Changed file ownership by mistake

Nextcloud version 24.0.8.2
Operating system and version Ubuntu 22.04.1
Apache 2.4.52
PHP version 8.1
Virtualmin 7.3-1

I have nextcloud running under a virtual server (vs1).
/home/vs1/public_html/nextcloud/

I made the mistake of running “Validate Servers - Fix Permissions” in Virtualmin. It changed the ownership of all the files and directories under /vs1 to vs1:vs1

The nextcloud data files are under /srv/nextcloud/ and were unaffected

I have recursively changed the ownership of the /nextcloud folder and files back to www-data:www-data, but I am now getting:

from a web browser “No input file specified.”
davx is returning a 404 response
android apps show “No files found here”

Is there anything else I should do?

config.php file

<?php
$CONFIG = array (
  'instanceid' => 'ocqmqfc68kbd',
  'passwordsalt' => 
  'secret' => 
  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 =>'myserver'
    2 => '192.168.0.21',
  ),
  'datadirectory' => '/srv/nextcloud/data',
  'dbtype' => 'mysql',
  'version' => '24.0.8.2',
  'overwrite.cli.url' => 'http://myserver/nextcloud',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => '',
  'dbpassword' => '',
  'installed' => true,
  'mail_from_address' => 'raydon',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => 'myserver',
  'mail_smtphost' => 'myserver',
  'mail_smtpport' => '25',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_smtpauth' => 1,
  'mail_smtpname' => 
  'mail_smtppassword' => 
  'default_phone_region' => 'GB',
  'maintenance' => false,
  'theme' => '',
  'loglevel' => 2,
  'config_is_read_only' => false,
  'apps_paths' => 
  array (
    0 => 

Error log

[Wed Jan 04 00:00:11.414543 2023] [ssl:warn] [pid 1178] AH01906: myserver:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Jan 04 00:01:27.395130 2023] [fcgid:warn] [pid 21194] (104)Connection reset by peer: [client 192.168.0.1:63543] mod_fcgid: error reading data from FastCGI server
[Wed Jan 04 00:01:27.395188 2023] [core:error] [pid 21194] [client 192.168.0.1:63543] End of script output before headers: status.php
[Wed Jan 04 00:03:32.842724 2023] [access_compat:error] [pid 22408] [client 192.168.0.1:63687] AH01797: client denied by server configuration: /home/vs1/public_html/nextcloud/config/config.php

I think it is not an access problem. It is a problem of “file not found”.

Is it only ONE file or more files?

For only ONE file you can re-scan the Nextcloud database. Maybe it helps.

sudo -u www-data php /path/to/nextcloud/occ files:scan --all

documentation

I think it is no risk to execute the command.

Thanks for the quick reply.

I can’t access anything, files, calendars, or contacts.
There is no log in screen just the “No input file specified.” in the browser window when accessing it from https://myserver/nextcloud/
also the android and windows apps are disconnected.

Please use the the browser dev tools (F12) and then “Network”. Look the urls of the requested HTTP objects. Maybe there is only a wrong path. Post details.

  1. Request URL:

https://myserver/nextcloud/index.html

  1. Request Method:

GET

  1. Status Code:

200 OK

  1. Remote Address:

x.x.x.x:443

  1. Referrer Policy:

strict-origin-when-cross-origin

  1. Response HeadersView source

  2. Accept-Ranges:

bytes

  1. Connection:

Keep-Alive

  1. Content-Encoding:

gzip

  1. Content-Length:

144

  1. Content-Type:

text/html; charset=utf-8

  1. Date:

Wed, 04 Jan 2023 16:05:20 GMT

  1. ETag:

“9c-5ef6194393e34-gzip”

