Passwords missing for 1 user

mercrapper · March 22, 2023, 7:23pm

Hi All,
I had nextcloud running in LXC, then all of a sudden it stopped supporting the php version I was using, long story short, I decided to migrate to a docker set up. I was able to grab all the files and export the database from the old setup and import into the new set up. After some fiddling around, I was able to get the docker set up working (mostly). I installed the passwords app (I had restored the tables and the secrets from the config.php) and logged in with one of the users (I have 2 aside from the admin) and saw all my passwords for that user had been restored, but when I checked my passwords for the other user, it’s empty. When I query the oc_passwords_password table, I can see the entries for my 2nd user, so why isn’t the app finding them?

I have tried restoring occ repair, everything I could find on the internet to fix this. I’m out of ideas and search results. Does anybody know why one user’s passwords would be restored while the other one is missing?

rawtaz · March 22, 2023, 7:30pm

I can’t say why, but if you have any programming experience you can dig into the source code of the passwords app and debug it. It shouldn’t be that much code, and you can start e.g. at the point where you (by having searched for it in that password app folder) find the table name (without prefix), since that is where something related to reading the data is going on.

mercrapper · March 22, 2023, 10:48pm

SO doing a little more debugging, I found out that all of the passwords for that user are in a deleted state (in the oc_passwords_password(_rv) and oc_passwords_folders(_rv) tables. I tried to update the deleted flag from 1 to 0, but now I am getting an “HMAC does not match.”. I did have the passwords encrypted before the server went down, but for some reason the encryption did not get restored on the new server (NOTE : it was restored for the other account).

I tried setting up encryption with the same password, but that didn’t work (long shot I know).

So how do I restore the encryption for that user so I can get my passwords decrypted?
Or is there a way to decrypt the passwords in the database (I know the password).

rawtaz · March 22, 2023, 11:01pm

Nice job, and interesting. Personally I haven’t used this app. Is there perhaps an export and import feature you can use on the old and new instance of NC?

Personally I would look into how the HMAC is calculated etc, so see where things go wrong.

EDIT: What piece is it you mean has not been migrated? Something in the database (seems unlikely)? Some file in the filesystem (possible, perhaps some appdata files)?

mercrapper · March 22, 2023, 11:10pm

Ok, I must of screwed something up when I did the restore last time.
I just restored my db from the back up again and everything is working again. Both accounts have their passwords back.

Thanks for the push to look a little deeper.

rawtaz · March 22, 2023, 11:11pm

Nice! No idea how you managed to restore it in a non-working way

mercrapper · March 22, 2023, 11:16pm

I think it was the config.php. Initially I had not restored it, so the instanceid, passwordsalt and secret were all different.

I did update it after to get the user1 working, but it didn’t work for user 2. A maintenance job must have deleted all the passwords for user 2.

In any case, I guess it goes to show how important it is to follow the directions exactly.

rawtaz · March 22, 2023, 11:28pm

I see. Yeah, generally speaking in order to back up and restore a Nextcloud instance there are three parts:

The database (dump and restore as SQL)
The data files (in the data folder)
The Nextcloud HTML files (includes the config files and so on)

With all of these, one cannot fail :>

a3linux · March 23, 2023, 12:36am

Nice sharing.
I think that’s why I backup my database every hour and will roll out recovery procedure on a test machine to simulate the disaster(DR).