Running in to the same issue on NC 18.0.4.2. All though manual update is a option I like to use web update.
Server configuration detail
Operating system: Linux 4.4.0-170-generic #199-Ubuntu SMP Thu Nov 14 01:45:04 UTC 2019 x86_64
Webserver: Apache/2.4.18 (Ubuntu) (apache2handler)
Database: mysql 10.0.38
PHP version: 7.4.8
Modules loaded: Core, date, libxml, openssl, pcre, zlib, filter, hash, Reflection, SPL, session, standard, sodium, apache2handler, mysqlnd, PDO, xml, apcu, bz2, calendar, ctype, curl, dom, mbstring, FFI, fileinfo, ftp, gd, gettext, iconv, igbinary, imagick, imap, intl, json, exif, memcache, msgpack, mysqli, pdo_mysql, apc, posix, pspell, readline, redis, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tidy, tokenizer, xmlreader, xmlwriter, xsl, zip, Phar, memcached, Zend OPcache
Nextcloud version: 18.0.4 - 18.0.4.2
Updated from an older Nextcloud/ownCloud or fresh install:
Where did you install Nextcloud from: unknown
Signing status
Array ( )
List of activated apps
Enabled: - accessibility: 1.4.0 - activity: 2.11.0 - audioplayer: 2.10.1 - bruteforcesettings: 1.6.0 - calendar: 2.0.3 - cloud_federation_api: 1.1.0 - cms_pico: 1.0.7 - contacts: 3.3.0 - dav: 1.14.0 - documentserver_community: 0.1.7 - extract: 1.2.4 - federatedfilesharing: 1.8.0 - federation: 1.8.0 - files: 1.13.1 - files_antivirus: 2.4.1 - files_external: 1.9.0 - files_markdown: 2.3.0 - files_pdfviewer: 1.7.0 - files_rightclick: 0.15.2 - files_sharing: 1.10.1 - files_trashbin: 1.8.0 - files_versions: 1.11.0 - files_videoplayer: 1.7.0 - logreader: 2.3.0 - lookup_server_connector: 1.6.0 - maps: 0.1.6 - nextcloud_announcements: 1.7.0 - notifications: 2.6.0 - oauth2: 1.6.0 - ocdownloader: 1.7.8 - onlyoffice: 4.3.0 - password_policy: 1.8.0 - passwords: 2020.7.0 - photos: 1.0.0 - printer: 0.0.3 - privacy: 1.2.0 - provisioning_api: 1.8.0 - rainloop: 6.1.4 - recommendations: 0.6.0 - serverinfo: 1.8.0 - settings: 1.0.0 - sharebymail: 1.8.0 - support: 1.1.0 - survey_client: 1.6.0 - text: 2.0.0 - theming: 1.9.0 - twofactor_backupcodes: 1.7.0 - twofactor_totp: 4.1.3 - updatenotification: 1.8.0 - viewer: 1.2.0 - workflowengine: 2.0.0 Disabled: - admin_audit - comments - encryption - firstrunwizard - systemtags - user_ldapConfiguration (config/config.php)
{ "instanceid": "***REMOVED SENSITIVE VALUE***", "passwordsalt": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "trusted_domains": [ "cloud.vstans.nl", "office.vstans.nl" ], "datadirectory": "***REMOVED SENSITIVE VALUE***", "overwrite.cli.url": "https:\/\/cloud.vstans.nl", "dbtype": "mysql", "version": "18.0.4.2", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbport": "", "dbtableprefix": "oc_", "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "memcache.local": "\\OC\\Memcache\\Redis", "redis": { "host": "***REMOVED SENSITIVE VALUE***", "port": 6379 }, "logtimezone": "Europe\/Amsterdam", "has_internet_connection": true, "check_for_working_webdav": true, "installed": true, "loglevel": 1, "maintenance": false, "log_rotate_size": 1485760, "mail_smtpmode": "sendmail", "mail_from_address": "***REMOVED SENSITIVE >VALUE***", "mail_domain": "***REMOVED SENSITIVE VALUE***", "app.mail.imaplog.enabled": "true", "mail_smtpauthtype": "LOGIN", "mail_smtphost": "***REMOVED SENSITIVE VALUE***", "mail_smtpport": "587", "enabledPreviewProviders": [ "OC\\Preview\\PNG", "OC\\Preview\\JPEG", "OC\\Preview\\GIF", "OC\\Preview\\BMP", "OC\\Preview\\XBitmap", "OC\\Preview\\TXT", "OC\\Preview\\MarkDown", "OC\\Preview\\NFO" ], "updater.release.channel": "stable", "theme": "", "trashbin_retention_obligation": "auto, 365", "mail_smtpsecure": "tls", "mail_smtpauth": 1, "mail_smtpname": "***REMOVED SENSITIVE VALUE***", "mail_smtppassword": "***REMOVED SENSITIVE >VALUE***", "mysql.utf8mb4": true, "app_install_overwrite": [ "admin_notifications", "printer" ], "updater.secret": "***REMOVED SENSITIVE VALUE***" }External storages: yes
External storage configuration
+----------+-------------+---------+---------------------+------------------>----------+-----------------+------------------+-------------------+-------+ | Mount ID | Mount Point | Storage | Authentication Type | >Configuration | Options | Applicable Users | >Applicable Groups | Type | +----------+-------------+---------+---------------------+------------------>----------+-----------------+------------------+-------------------+-------+ | 1 | /Muziek | Lokaal | Geen | datadir: "\/cloud\/muziek" | readonly: false | | muziek | Admin | | 2 | /Share | Lokaal | Geen | datadir: "\/cloud\/Films" | readonly: true | | films | Admin | | 4 | /Share | Lokaal | Geen | datadir: "\/cloud\/Films" | readonly: false | | FilmsW | Admin | +----------+-------------+---------+---------------------+----------------------------+-----------------+------------------+-------------------+-------+Encryption: no
User-backends:
- OC\User\Database
Browser: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0.
Running the command
gave the output :
Insert as “updater.secret”: $2y$10$u0IdmH2PTo7zloPHwR4W4eYtmEzh1q.uKK6hBMolPpIKVzCgkrQj6
The plaintext value is: CQPJsjNCLglF5omB0S4cxPv5vJB7p/os5tnKYFdSkNuWzBTIEaHPa5Qm5Qu3XAQB
I then copied the first line value and replaced it with the line in my NC config.php
‘updater.secret’ => ‘$2y$10$u0IdmH2PTo7zloPHwR4W4eYtmEzh1q.uKK6hBMolPpIKVzCgkrQj6’,
just before
);
I then saved the file and retied the web updater. It just runs and doesn’t even asked for the plain password :s
Web update went well and am now on 18.0.7. Tried to update to 19.0.1 and run into the same problem.
Now I removed the line updater.secret from the config.php completly and the web update again starts as normal.
This seems like some sort of security messure as after the update to 19.0.1 the line reappears in my config with a new value.
Security Status