  1. Keep-Alive:

timeout=5, max=100

  1. Last-Modified:

Fri, 09 Dec 2022 09:14:21 GMT

  1. Referrer-Policy:

no-referrer

  1. Server:

Apache

  1. Strict-Transport-Security:

max-age=31104000; includeSubDomains

  1. Vary:

Accept-Encoding

  1. X-Content-Type-Options:

nosniff

  1. X-Frame-Options:

SAMEORIGIN

  1. X-Permitted-Cross-Domain-Policies:

none

  1. X-Robots-Tag:

none

  1. X-XSS-Protection:

1; mode=block

  1. Request HeadersView source

  2. Accept:

text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9

  1. Accept-Encoding:

gzip, deflate, br

  1. Accept-Language:

en-US,en;q=0.9

  1. Connection:

keep-alive

  1. Cookie:

nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true; nc_username=raydon; nc_token=OEdAM9YlalC6ZJTQXTF2EIVD0lx%2FoPrN; nc_session_id=ojp595finm14599ug2hfjdc4ei

  1. Host:

myserver

  1. sec-ch-ua:

“Not?A_Brand”;v=“8”, “Chromium”;v=“108”, “Microsoft Edge”;v=“108”

  1. sec-ch-ua-mobile:

?0

  1. sec-ch-ua-platform:

“Windows”

  1. Sec-Fetch-Dest:

document

  1. Sec-Fetch-Mode:

navigate

  1. Sec-Fetch-Site:

none

  1. Sec-Fetch-User:

?1

  1. Upgrade-Insecure-Requests:

1

  1. User-Agent:

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.54

‘’’
Then for index.php

‘’’

  1. Request URL:

https://myserver/nextcloud/index.php

  1. Request Method:

GET

  1. Status Code:

404 Not Found

  1. Remote Address:

x.x.x.x:443

  1. Referrer Policy:

no-referrer

  1. Response HeadersView source

  2. Connection:

Keep-Alive

  1. Content-Type:

text/html; charset=UTF-8

  1. Date:

Wed, 04 Jan 2023 16:05:20 GMT

  1. Keep-Alive:

timeout=5, max=99

  1. Referrer-Policy:

no-referrer

  1. Server:

Apache

  1. Strict-Transport-Security:

max-age=31104000; includeSubDomains

  1. Transfer-Encoding:

chunked

  1. X-Content-Type-Options:

nosniff

  1. X-Frame-Options:

SAMEORIGIN

  1. X-Permitted-Cross-Domain-Policies:

none

  1. X-Robots-Tag:

none

  1. X-XSS-Protection:

1; mode=block

  1. Request HeadersView source

  2. Accept:

text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9

  1. Accept-Encoding:

gzip, deflate, br

  1. Accept-Language:

en-US,en;q=0.9

  1. Connection:

keep-alive

  1. Cookie:

nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true; nc_username=raydon; nc_token=OEdAM9YlalC6ZJTQXTF2EIVD0lx%2FoPrN; nc_session_id=ojp595finm14599ug2hfjdc4ei

  1. Host:

myserver

  1. sec-ch-ua:

“Not?A_Brand”;v=“8”, “Chromium”;v=“108”, “Microsoft Edge”;v=“108”

  1. sec-ch-ua-mobile:

?0

  1. sec-ch-ua-platform:

“Windows”

  1. Sec-Fetch-Dest:

document

  1. Sec-Fetch-Mode:

navigate

  1. Sec-Fetch-Site:

same-origin

  1. Upgrade-Insecure-Requests:

1

  1. User-Agent:

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.54

‘’’

Remember to chown AND chmod recursively.

PHP files needs to be atleast executable.

I had all the file permissions set to 0644. Changing the PHP files to 0755 has done the trick. All up and running again
Many thanks.

It should be 640 for files and 750 for folders for the entire data folder contents. Having data files world-readable may be a security hazard.

That brings up a couple more questions

The original issue was that all files, except from those in the data folder, had been changed to 0644 including the .php ones by an external program
What is the recommended setting for the .php and any other nextcloud system files?

In my system creating a data folder from a nextcloud app gives permissions of 0755 and 0644 for the files in it.
Is there a default setting in nextcloud to change this?