So this morning when trying to login to vaultwarden, i was greeted with an “Error saving device” message.
Naturally I went to the logs:
| Starting Vaultwarden |
| Version 1.23.1 |
|--------------------------------------------------------------------|
| This is an *unofficial* Bitwarden implementation, DO NOT use the |
| official channels to report bugs/features, regardless of client. |
| Send usage/configuration questions or feature requests to: |
| https://vaultwarden.discourse.group/ |
| Report suspected bugs/issues in the software itself at: |
| https://github.com/dani-garcia/vaultwarden/issues/new |
\--------------------------------------------------------------------/
[INFO] No .env file found.
[WARNING] The following environment variables are being overriden by the config file,
[WARNING] please use the admin panel to make changes to them:
[WARNING] SIGNUPS_ALLOWED, INVITATIONS_ALLOWED, ADMIN_TOKEN
[2022-01-17 10:17:02.318][parity_ws][INFO] Listening for new connections on 0.0.0.0:3012.
[2022-01-17 10:17:02.319][start][INFO] Rocket has launched from http://0.0.0.0:80
[2022-01-17 10:17:39.324][request][INFO] POST /api/accounts/prelogin
[2022-01-17 10:17:39.325][response][INFO] POST /api/accounts/prelogin (prelogin) => 200 OK
[2022-01-17 10:17:39.335][request][INFO] POST /identity/connect/token
[2022-01-17 10:17:43.885][error][ERROR] Error saving device.
[CAUSE] DatabaseError(
__Unknown,
"attempt to write a readonly database",
)
[2022-01-17 10:17:43.885][response][INFO] POST /identity/connect/token (login) => 400 Bad Request
This seemed weird to me, so i made the usual checks: Diskspace: still more than 100GB free, shouldn’t be an issue.
File permissions?
well, here is the output of ls -al:
total 412
drwxrwxrwx 1 nobody users 222 Jan 17 04:26 ./
drwxrwxrwx 1 nobody users 620 Dec 24 16:10 ../
-rw-r--r-- 1 root root 1459 Oct 27 12:30 config.json
-rw-r--r-- 1 root root 368640 Jan 17 04:26 db.sqlite3
-rw-r--r-- 1 root root 32768 Jan 17 04:27 db.sqlite3-shm
-rw-r--r-- 1 root root 0 Jan 17 04:26 db.sqlite3-wal
drwxr-xr-x 1 root root 3524 Jan 12 10:17 icon_cache/
-rw------- 1 root root 1191 Feb 12 2021 rsa_key.der
-rw------- 1 root root 1675 Feb 12 2021 rsa_key.pem
-rw-r--r-- 1 root root 270 Feb 12 2021 rsa_key.pub.der
-rw-r--r-- 1 root root 451 Jun 28 2021 rsa_key.pub.pem
Looks normal to me, considdering that this docker uses uid 1000 by default.
For completeness I have also included the config.json, but note that that has not been changed in a few months, and it has been working fine up untill this morning.
I saw in the issues on github that someone had a corrupt sqlite db, so I copied the db file to my pc, and tried opening it with “sqlitebrowser”. this tool was able to read and write to the copy, no problem. So I highly doubt the db is corrupted.
I am unsure on how to proceed, could anyone point me in the right direction?
Edit: forgot to include config.json:
{
"domain": "[censored]",
"sends_allowed": true,
"disable_icon_download": false,
"signups_allowed": false,
"signups_verify": true,
"signups_verify_resend_time": 3600,
"signups_verify_resend_limit": 1,
"org_creation_users": "[censored]",
"invitations_allowed": false,
"emergency_access_allowed": true,
"password_iterations": 100000,
"show_password_hint": false,
"admin_token": "[censored]",
"invitation_org_name": "Bitwarden_RS",
"ip_header": "X-Real-IP",
"icon_cache_ttl": 2592000,
"icon_cache_negttl": 259200,
"icon_download_timeout": 10,
"icon_blacklist_non_global_ips": true,
"disable_2fa_remember": false,
"authenticator_disable_time_drift": false,
"require_device_email": false,
"reload_templates": false,
"log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
"disable_admin_token": false,
"_enable_yubico": false,
"_enable_duo": false,
"_enable_smtp": true,
"smtp_host": "[censored]",
"smtp_ssl": true,
"smtp_explicit_tls": false,
"smtp_port": 587,
"smtp_from": "[censored]",
"smtp_from_name": "Bitwarden_RS",
"smtp_username": "[censored]",
"smtp_password": "[censored]",
"smtp_timeout": 15,
"smtp_accept_invalid_certs": false,
"smtp_accept_invalid_hostnames": false,
"_enable_email_2fa": false,
"email_token_size": 6,
"email_expiration_time": 600,
"email_attempts_limit": 3
}