Vulnerabilities detected

[tgriep]

Can you post the repository you used to get the updated PHP version 7 from?
If we have access to it, we could try and replicate the issue.
Also, what were the steps used to do the upgrade?

If the server has SSL enabled, you would want to look in the SSL error log to see why the server was generating the HTTP Error 500.

Code: Select all

/var/log/httpd/ssl_error_log

[castroi]

Hello,

To avoid to break the setup and to do a smoother migration we tried:

sudo yum-config-manager --enable rhel-server-rhscl-7-rpms
sudo yum install rh-php70

this allow us to install in parallel php 7.0.10 from Red Hat RHSCL.

[castroi@ymq-lpnagapp1 ~]$ php -v
PHP 5.4.16 (cli) (built: Aug 5 2016 07:50:38)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies
[castroi@ymq-lpnagapp1 ~]$ scl enable rh-php70 -- php -v
PHP 7.0.10 (cli) (built: Nov 2 2016 13:59:40) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
[castroi@ymq-lpnagapp1 ~]$

How should we then proceed to switch from php 5.4.16 to 7.0.10 , then probably we need to backup/unsintall/re-install nagios ?
We are still on 5.4.16 at the moment.

[tgriep]

I cannot seem to find the rh-php70 package in that repository.
Can you run the following on the server and post the output?

Code: Select all

yum list rh-php70

[castroi]

Hello,

[root@ymq-lpnagapp1 nagiosxi]# yum list rh-php70
Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager
Installed Packages
rh-php70.x86_64 2.3-1.el7 @rhel-server-rhscl-7-rpms
[root@ymq-lpnagapp1 nagiosxi]#
[root@ymq-lpnagapp1 nagiosxi]# php -v
PHP 7.0.10 (cli) (built: Nov 2 2016 13:59:40) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2016 Zend Technologies
[root@ymq-lpnagapp1 nagiosxi]#


We have switched of php version to test again the install following https://access.redhat.com/solutions/527703 .
We first unsinstall nagiosxi with uninstall script, reboot and try new install with php 7.0
Install is failing with attached install.log

[tgriep]

I found that the Redhat 7 server I have access cannot be upgraded so I cannot install PHP 7 on it.

The install.log is showing that Nagios XI wasn't fully removed from your server. Try removing it again by following the procedure in this document.
https://assets.nagios.com/downloads/nag ... ios_XI.pdf
When you reinstall and you get the already configured messages, then the uninstall did not work.

[castroi]

Hello,

I have tried again and now i went further but still with an error.
See attached logs.
To setup php 7 environment we did like follow:

[castroi@ymq-lpnagapp1 ~]$ cat /etc/profile.d/enablephp70.sh
#!/bin/bash
source scl_source enable rh-php70
[castroi@ymq-lpnagapp1 ~]$

When we rollback we just comment the line so it revert back to php 5.4.16 after a reboot.
Then we uninstall, reinstall and restore backup.

Let us know what you see from the logs so we could proceed again to another attempt to run with php 7.0

thank you

[tgriep]

It does look like it is a compatibility problem with PHP 7.
I finally installed PHP7 on the server and I will see if I can get the same sourceguardian error that you are having.

[castroi]

Hello,

Could you please address it ? Our security team is pushing us to upgrade to php 7.x .
I understood that php 7.0 is supported by Nagios XI.

thank you

[tgriep]

I was able to recreate the issue you are having and the developers are looking in to how to resolve the issue.

[castroi]

Hello

Great, let me know when you have a solution .

Thank you