Occ error after update 14

Hi @JimmyKater

Can you post your error messages again? What’s written in the nextcloud log?

OK :slight_smile:
Change directory to your NC installation folder (probably /var/www/nextcloud). Then run:

ls -lR | grep -E "^dr|^-r" | grep -v "`ps -ef | grep apache | grep -v root | awk '{print $1}' | sort | uniq`"

Not a nice command, but I don’t know your web server user :stuck_out_tongue:

1 Like
  1. The database is missing some indexes. Due to the fact that adding indexes on big tables could take some time they were not added automatically. By running “occ db:add-missing-indices” those missing indexes could be added manually while the instance keeps running. Once the indexes are added queries to those tables are usually much faster.
     Missing index “share_with_index” in table “oc_share”.
     Missing index “parent_index” in table “oc_share”.
     Missing index “fs_mtime” in table “oc_filecache”.

2.The “Referrer-Policy” HTTP header is not set to “no-referrer”, “no-referrer-when-downgrade”, “strict-origin” or “strict-origin-when-cross-origin”. This can leak referer information.

i guess this could be solved by this thread (haven’t tried it yet, though)

Error PHP Undefined index: parent at /var/www/nextcloud/lib/private/Files/Cache/Cache.php#168 2018-12-10T22:17:57+0100

yes. user is www-data… too bad that your command showed no result on the screen :frowning:

does this help?

root@nextcloud:/var/log# ls -la /var/www/nextcloud
total 164
drwxr-xr-x 15 www-data www-data 4096 Dec 10 19:44 .
drwxr-xr-x 7 root root 4096 Dec 10 15:28 …
-rw-r–r-- 1 www-data www-data 2850 Dec 10 20:26 .htaccess
-rw-r–r-- 1 www-data www-data 163 Dec 10 19:42 .user.ini
drwxr-xr-x 33 www-data www-data 4096 Dec 10 19:42 3rdparty
-rw-r–r-- 1 www-data www-data 12063 Dec 10 19:42 AUTHORS
-rw-r–r-- 1 www-data www-data 34520 Dec 10 19:42 COPYING
drwxr-xr-x 82 www-data www-data 4096 Dec 10 21:59 apps
drwxr-xr-x 2 www-data www-data 4096 Dec 10 19:44 config
-rw-r–r-- 1 www-data www-data 3650 Dec 10 19:42 console.php
drwxr-xr-x 18 www-data www-data 4096 Dec 10 19:45 core
-rw-r–r-- 1 www-data www-data 4979 Dec 10 19:44 cron.php
drwxr-x— 6 www-data www-data 4096 Aug 7 2017 data
-rw-r–r-- 1 www-data www-data 179 Dec 10 19:42 index.html
-rw-r–r-- 1 www-data www-data 3171 Dec 10 19:45 index.php
drwxr-xr-x 6 www-data www-data 4096 Dec 10 19:42 lib
-rw-r–r-- 1 www-data www-data 283 Dec 10 19:44 occ
drwxr-xr-x 2 www-data www-data 4096 Dec 10 19:42 ocm-provider
drwxr-xr-x 2 www-data www-data 4096 Dec 10 19:44 ocs
drwxr-xr-x 2 www-data www-data 4096 Dec 10 19:44 ocs-provider
-rw-r–r-- 1 www-data www-data 2971 Dec 10 19:45 public.php
-rw-r–r-- 1 www-data www-data 5139 Dec 10 19:45 remote.php
drwxr-xr-x 4 www-data www-data 4096 Dec 10 19:42 resources
-rw-r–r-- 1 www-data www-data 26 Dec 10 19:42 robots.txt
drwxr-xr-x 12 www-data www-data 4096 Dec 10 19:42 settings
-rw-r–r-- 1 www-data www-data 2232 Dec 10 19:45 status.php
drwxr-xr-x 3 www-data www-data 4096 Dec 10 19:42 themes
drwxr-xr-x 2 www-data www-data 4096 Aug 6 2017 updater
-rw-r–r-- 1 www-data www-data 362 Dec 10 19:42 version.php

Then your permission should be set correctly.

That’s probably not the right thread. In the earlier versions the header needed to be added manually, but with NC 14.0.4 the header was added already. Usually, the check fails, if the header is set twice.

Please check here if that’s the case and the header is really set twice:

If it’s set twice, this might probably help:

Or removing the header from one of the locations. I’m currently trying to find the many threads that were opened recently. If I find them, I’ll post them here.

