Groupfolder, encryption active: write on the filesystem but fails to list

🍱 Features & apps groupfolders
1

Hello,

Nextcloud version (eg, 10.0.2): 12.0.3
Operating system and version (eg, Ubuntu 16.04): Devuan testing
Apache or nginx version (eg, Apache 2.4.25): nginx 1.6.2-5+deb8u4
PHP version (eg, 5.6): php7.0-fpm 7.0.19-1

Is this the first time you’ve seen this error?: Yes

Can you reliably replicate it? (If so, please outline steps): Yes

The issue you are facing:

With groupfolder, encryption activated (standard module - which should not affect groupfolders), file update is not possible in the said groupfolder.

User belongs to the relevant group, relevant group having write access configured.

Strange thing is when trying an upload or a file creation, the interface return an error message and list no new file. But checking on the relevant folder on the filesystem, we can see that the wanted file has been actually created. It is just not listed.

So the upload/file creation process does work. But the problem is that the file is not listed afterwards.

The output of your Nextcloud log in Admin > Logging:

Error no app in context Couldn’t re-calculate unencrypted size for __groupfolders/4/xxx.ods 2017-11-30T16:31:29+0100
Error no app in context Could not find mount point, can’t keep encryption keys 2017-11-30T16:31:28+0100
Fatal webdav BadMethodCallException: path needs to be relative to the system wide data folder and point to a user specific file 2017-11-30T16:17:31+0100
Error no app in context Could not find mount point, can’t keep encryption keys 2017-11-30T16:17:31+0100
Error no app in context Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you. 2017-11-30T16:00:04+0100
Error no app in context OC\Encryption\Exceptions\DecryptionFailedException: Can not decrypt this file, probably this is a shared file. Please ask the file owner to reshare the file with you. 2017-11-30T16:00:04+0100
Error no app in context Couldn’t re-calculate unencrypted size for files_versions/Documents/xxx.ods.v1511294476

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

$CONFIG = array (
‘instanceid’ => ‘XXXXXXXXXXXXXXX’,
‘passwordsalt’ => ‘XXXXXXXXXXXXXXXXX’,
‘secret’ => ‘XXXXXXXXXXXXXXXXXXXXXXXXXXx’,
‘trusted_domains’ =>
array (
0 => ‘XXXXXXX’,
1 => ‘XXXXXXX’,
2 => ‘XXXXXXXX’,
),
‘datadirectory’ => ‘/data’,
‘overwrite.cli.url’ => ‘https://XXXXXXXX’,
‘dbtype’ => ‘mysql’,
‘version’ => ‘12.0.3.3’,
‘dbname’ => ‘XXXXXXXXXXXX’,
‘dbhost’ => ‘localhost’,
‘dbport’ => ‘’,
‘dbtableprefix’ => ‘oc_’,
‘dbuser’ => 'XXXXXX,
‘dbpassword’ => ‘XXXXXXXXXXXXXf’,
‘installed’ => true,
‘memcache.local’ => ‘\OC\Memcache\APCu’,
‘memcache.locking’ => ‘\OC\Memcache\Redis’,
‘redis’ => array(
‘host’ => ‘localhost’,
‘port’ => 6379,
),
‘mail_smtpmode’ => ‘smtp’,
‘mail_smtpauthtype’ => ‘PLAIN’,
‘mail_domain’ => ‘XXXXXXXX’,
‘mail_from_address’ => ‘bot’,
‘mail_smtphost’ => ‘localhost’,
);

2

It does not work with encryption:

Without external storage, you shouldn’t use encryption since there are very little benefits and much potential problems due to increased complexity of code.

3

I guess I was not clear enough:

The problem is not whether files in groupfolder are encrypted or not. The problem is that, on a setup where encryption apps is active, groupfolder is unusable.

Whether users should or should not use encryption is irrelevant.

Suggesting deactivating encryption site-wide because groupfolder apps is not able to handle it is not a fix.
Either nextcloud should not even allow encryption at all or apps unable to deal with encryption should be able to workaround it.

If, as you wrote “it does not work”, then why the hell does it even tries to? What is the point of groupfolders if it is just a broken implementation of shared folders.

4

The groupfolder app was introduced this year and the implementation was not fully finished. As you suggested, it would be great to implement encryption or don’t allow to use it with encryption enabled as long as it doesn’t work. For such requests, go to https://github.com/nextcloud/groupfolders/issues

Problem with encryption app is that many people think it is a great solution to protect their data even though in many cases (without external storage) it doesn’t. It was designed to protect data on external storage.

If you use external storage, turning of encryption is no suitable workaround. In this case, the groupfolder app is just not ready yet. From the documentation it is not clear, if you can have an unencrypted groupfolder within an encrypted setup (it doesn’t seem to work).

5

Hello,

I understand well the limits of encryption on such share folder. Problem is so far is that you are forced to either not use groupfolder at all or not use encryption at all.

If groupfolder cannot go along encryption, so be it. But encryption should then be off for groupfolder and still be on for the rest, where it can actually works.

6

Feel free to open an issue on the bug tracker.

Unfortunately that seems to be the current situation. As a user you can just try to get involved into the development yourself, as a business you can get enterprise support to push this topic higher in the agenda, with bountyhunter you can just put some money on a specific problem, or you must wait.

1 Like