Integrity check failed core -> extra file -> .rnd

🚧 Installation
,
1

Typically would follow the standard support template but this issue seems generic and not OS dependent.

Fresh install of 14.0.4 on Ubuntu 18.10. Getting an integrity check fail but I can’t seem to pinpoint what’s causing it. Initially had it fail because of the tar archive left in the web-root but upon removing that, its complaining about a .rnd file. I had a suspicion this was related to the first fail so I wiped the directory and started fresh. Everything else works fine but it’s bugging me that I can’t seem to pinpoint what is causing the issue.

Results
=======
- core
	- EXTRA_FILE
		- .rnd

Raw output
==========
Array
(
    [core] => Array
        (
            [EXTRA_FILE] => Array
                (
                    [.rnd] => Array
                        (
                            [expected] =>

I can update this with additional information if necessary.

2

I have the same problem,
I wanted to update from 14.0.3 to 14.0.4 and get the error message,
is there already a solution?

3

Either remove the .rnd file from Nextcloud dir or move out outside, run the update and move it inside again.

I guess something from the webserver or some other tool/system component creates it automatically, but Nextcloud does not like it.
In case it needs to be added to the integrity check exclusion list.

You are both on Ubuntu 18.10?
Which webserver do you use?

1 Like
4

Took a lot of digging around and having to tree -a | grep .rnd to find the two copies of that file to fix it. One was in the ocs folder and the other the web root. Strangely enough, the error page doesn’t give the location of the files which is odd since it did when I had the install tar. Is this a bug or?

Edit:

Apache 2.4.34 with PHP 7.2.10.

Given how my issue was related to a clean install it doesn’t appear to be a update issue; perhaps it is Webserver related?

5

From the integrity check output I would have expected it at /path/to/nextcloud/core/.rnd :thinking:. Not sure why the full path is not shown there.

Perhaps if it’s in webroot, it is excluded from the check, but not if inside a sub dir.
Indeed, just checked, and I have /path/to/nextcloud/.rnd as well, but no integrity check issue.

Further research about where they come from: https://askubuntu.com/a/379947

  • Looks like from OpenSSL. According to the link you can safely remove them. Should be recreated automatically, if needed by OpenSSL.
6

Have deleted the file .rnd in /path/to/nextcloud/ and then made the update. Everything works.

3 Likes
7

I’ll mention my own approach to this issue, just to help the next ones and so they do not to get confused.

I had a similar problem and it was solved by simply deleting these files (I never restored them - I deleted them)

Details of my server

Operating system : Ubuntu server 16.04.6 LTS

Web server: Apache/2.4.39 (Ubuntu)

Database: MariaDB - 10.0.38

PHP version: 7.3.

Details mention here:

So @MichaIng, I didn’t move it them inside again.
@SuseB :+1:

Thank you. :slightly_smiling_face:

8

I just see the .rnd-file is written one time at login, but don’t know why.
Is it an error of the Nextcloud or an error of webserver/operating system ?
Ubuntu 18.04.2 LTS
Nextcloud 16.0.4

9

It is a “feature” of OpenSSL to collect entropy/randomness if required for cryptography tasks, so for any certificate or key generation, encrypted network connection and such. However I never found one on my systems, no sure in which case these are used. Actually there are kernel files that provide entropy /dev/random and /dev/urandom. Probably OpenSSL (or the software that use its libs) create those files if the regular entropy pool is empty or if they don’t have permissions to access, not sure. Hard to find details about it.

Permissions would be actually a good reason. Lets say the webserver has no /dev/urandom access, so it (respectively OpenSSL, when being called) creates .rnd in your webroot to collect randomness there outside of /dev/urandom. Most likely the users home is used to store this file, which fits to other reports I found. The webserver usually runs as www-data with /var/www as its home dir. In your case the file is /var/www/.rnd, right?

If you are in mood to track it down, could you paste the following to check permissions:
ls -l /dev/*random

10

Starting with Nextcloud 17 these files are ignored from integrity check and updater.


1 Like
11

How can I exclude other files as well? It seems that this specific file was added to the product updater code. That doesn’t help anybody else. I have files that are part of the webserver infrastructure (cgi-bin directory with some files) and are impossible to remove because then PHP and Nextcloud would no longer execute (and even the web server fail to start). Can I specify these files (or the entire directory) somewhere myself without yet another product patch for my specific environment?