For the DB part, run:
sudo -u www-data php /var/www/nextcloud/occ db:add-missing-indices

1 Like

it won’t run
with the following errors

root@nextcloud:/var/log# sudo -u www-data php /var/www/nextcloud/occ db:add-missing-indices
An unhandled exception has been thrown:
ArgumentCountError: Too few arguments to function OCA\GroupFolders\Command\ExpireGroupVersions::__construct(), 0 passed in /var/www/nextcloud/lib/private/Console/Application.php on line 222 and exactly 1 expected in /var/www/nextcloud/apps/groupfolders/lib/Command/ExpireGroupVersions.php:34
Stack trace:
#0 /var/www/nextcloud/lib/private/Console/Application.php(222): OCA\GroupFolders\Command\ExpireGroupVersions->__construct()
#1 /var/www/nextcloud/lib/private/Console/Application.php(134): OC\Console\Application->loadCommandsFromInfoXml(Array)
#2 /var/www/nextcloud/console.php(95): OC\Console\Application->loadCommands(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#3 /var/www/nextcloud/occ(11): require_once(’/var/www/nextcl…’)

Here we go:
the other solution is, to remove or comment the header setting from the apache config file (/etc/apache2/apache2.conf):

To remove it from the .htaccess now, doesn’t make any sense to me, because it will be added by nextcloud with every update. Removing Header always set Referrer-Policy "no referrer" from apache config should be more future-proof.

1 Like

Did you update the app groupfolders to the latest version right before?
When I wanted to run occ to find out the correct commands for the DB index I noticed that occ didn’t run on my server as well. For me this issue occured with the last groupfolders update.

I “solved” that issue by moving the “groupfolders” folder out of /var/www/nextcloud/apps/; i.e.
mv /var/www/nextcloud/apps/groupfolders ~/

Edit: Issue with groupfolders confirmed:

1 Like

at least now the add-command runs through.
so that solved MY problem with the db as well. thanks.

how do i mv it back? or would a new installation of it be better?

i need to check the other error on like tomorrow. i’m sure there’s a solution as well.

thank you very much for your help!!! i really appreciate it

1 Like

I don’t suggest moving version 2.0 back in. On github the users are reporting heavy server load and log file flooding.
Best is probably to wait for the next version and install the new and fixed version from the app store. I’ll do that this way.

And yeah, the other message will probably disappear as soon as you comment out one content-policy-header setting.

1 Like

i commented that out like this:

#<IfModule mod_headers.c>
#  Header always set Referrer-Policy "no-referrer"

but somehow it seems that it didn’t work out the way we expected it because the error didnt vanish

Hi Jimmy,

can you run your site through securityheaders.com and see whether it says something along the lines in the “Warning box”

There was a duplicate.....

If there is, this is causing the message Header always set Referrer-Policy "no referrer" to appear in your admin panel.

I had the same issue and checked in the apache configs as well as in the nginx configs and the .htaccess. I agree with Schmu, I would leave it in the .htaccess since NC is always adding it there with each update you do.

thanks @CFelix for joining in here :slight_smile:

i ran my site through the link you provided and it came up with the following warnings


Content-Security-Policy This policy contains ‘unsafe-eval’ which is dangerous in the script-src directive.
Referrer-Policy There was a duplicate Referrer-Policy header.

and this missing thing

Missing Headers

Feature-Policy Feature Policy is a new header that allows a site to control which features and APIs can be used in the browser.

ummm. noob-question: where do i find the ngix.conf, usually?

That depends if you have nginx installed and running.

To check whether nginx is installed:
nginx -v

And if it’s installed, see if it’s running:
ps aux | grep nginx

If both are true, you can find the config at /etc/nginx

If you are not running nginx, did you reload/restart Apache, after you have done the changes to your config?

1 Like

darn that did the trick! thanks :blush:

but the warning

Content-Security-Policy This policy contains 'unsafe-eval' which is dangerous in the script-src directive.

remains. as well as missing headers about feature policy

Ah I remember this one as well but couldn’t find a proper solution for it as of now. As far as I understand, NC is setting this SecurityHeader automatically via a PHP file but for some odd reason, it doesn’t work on all of the servers I tried it on.

I keep looking at this and will get back as soon as I found something

1 Like

“unsafe-eval” was necessary for NC to work at all. With NC15 developers were finally able (after long time of trying/ changing code) to remove that header. Still a few apps have to be changed to continue working without this header setting.
Nonetheless, don’t worry about it, for the time you still use <=NC14.0.4.

Developers already reduced the risk of that header by creating a nounce (probably not the correct terminology).

The feature policy header was also introduced in NC15 afaik. This is a very new header anyway. Just wait for NC15, it’s totally fine.


@Schmu @CFelix :heart: :heart: :heart: :heavy_heart_exclamation:

Hey @Schmu

I found this as well somewhere on here but thought there must be more to it as I only have it on some servers but not on all.

But that’s some good info right there, looking forward to NC15

Hi guys, I just wanted to update you, that NC15 indeed removed unsafe-eval from the CSP. I just checked that on my server.
For “Feature-Policy” on the other hand I cannot make a reliable statement. I “fixed” that for me before and don’t want to remove that for now. Maybe you can perform the header scan again, when on NC15 and report back, if the test tells that Feature-Policy is set.

For CSS it is still unsafe-inline by the way. I think this is still in for backward compatibility of apps which haven’t been fully updated. Will be fixed soon I guess.

1 Like