Add-ons being updated might be marked as blocked

Describe the bug

When I start the zap proxy from the command line for the first time after installing, it will start fine. If I shut it down, then try to start it up again, it fails to start, citing that the mandatory “network” plugin is missing. This plugin is shown as being installed during the first run: 43232 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine - Add-on downloaded to: /home/gary/.ZAP/plugin/network-beta-0.4.0.zap

NOTE: this apparently doesn’t happen when I run as the root user. Only as non-root.

Steps to reproduce the behavior

1. Start the ZAP proxy: /usr/share/owasp-zap/zap.sh -version -daemon -host 127.0.0.1 -port 52090 -config api.key=dynamic-scan

2. Shut down the proxy via the API: curl -H "X-ZAP-API-KEY: dynamic-scan" http://127.0.0.1:52090/JSON/core/action/shutdown/

3. Try to start the proxy again in the same way, with the same command

Expected behavior

The proxy should start up and enter the ready state, same as before.

Software versions

ZAP 2.12.0 Installed from: https://download.opensuse.org/repositories/home:/cabelo/xUbuntu_20.04/amd64/owasp-zap_2.12.0-1_amd64.deb

Screenshots

No response

Errors from the zap.log file

Found Java version 11.0.16 Available memory: 7851 MB Using JVM args: -Xmx1962m 4841 [main] INFO org.zaproxy.zap.DaemonBootstrap - OWASP ZAP 2.12.0 started 08/11/2022, 21:03:40 with home /home/gary/.ZAP/ 5025 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config api.key = dynamic-scan was dynamic-scan 9797 [ZAP-daemon] INFO org.zaproxy.zap.control.ExtensionFactory - Installed add-ons: [[id=alertFilters, version=14.0.0], [id=automation, version=0.19.0], [id=bruteforce, version=12.0.0], [id=callhome, version=0.5.0], [id=commonlib, version=1.11.0], [id=database, version=0.1.0], [id=diff, version=12.0.0], [id=directorylistv1, version=5.0.0], [id=encoder, version=0.7.0], [id=exim, version=0.3.0], [id=formhandler, version=6.1.0], [id=fuzz, version=13.8.0], [id=gettingStarted, version=14.0.0], [id=graaljs, version=0.3.0], [id=graphql, version=0.11.0], [id=help, version=15.0.0], [id=invoke, version=12.0.0], [id=onlineMenu, version=10.0.0], [id=openapi, version=29.0.0], [id=pscanrules, version=44.0.0], [id=replacer, version=11.0.0], [id=reports, version=0.16.0], [id=requester, version=7.0.0], [id=retest, version=0.4.0], [id=retire, version=0.16.0], [id=reveal, version=5.0.0], [id=scripts, version=33.0.0], [id=soap, version=15.0.0], [id=tips, version=10.0.0], [id=webdriverlinux, version=46.0.0], [id=websocket, version=27.0.0]] 9809 [ZAP-daemon] ERROR org.parosproxy.paros.control.Control - The mandatory add-on was not found: network Refer to https://www.zaproxy.org/docs/developer/ if you are building ZAP from source. Failed to start ZAP. The mandatory add-on was not found: network Refer to https://www.zaproxy.org/docs/developer/ if you are building ZAP from source.

Additional context

For the test I am running in the official ubuntu container: ubuntu:latest (Currently 22.04)

Here is the dockerfile I am using, in case it’s relevant:

FROM ubuntu:latest

ADD https://download.opensuse.org/repositories/home:/cabelo/xUbuntu_20.04/amd64/owasp-zap_2.12.0-1_amd64.deb /tmp/owasp.deb
RUN apt-get -y update
RUN apt-get -y install curl openjdk-11-jre
RUN dpkg -i /tmp/owasp.deb

RUN useradd -ms /bin/bash gary
USER gary
WORKDIR /home/gary

CMD ["/bin/bash"]

Would you like to help fix this issue?

• Yes