Nextcloud down after update 18.0.1 to 18.0.3

jooohannes · March 26, 2020, 9:29am

I’ve run the update (webupdater) from NC 18.0.1 to 18.0.3 and afterwards the maintenance mode was still activated (although the nextcloud.log stated it was deactivated).
After manually deactivating maintenance mode via config.php there was a “internal server error” and when trying to get in contact with the nextcloud again via occ it stated it was not installed and only some commands are available.
In the 5th trial running occ maintenance:install and afterwards occ upgrade worked and now it states via occ status

  - installed: true
  - version: 18.0.3.0
  - versionstring: 18.0.3
  - edition:

But when I try to reach NC via the web it says:

Das Schreiben in das „config“-Verzeichnis ist nicht möglich!

Dies kann zumeist behoben werden, indem dem Web-Server Schreibzugriff auf das Konfigurationsverzeichnis eingeräumt wird. Siehe auch https://docs.nextcloud.com/server/18/go.php?to=admin-dir_permissions. Oder wenn Sie möchten, dass die Datei config.php schreibgeschützt bleiben soll, dann setzen Sie die Option "config_is_read_only" in der Datei auf True. Siehe https://docs.nextcloud.com/server/18/go.php?to=admin-config

But the config directory isn’t write protected - looks like all the other directories regarding its permissions.

Any idea how to get out of this lockout?

Nextcloud version: 18.0.3.0
Operating system and version : Gentoo Base System release 2.6
PHP version: 7.2

config.php

<?php
$CONFIG = array (
  'instanceid' => 'xxx',
  'passwordsalt' => 'xxx',
  'secret' => 'xxx',
  'trusted_domains' => 
  array (
    0 => 'cloud.distrikt-ost.de',
  ),
  'datadirectory' => 'xxx/nextcloud/data',
  'dbtype' => 'mysql',
  'version' => '18.0.3.0',
  'overwrite.cli.url' => 'https://cloud.distrikt-ost.de',
 
  'installed' => true,
  'maintenance' => false,
  'theme' => '',
  'loglevel' => 2,
  'mail_from_address' => 'xxx',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => 'xxx',
  'mail_smtpauthtype' => 'PLAIN',
  'mail_smtphost' => 'xxx',
  'mail_smtpport' => '465',
  'mail_smtpsecure' => 'ssl',
  'mail_smtpauth' => 1,
  'mail_smtpname' => 'xxx',
  'mail_smtppassword' => 'xxx',
  'skeletondirectory' => 'xxx',
  'default_language' => 'de',
  'app_install_overwrite' => 
  array (
    0 => 'impersonate',
    1 => 'groupfolders',
    2 => 'fulltextsearch_elasticsearch',
  ),
  'updater.secret' => 'xxx',
);

michi · March 26, 2020, 9:52am

Hi @jooohannes,

can you post the permissons of file config.php?

BR
Michael

jooohannes · March 26, 2020, 10:47am

Thanks for this hint - I was 640 for config.php, changed it to 666 and now I’m in again (and hope that was the only problem).

victorbw · March 26, 2020, 10:58am

are you sure you want to keep it on 666?
owner: read & write
group: read & write
others: READ & WRITE??

id suggest to set it either to 640, 660 or even 600, depends on who the owner is.

michi · March 26, 2020, 11:10am

i can only agree to victorbw! 666 is a bad idea…
are you sure the config file has the right owner/group?

C138 · March 26, 2020, 11:10am

I’m rather surprised that it seems that permissions for config.php has to be “guessed” ??

What is the right rule ? (u+rw ? ug+rw?)
And how is the rule checked during an upgrade ?
(What about the next upgrade?)

BTW, we are in 2020, why don’t we specify using ug+rwx notation…
640/660/… are never clearly displayed.

victorbw · March 26, 2020, 12:15pm

As ive written: depends on how he runs it and who the owner is.

So then, youre free to use your notation. As far as i can remember, the manual has its own hardenning topping so better get a reference on that.

BlueMail for Android herunterladen

jooohannes · March 26, 2020, 5:38pm

It was on 640 and that wasn‘t enough as it seems. I don‘t even get why more than this is necessary to get anything displayed, as the Config isn’t changed that often or am I wrong?

victorbw · April 24, 2020, 7:28am

I have it on 640 as well, and it runs perfectly fine.