tidus
April 8, 2020, 10:30am
1
I am trying to update from 18.0.1 to 18.0.3.
The updater fails at the second step: write permission check.
Never had any issue with permissions, I have been updating since version 16. The files are all under nginx user “http” group “http”. I even tried setting permissions to 777 temporarily to see if it would have fixed the issue but it didn’t work.
The files are these:
The following places can not be written to:
/usr/share/webapps/nextcloud/updater/../occ
/usr/share/webapps/nextcloud/updater/../COPYING
/usr/share/webapps/nextcloud/updater/../.user.ini
/usr/share/webapps/nextcloud/updater/../index.html
/usr/share/webapps/nextcloud/updater/../version.php
/usr/share/webapps/nextcloud/updater/../cron.php
/usr/share/webapps/nextcloud/updater/../remote.php
/usr/share/webapps/nextcloud/updater/../robots.txt
/usr/share/webapps/nextcloud/updater/../console.php
/usr/share/webapps/nextcloud/updater/../.htaccess
/usr/share/webapps/nextcloud/updater/../public.php
/usr/share/webapps/nextcloud/updater/../status.php
/usr/share/webapps/nextcloud/updater/../index.php
/usr/share/webapps/nextcloud/updater/../AUTHORS
I am on Manjaro, nginx on the server.
Check the permissions. Post
ls -al /usr/share/webapps/nextcloud
And the user “http” is your nextcloud user?
And “http” can write /etc/webapps/nextcloud/config/config.php ?
lrwxrwxrwx 1 http http 29 9 lug 2019 config -> /etc/webapps/nextcloud/config
I do not know nextcloud config can use with symbolic link.
But it must be edited from nextcloud user “http”.
tidus
April 8, 2020, 11:05am
6
Yes, http is my nginx-php everything user.
Yes it can. permission is -rwxrwxr-x 1 http http 874 8 apr 12.56 config.php
tidus
April 8, 2020, 11:05am
7
I have been using this set up for almost a year now. Never had this issue with any updates before
Perhaps the write permission test was changed.
Perhaps you can move the configuration in the correct directory with the correct rights and test ist again.
tidus
April 8, 2020, 11:47am
9
I will try later. I just tried and this broke nextcloud, probably because of other permissions (php writing to config folder)
If you are using PHP 7.4 you need to enter the paths PHP is allowed to write to. Seems to be a new security feature:
systemctl edit php-fpm.service
Then enter something like this
[Service]
ReadWritePaths = /usr/share/webapps/nextcloud/apps
ReadWritePaths = /usr/share/webapps/nextcloud/apps2
ReadWritePaths = /etc/webapps/nextcloud/config/
And afterwards restart php.fpm: systemctl restart php-fpm.service
Source: [NC18] Problem to access data folder after upgrade to php 7.4
Because I got the following error message while upgrading to Nextcloud 18.0.4 I found a more convenient solution to this:
[error] POST request failed with UpdateException │
[error] Exception: UpdateException │
│Message: │
│Code:0 │
│Trace: │
│#0 /usr/share/webapps/nextcloud/updater/index.php(1333): Updater->checkWritePermissions() │
│#1 {main} │
│File:/usr/share/webapps/nextcloud/updater/index.php │
│Line:417 │
│Data: │
│Array │
│( │
│ [0] => /usr/share/webapps/nextcloud/updater/../index.php │
│ [1] => /usr/share/webapps/nextcloud/updater/../console.php │
│ [2] => /usr/share/webapps/nextcloud/updater/../index.html │
│ [3] => /usr/share/webapps/nextcloud/updater/../COPYING │
│ [4] => /usr/share/webapps/nextcloud/updater/../cron.php │
│ [5] => /usr/share/webapps/nextcloud/updater/../AUTHORS │
│ [6] => /usr/share/webapps/nextcloud/updater/../version.php │
│ [7] => /usr/share/webapps/nextcloud/updater/../occ │
│ [8] => /usr/share/webapps/nextcloud/updater/../.htaccess │
│ [9] => /usr/share/webapps/nextcloud/updater/../.user.ini │
│ [10] => /usr/share/webapps/nextcloud/updater/../status.php │
│ [11] => /usr/share/webapps/nextcloud/updater/../public.php │
│ [12] => /usr/share/webapps/nextcloud/updater/../robots.txt │
│ [13] => /usr/share/webapps/nextcloud/updater/../remote.php │
│)
I’m working with PHP 7.4.5 and php-fpm using nginx under Arch linux.
Simple solution was adding this via systemctl edit php-fpm.service
:
[Service]
ReadWritePaths = /usr/share/webapps/nextcloud/
ReadWritePaths = /etc/webapps/nextcloud/
And restarting the service with systemctl restart php-fpm.service
Probably this is not how this new security feature of PHP 7.4 works but its better than a non working Nextcloud Updater.