Cannot write into "config" directory after upgrade

ℹ️ Support
1

Nextcloud version (eg, 12.0.2): 18.0.0.10
Operating system and version (eg, Ubuntu 17.04): 4.9.210-1-ARCH
Apache or nginx version (eg, Apache 2.4.25): Nginx 1.16.1
PHP version (eg, 7.1): 7.4.2

The issue you are facing:
After successfully upgrading from NC17 to NC18 and simultaneously upgrading from PHP 7.3 to 7.4, the web interface always returns the error message:
‘Cannot write into “config” directory!
This can usually be fixed by giving the webserver write access to the config directory.’
I’ve narrowed the problem down to PHP’s is_writable() function, which appears to return False for all the nextcloud directories. PHP is run with the user ‘http’, which owns all these directories with 755 permission (and files with 644).

/usr/share/webapps/nextcloud # ls -l
total 140
drwxr-xr-x 33 http http  4096 Jan 23 08:27 3rdparty
drwxr-xr-x 56 http http  4096 Jan 22 22:17 apps
-rw-r--r--  1 http http 15752 Jan 18 12:54 AUTHORS
lrwxrwxrwx  1 http http    29 Jan 18 12:54 config -> /etc/webapps/nextcloud/config
-rw-r--r--  1 http http  3910 Jan 18 12:54 console.php
-rw-r--r--  1 http http 34520 Jan 18 12:54 COPYING
drwxr-xr-x 23 http http  4096 Jan 23 08:27 core
-rw-r--r--  1 http http  5048 Jan 18 12:54 cron.php
lrwxrwxrwx  1 http http    26 Nov 23 11:45 data -> /mnt/euler/nextcloud/data/
-rw-r--r--  1 http http   156 Jan 18 12:54 index.html
-rw-r--r--  1 http http  2976 Jan 18 12:54 index.php
drwxr-xr-x  6 http http  4096 Jan 23 08:27 lib
-rwxr-xr-x  1 http http   283 Jan 18 12:54 occ
drwxr-xr-x  2 http http  4096 Jan 23 08:27 ocm-provider
drwxr-xr-x  2 http http  4096 Jan 23 08:27 ocs
drwxr-xr-x  2 http http  4096 Jan 23 08:27 ocs-provider
-rw-r--r--  1 http http  3056 Jan 18 12:54 public.php
-rw-r--r--  1 http http  5235 Jan 18 12:54 remote.php
drwxr-xr-x  4 http http  4096 Jan 23 08:27 resources
-rw-r--r--  1 http http    26 Jan 18 12:54 robots.txt
-rw-r--r--  1 http http  2381 Jan 18 12:54 status.php
drwxr-xr-x  3 http http  4096 Jan 23 08:27 themes
drwxr-xr-x  2 http http  4096 Jan 23 08:27 updater
-rw-r--r--  1 http http   363 Jan 18 12:54 version.php

/etc/webapps/nextcloud/config # ls -l
total 64
-rw-r--r-- 1 http http     0 Jan 18 12:54 CAN_INSTALL
-rw-r----- 1 http http  1775 Jan 23 08:27 config.php
-rw-r----- 1 http http  1774 Nov 25 02:36 config.php.bak
-rw-r--r-- 1 http http 53323 Jan 18 12:54 config.sample.php

Is this the first time you’ve seen this error? (Y/N): Yes

Steps to replicate it:

  1. Access web interface

The output of your Nextcloud log in Admin > Logging:

