In a monitoring environment based on OMD/Thruk (Ubuntu 22.04), we're experiencing a blocking issue:
Accessing `https://<IP>/<site>/thruk` redirects to `/omd` and then immediately returns a **403 Forbidden** without displaying the Thruk login page.
✔️ What works:
- On a new installation (more recent OMD/Thruk), access works normally.
- LDAP configured and working, no recent changes.
- Rights and permissions are correct.
- Tested with and without Puppet agent: no impact.
📚 Apache logs (`/var/log/apache2/error.log`):
No specific errors, just an SSL warning about the certificate's CN.
- Tested the Apache directives: `<Location /thruk> Require all granted` and `Require valid-user` → still 403.
- Checked the permissions on `thruk.fcgi` and the `share/thruk` folder → OK (user and group OMD, chmod 0755).
- Tested LDAP authentication from the command line → working.
- Expected normal access to the Thruk login page as with the new installation, but blocked by a 403 with no explicit message in the logs.
I'm looking for either:
1. A temporary solution to unblock without an immediate update.
2. Confirmation that an update does indeed correct this behavior (and starting from which version).
Thanks for your feedback!
This is fixed in the version v3.22 of Thruk. I quote the changelog:
- Apache:
- add UnsafeAllow3F for Ubuntu packages
You hit this bug https://github.com/sni/thruk/issues/1433 after an apache update.
As a workaround, you can add the flag UnsafeAllow3F manually in /usr/share/thruk/thruk_cookie_auth.include as well.