[Freedombox-pkg-team] Bug#1100995: freedombox: Radicale stopped working after upgrade to radicale version 3.5.0-1

Petter Reinholdtsen pere at hungry.com
Fri Mar 21 14:03:07 GMT 2025 

Package: freedombox
Version: 25.5
Severity: important
Affects: radicale

My radicale calendar based on freedombox no longer seem to work.  All my
calendar client requests get 401.

Running 'journalctl -f|grep radic' show these:

  mars 21 14:58:35 freedombox apache-access[1086]: [redacted]:443
    127.0.0.1 - [redacted] [21/Mar/2025:14:58:34 +0100] "OPTIONS
    /radicale/[redacted]/633e907c-[redacted]-a82f4cae0347/ HTTP/2.0" 401
    329 "-" "Evolution/3.46.4"
  
  mars 21 14:58:36 freedombox apache-access[1086]: [redacted]:443
    127.0.0.1 - [redacted] [21/Mar/2025:14:58:35 +0100] "OPTIONS
    /radicale/[redacted]/633e907c-[redacted]-a82f4cae0347/ HTTP/2.0" 401
    115 "-" "Evolution/3.46.4"

The upgrade to radicale 3.5.0-1 changed /etc/radicale/config, which I
suspect broke the setup:

diff --git a/radicale/config b/radicale/config
index 0db3a1e..449a7a8 100644
--- a/radicale/config
+++ b/radicale/config
@@ -46,6 +46,9 @@ key = /etc/ssl/private/ssl-cert-snakeoil.key
 # SSL ciphersuite, secure configuration: DHE:ECDHE:-NULL:-SHA (see also "man openssl-ciphers")
 #ciphersuite = (default)
 
+# script name to strip from URI if called by reverse proxy
+#script_name = (default taken from HTTP_X_SCRIPT_NAME or SCRIPT_NAME)
+
 
 [encoding]
 
@@ -59,8 +62,8 @@ key = /etc/ssl/private/ssl-cert-snakeoil.key
 [auth]
 
 # Authentication method
-# Value: none | htpasswd | remote_user | http_x_remote_user | dovecot | ldap | denyall
-type = remote_user
+# Value: none | htpasswd | remote_user | http_x_remote_user | dovecot | ldap | oauth2 | pam | denyall
+#type = denyall
 
 # Cache logins for until expiration time
 #cache_logins = false
@@ -125,6 +128,15 @@ type = remote_user
 # Value: tls | starttls | none
 #imap_security = tls
 
+# OAuth2 token endpoint URL
+#oauth2_token_endpoint = <URL>
+
+# PAM service
+#pam_serivce = radicale
+
+# PAM group user should be member of
+#pam_group_membership =
+
 # Htpasswd filename
 #htpasswd_filename = /etc/radicale/users
 


Switching back to auth.type=remote_user in the file do not seem to be
enough.  I also tried auth.type=http_x_remote_user, but this did not
solve the issue either.  It seem to me Apache is the rejecting part, the
http request do not reach radicale, at least radicale -D do not show any
activity.

Any clues to spare to get my calendar server back in action?
-- 
Happy hacking
Petter Reinholdtsen

More information about the Freedombox-pkg-team mailing list