{"reqId":"aawitQukcWFjKXC19H0D","level":3,"time":"2020-01-23T18:20:21+00:00","remoteAddr":"99.38.248.72","user":"--","app":"no app in context","method":"GET","url":"/ocs/v2.php/core/navigation/apps?absolute=true&format=json","message":{"Exception":"Symfony\\Component\\Routing\\Exception\\RouteNotFoundException","Message":"Unable to generate a URL for the named route \"photos.page.index\" as such route does not exist.","Code":0,"Trace":[{"file":"/usr/share/webapps/nextcloud/lib/private/Route/Router.php","line":339,"function":"generate","class":"Symfony\\Component\\Routing\\Generator\\UrlGenerator","type":"->","args":["photos.page.index",[],1]},{"file":"/usr/share/webapps/nextcloud/lib/private/Route/CachingRouter.php","line":59,"function":"generate","class":"OC\\Route\\Router","type":"->","args":["photos.page.index",[],false]},{"file":"/usr/share/webapps/nextcloud/lib/private/URLGenerator.php","line":82,"function":"generate","class":"OC\\Route\\CachingRouter","type":"->","args":["photos.page.index",[]]},{"file":"/usr/share/webapps/nextcloud/lib/private/NavigationManager.php","line":293,"function":"linkToRoute","class":"OC\\URLGenerator","type":"->","args":["photos.page.index"]},{"file":"/usr/share/webapps/nextcloud/lib/private/NavigationManager.php","line":114,"function":"init","class":"OC\\NavigationManager","type":"->","args":[]},{"file":"/usr/share/webapps/nextcloud/apps/theming/lib/ThemingDefaults.php","line":182,"function":"getAll","class":"OC\\NavigationManager","type":"->","args":["guest"]},{"file":"/usr/share/webapps/nextcloud/lib/private/legacy/defaults.php","line":263,"function":"getShortFooter","class":"OCA\\Theming\\ThemingDefaults","type":"->","args":[]},{"file":"/usr/share/webapps/nextcloud/lib/public/Defaults.php","line":169,"function":"getLongFooter","class":"OC_Defaults","type":"->","args":[]},{"file":"/usr/share/webapps/nextcloud/core/templates/layout.guest.php","line":55,"function":"getLongFooter","class":"OCP\\Defaults","type":"->","args":[]},{"file":"/usr/share/webapps/nextcloud/lib/private/Template/Base.php","line":179,"args":["/usr/share/webapps/nextcloud/core/templates/layout.guest.php"],"function":"include"},{"file":"/usr/share/webapps/nextcloud/lib/private/Template/Base.php","line":151,"function":"load","class":"OC\\Template\\Base","type":"->","args":["/usr/share/webapps/nextcloud/core/templates/layout.guest.php",null]},{"file":"/usr/share/webapps/nextcloud/lib/private/legacy/template.php","line":181,"function":"fetchPage","class":"OC\\Template\\Base","type":"->","args":[null]},{"file":"/usr/share/webapps/nextcloud/lib/private/legacy/template.php","line":212,"function":"fetchPage","class":"OC_Template","type":"->","args":[null]},{"file":"/usr/share/webapps/nextcloud/lib/private/Template/Base.php","line":132,"function":"fetchPage","class":"OC_Template","type":"->","args":[]},{"file":"/usr/share/webapps/nextcloud/lib/private/legacy/template.php","line":300,"function":"printPage","class":"OC\\Template\\Base","type":"->","args":[]},{"file":"/usr/share/webapps/nextcloud/lib/base.php","line":269,"function":"printErrorPage","class":"OC_Template","type":"::","args":["Cannot write into \"config\" directory!","This can usually be fixed by giving the webserver write access to the config directory. See https://docs.nextcloud.com/server/18/go.php?to=admin-dir_permissions. Or, if you prefer to keep config.php file read only, set the option \"config_is_read_only\" to true in it. See https://docs.nextcloud.com/server/18/go.php?to=admin-config",503]},{"file":"/usr/share/webapps/nextcloud/lib/base.php","line":650,"function":"checkConfig","class":"OC","type":"::","args":[]},{"file":"/usr/share/webapps/nextcloud/lib/base.php","line":1089,"function":"init","class":"OC","type":"::","args":[]},{"file":"/usr/share/webapps/nextcloud/ocs/v1.php","line":33,"args":["/usr/share/webapps/nextcloud/lib/base.php"],"function":"require_once"},{"file":"/usr/share/webapps/nextcloud/ocs/v2.php","line":24,"args":["/usr/share/webapps/nextcloud/ocs/v1.php"],"function":"require_once"}],"File":"/usr/share/webapps/nextcloud/3rdparty/symfony/routing/Generator/UrlGenerator.php","Line":144,"CustomMessage":"--"},"userAgent":"Mozilla/5.0 (Macintosh) mirall/2.6.1stable (build 20191105) (Nextcloud)","version":"18.0.0.10"}

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

"instanceid": "***REMOVED SENSITIVE VALUE***",
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
    "nc.winstonyin.com",
    "localhost",
    "planck",
    "192.168.42.2"
],
"overwrite.cli.url": "https:\/\/nc.winstonyin.com",
"dbtype": "mysql",
"version": "18.0.0.10",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"memcache.local": "\\OC\\Memcache\\APCu",
"memcache.locking": "\\OC\\Memcache\\Redis",
"redis": {
    "host": "***REMOVED SENSITIVE VALUE***",
    "port": 0
},
"mail_smtpmode": "smtp",
"mail_smtpauthtype": "LOGIN",
"mail_smtpsecure": "ssl",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_smtpauth": 1,
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "465",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"enabledPreviewProviders": [
    "OC\\Preview\\PNG",
    "OC\\Preview\\JPEG",
    "OC\\Preview\\GIF",
    "OC\\Preview\\BMP",
    "OC\\Preview\\XBitmap",
    "OC\\Preview\\MP3",
    "OC\\Preview\\TXT",
    "OC\\Preview\\MarkDown",
    "OC\\Preview\\Movie"
],
"loglevel": 0,
"maintenance": false,
"updater.release.channel": "stable",
"theme": "",
"skeletondirectory": "",
"app_install_overwrite": [
    "files_downloadactivity",
    "apporder",
    "external"
],
"mysql.utf8mb4": true

The output of your Apache/nginx/system log in /var/log/____:

No relevant entries
1 Like
2

Hi winstonyin,

php-fpm 7.4 service has now protection to access folders on drive.

You can add this to your php-fpm service (systemctl edit php-fpm.service):

[Service]
ReadWritePaths = /mnt/euler/nextcloud/data/
ReadWritePaths = /usr/share/webapps/nextcloud/apps
ReadWritePaths = /etc/webapps/nextcloud/config/

THis will give acces to the folders differents folders :wink:

For more informations I did a long post here: [NC18] Problem to access data folder after upgrade to php 7.4

1 Like
3

Thank you for the solution. I knew it had to do with hardened security features, but didn’t know how to pinpoint it. Just a small correction that the apps directory path is /usr/share/webapps/nextcloud/apps/ with an s.

1 Like
4

Sorry to bring this thread up again but when I tried your solution I get

No files found for php-fpm.service.
Run 'systemctl edit --force --full php-fpm.service' to create a new unit.

Should I create a new unit and everything will be right?

5

Anyone know where to make those changes if your system doesn’t have systemctl? Running Ubuntu 20.04 on a WSL2 instance… Can’t for the life of me figure where to put that…