Failure to delete files in the web updater

Hi all,

I’ve just tried to use the web updater for an update from 20.0.0 to 20.0.1 and hit an odd situation. The updater goes through all of the steps happily, but then falls over when trying to delete files (step 9). It claims that it cannot delete many of them - which is strange, as they are owned by the web user and the permissions are set to 644 (files) and 755 (directories).

Looking at the updater.log file, I can see where it is failing, so I can move/delete the files and folders that it is having an issue with. However, it eventually gets to the point where it wants to delete “…/core”, which I can do manually, but then when I rerun it, it throws an error that it cannot now get to “…/core/shipped.json”. Looking at the updater.php code, this suggests that it doesn’t even try the deletion of the files if this file doesn’t exist

Luckily, I restored the files from the earlier backup, and it now works. Is this likely to be a bug, or is it more likely to be a configuration issue? I can probably manage to try again another day if needed, but I’m not currently in a position to fiddle with something that has some of my data synced through it :slight_smile:

I’ve been running Nextcloud for a couple of years, but a mis-typed command recently destroyed the virtual drive that the server was running on, so this is a brand new VM, only installed in the last 2 weeks.

I’ve finally had time to look into this properly, when I’m not on the end of a VPN connection to the server VM, and could easily create snapshots before breaking things. It turned out that it was weird permissions issues. Somehow, although it had installed happily as v20.0.0, the permissions had ended up in a way that meant that it wouldn’t delete or copy files in the relevant directories. This was proved by trying to duplicate what the installer (look at /var/local/nextcloud/updater.log) was failing to do by using

sudo -u www-data < cmd >

I’ve left some information about this for anyone else looking, as my original frantic searches after breaking it weren’t very helpful.

I’ve got Nextcloud installed in /var/www/cloud, with the data in /var/local/nextcloud.

The setgid bit was set on /var/local/nextcloud and the ownership was www-data:staff, not www-data:www-data. Several other directories were set like this, and two also had the setgid bit set. So I fixed that as root with:

$ chown -Rv www-data:www-data /var/local/nextcloud
$ chmod -Rv g-s /var/local/nextcloud/appdata_ocn41lzh8x5j/ # and any others that have setgid bit set

That should have fixed the deletion errors.

I had also tried to skip the deletion code (I found a suggestion for disabling the deletion step on the updater github issues list), which then threw up a problem with creating directories in /var/www/cloud. I checked the ownership, no problems for the contents of the cloud directory. However, the /var/www/cloud directory itself was owned by root:root, so I changed that to www-data:www-data to overcome this.

Rather than try to update via the website, I used the CLI update method

sudo -u www-data php updater.phar

and everything worked perfectly. Now all I have to do is work out why the permissions were like that (perhaps I tried too hard with the security settings). On the plus side, I’ve finally understood how the setuid/setgid bits work - it’s only taken me 17 years of using Linux as a desktop operating system… :slight_smile: