix:/var/lib/php/tmp/php-fastcgi-cp.socket-0: Permission denied
<27>1 2025-08-15T09:48:26+10:00 <omitted> lighttpd 33291 - [meta sequenceId="19"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/gw_backend.c.1712) [ERROR]: spawning gw failed.
<27>1 2025-08-15T09:48:26+10:00 <omitted> lighttpd 33291 - [meta sequenceId="20"] (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.79/src/server.c.1978) Configuration of plugins failed. Going down.


# grep wwwonly /etc/group /etc/master.passwd
/etc/group:wwwonly:*:789:
/etc/master.passwd:wwwonly:*:789:789::0:0:World Wide Web Only:/nonexistent:/usr/sbin/nologin
Title: Re: Captive Portal Not Working
Post by: samp on August 15, 2025, 05:18:39 AM
I've managed to get lighttpd to work temporarily if I comment the following line from /var/etc/lighttpd-api-dispatcher.conf

server.username = "wwwonly"


I seems like the user wwwonly cannot access the fastcgi sockets.
Text only | Text with Images