Can't disable 2FA in CLI

Brian_Schroeder · December 24, 2017, 3:32am

Nextcloud version (eg, 10.0.2): 12.0.3
Operating system and version (eg, Ubuntu 16.04): unRAID
Apache or nginx version (eg, Apache 2.4.25): Not sure
PHP version (eg, 5.6): 5.7
Is this the first time you’ve seen this error?: See

Can you reliably replicate it? (If so, please outline steps): Yes

The issue you are facing:
I’m currently have 2FA turned on and I’ve lost the TOTP app. I need to disable the 2FA through cli.
I’m trying the following command: sudo -u www-data php occ twofactor:disable
Nextcloud is running as a docker on unRAID.
Through searching the internet I’ve found that it looks like I need to run this from a docker command. Here’s what I’ve been trying.
docker exec --user root 666cea3e788b php occ twofactor:disable
But I get the following out put.
Could not open input file: occ
Can anyone help me get this fixed? I’m locked out of Nextcloud right now.

The output of your Nextcloud log in Admin > Logging: Can’t access Nextcloud

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):Can’t access Nextcloud

The output of your Apache/nginx/system log in /var/log/____:Can’t access Nextcloud

budy · December 24, 2017, 7:35am

Hi,

you need to get the full path to occ. So either change to the nextcloud directory and issue

sudo -u www-data php .occ twofactor:disable

or

sudo -u www-data php <path/to/occ> twofactor:disable

Hth,
budy

Brian_Schroeder · December 24, 2017, 7:52am

Budy,
Thnaks for the reply.
When I run it from the directory
/mnt/user/appdata/nextcloud/www/nextcloud# sudo -u www-data php occ twofactor:disable
I get the following out put
sudo: unknown user: www-data
sudo: unable to initialize policy plugin

budy · December 24, 2017, 8:23am

Hi Brian,

in this case nextcloud is not running under the apache user. Issue a

ls -l

in the nextcloud directory and see who’s the owner of these files, then re-run the command with that user instead of www-data.

Brian_Schroeder · December 24, 2017, 8:35am

Budy,
Here’s the weird thing.
-rw-rw-r-- 1 nobody users 283 Sep 19 15:12 occ

If I run it as root, I get an error that the database can’t be accessed.

budy · December 24, 2017, 9:28am

Well… then you need to get inside the docker container, since the docker instance is somewhat isolated from the rest of the system. I haven’t used docker for some time, but it was something like

docker attach --sig-proxy=false <docker id>

Then check which user is running the web server. You can do it by searching for the httpd or nginx processes_

ps -ef | egrep -i '(apache|nginx|httpd)'

This should show you any running apache, httpd or nginx process along with it’s user id, which you can then use to reset the permissions on the nextcloud folder.
Please note, that I have zero experience with your particular setup of unRAID/Docker. If this doesn’t get you anywhere it would be time to ask the docker maintainer for guidance.

Brian_Schroeder · December 24, 2017, 6:26pm

budy,
Thanks for the help. When I use the following command I get no prompt.
docker attach --sig-proxy=false 666cea3e788b
Not sure what to do. When I enter the following command,
ps -ef | egrep -i '(apache|nginx|httpd)'
there’s no output

Brian_Schroeder · December 24, 2017, 7:04pm

I was able to get access to the container by the following
docker exec -it nextcloud /bin/bash
I then ran the following
ls -l
root is the owner of most of the files. I can’t find where occ is located.
I still get the following error when I run this command.
root@666cea3e788b:/$ sudo -u root php occ twofactor:disable
Could not open input file: occ

Brian_Schroeder · December 24, 2017, 7:16pm

budy,
I was able to find the occ location and successfully disabled 2FA.
Thanks for you help
Brian

budy · December 24, 2017, 11:45pm

Hi Brian,

glad to hear that.

Happy holidays,
budy