[Plugin] CA Fix Common Problems


Recommended Posts

On 11/6/2022 at 4:49 PM, voidpointer said:

The "Fix Common Problems" plugin warns about updating every individual docker container:

 

> Docker Application prowlarr has an update available for it

 

How can I disable this permanently for *all* docker containers?

 

On 10/26/2022 at 12:50 AM, bdr9 said:

This plugin is reporting many warnings on my Unraid server, but they are all Docker container updates. I can ignore them individually, but that only ignores the one specific Docker container, and warnings are still generated for other Docker containers. I would prefer not to receive any warnings for Docker container updates. Is there a way to disable this entire category of warning?

 

This is a very long thread but I can only find issue reports and not a fix.

 

How do I disable the image update warning entirely? I find myself starting to ignore Fix Common Problems because 99/100 it is docker noise and that cant be a good thing when that one time is important.

Link to comment
1 hour ago, OsoPolar said:

Just updated run FIx and it shows this warning!!

But mine is already set to what it suggests ?

 

So not sure why its telling me to do something already set ?

 

Sorry about that, I see the bug.  

 

p.s. this was my bug, not Squid's :) 

Link to comment

Extended Tests are now removed from FCP

 

Extended tests had their use a number of years ago, but nowadays

  1. No matter what you do it's a given that it will always return issues
  2. Those issues are not "real" per se
  3. They're primarily tests for SMB compatibility, (and any errors are once again not "real" issues)
  4. It takes forever to run
  • Like 3
Link to comment

FCP recently started warning me that 

Quote

Your mnemos_unraid_bundle.pem certificate is not valid for your system's hostname 'mnemos.rendezvous.agffa.net'. Either adjust the system name and local TLD to match the certificate, or get a certificate that matches your settings.

 

But my subject CN appears to be set correct for a wildcard

root@mnemos:/boot/config/ssl/certs# openssl x509 -noout -text -in mnemos_unraid_bundle.pem | grep "Subject: CN"
        Subject: CN = *.rendezvous.agffa.net
root@mnemos:/boot/config/ssl/certs#

 and my local TLD also appears to be correct

image.thumb.png.da526507bb62f4e068ec7b9a639d432b.png

 

I am still on unRAID 6.9.2 if that matters.

 

Link to comment
13 hours ago, rjorgenson said:

FCP recently started warning me that 

 

But my subject CN appears to be set correct for a wildcard

root@mnemos:/boot/config/ssl/certs# openssl x509 -noout -text -in mnemos_unraid_bundle.pem | grep "Subject: CN"
        Subject: CN = *.rendezvous.agffa.net
root@mnemos:/boot/config/ssl/certs#

 and my local TLD also appears to be correct

image.thumb.png.da526507bb62f4e068ec7b9a639d432b.png

 

I am still on unRAID 6.9.2 if that matters.

 

 

Would you run these two commands please?

openssl x509 -noout -subject -nameopt multiline -in /boot/config/ssl/certs/mnemos_unraid_bundle.pem | sed -n 's/ *commonName *= //p'

openssl x509 -noout -ext subjectAltName -in /boot/config/ssl/certs/mnemos_unraid_bundle.pem | grep -Eo 'DNS:[a-zA-Z 0-9.*-]*' | sed 's/DNS://g'

 

Is this is an official cert provided by a certificate provider or one you generated?

Link to comment
14 minutes ago, ljm42 said:

 

Would you run these two commands please?

openssl x509 -noout -subject -nameopt multiline -in /boot/config/ssl/certs/mnemos_unraid_bundle.pem | sed -n 's/ *commonName *= //p'

openssl x509 -noout -ext subjectAltName -in /boot/config/ssl/certs/mnemos_unraid_bundle.pem | grep -Eo 'DNS:[a-zA-Z 0-9.*-]*' | sed 's/DNS://g'

 

Is this is an official cert provided by a certificate provider or one you generated?

 

This is a wildacard cert provided by letsencrypt. Here is the output of those two commands.

root@mnemos:~# openssl x509 -noout -subject -nameopt multiline -in /boot/config/ssl/certs/mnemos_unraid_bundle.pem | sed -n 's/ *commonName *= //p'
*.rendezvous.agffa.net
root@mnemos:~# openssl x509 -noout -ext subjectAltName -in /boot/config/ssl/certs/mnemos_unraid_bundle.pem | grep -Eo 'DNS:[a-zA-Z 0-9.*-]*' | sed 's/DNS://g'
*.rendezvous.agffa.net
agffa.net
rendezvous.agffa.net
root@mnemos:~#

 

  • Like 1
Link to comment
6 minutes ago, rjorgenson said:

 

This is a wildacard cert provided by letsencrypt. Here is the output of those two commands.

root@mnemos:~# openssl x509 -noout -subject -nameopt multiline -in /boot/config/ssl/certs/mnemos_unraid_bundle.pem | sed -n 's/ *commonName *= //p'
*.rendezvous.agffa.net
root@mnemos:~# openssl x509 -noout -ext subjectAltName -in /boot/config/ssl/certs/mnemos_unraid_bundle.pem | grep -Eo 'DNS:[a-zA-Z 0-9.*-]*' | sed 's/DNS://g'
*.rendezvous.agffa.net
agffa.net
rendezvous.agffa.net
root@mnemos:~#

 

 

I don't have a wildcard cert to test with, but I'll use the output from those commands to mimic it on a 6.9.2 system.

 

Would you mind uploading your diagnostics.zip file (from Tools -> Diagnostics) as well?

Link to comment
12 hours ago, rjorgenson said:

 

Glad the issue was found. Am I safe to dismiss this for now until a new version is released? Or will I need to change something about my cert eventually anyways?

 

Your cert should be good. Would you please update to today's release of Fix Common Problems and confirm it no longer warns about your setup?

Link to comment
4 minutes ago, Waoji said:

Has anyone noticed that the exclusion list for "Docker Safe New Perms" has disappeared from the Settings/FixProblems page after the patch 2022.12.10 (or 2022.12.09)? I still have some shares on that list which I would like to be able to change. 

That's an oops on my part... Removed as part of removing the extended tests.  I'll add it back in tomorrow

Link to comment

Hi, please could you advise on this. When I click on "The following shares will NOT be touched: Additional shares can be excluded HERE" in Docker Safe New Perms, it takes me to Fix Common Problems. However, there is no option to exclude shares. I have tried updating Fix Common Problems and clearing the browser cache.

 

Edit: I went through and manuualy checked ownership for each share using

find . ! -user nobody

 

Then fixed as required using

newperms /mnt/user/share

 

It would still be cool to do this in a more automate way, though.

Edited by Mushin
  • Upvote 1
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.