[solved] Occ commands are not running

Nextcloud version (eg, 12.0.2): 14.0.1
Operating system and version (eg, Ubuntu 17.04): Alpine Linux 3.8
Apache or nginx version (eg, Apache 2.4.25): Nginx 1.14.0
PHP version (eg, 7.1): 7.2.10

The issue you are facing:
I want to run occ command to set Nextcloud in maintenance mode:
su nginx -c "php occ maintenance:mode --on"

However validating the config-file config.php shows that the command was not successfull:

ct114-devcloud:/# tail /var/www/nextcloud/config/config.php
  'mail_smtpauthtype' => 'LOGIN',
  'mail_smtpauth' => 1,
  'mail_smtphost' => 'smtp.gmail.com',
  'mail_smtpport' => '587',
  'maintenance' => false,

I checked if occ commands are generally working w/o success:

ct114-devcloud:/# su nginx -c 'php /var/www/nextcloud/occ status'
ct114-devcloud:/# su nginx -c 'php /var/www/nextcloud/occ -h'

Is this the first time you’ve seen this error? (Y/N): Y

The output of your Nextcloud log in Admin > Logging:

<no relevant entries>

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

$CONFIG = array (
  'datadirectory' => '/var/lib/nextcloud/data',
  'logfile' => '/var/log/nextcloud/nextcloud.log',
  'apps_paths' =>
  array (
    0 =>
    array (
      'path' => '/usr/share/webapps/nextcloud/apps',
      'url' => '/apps',
      'writable' => false,
    1 =>
    array (
      'path' => '/var/lib/nextcloud/apps',
      'url' => '/apps-appstore',
      'writable' => true,
  'updatechecker' => false,
  'check_for_working_htaccess' => false,
  'installed' => true,
  'instanceid' => 'ocsd5hfatsje',
  'trusted_domains' =>
  array (
    0 => 'devcloud.domain.lan',
  'dbtype' => 'mysql',
  'version' => '',
  'overwrite.cli.url' => 'https://devcloud.domain.lan',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'enable_previews' => false,
  'mail_from_address' => 'admin',
  'mail_smtpmode' => 'smtp',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_domain' => 'devcloud.domain.lan',
  'mail_smtpauth' => 1,
  'mail_smtphost' => 'smtp.gmail.com',
  'mail_smtpport' => '587',
  'mail_smtpsecure' => 'tls',
  'maintenance' => false,

How can I debug the occ commands to identify the root cause?


So is nginx the owner of path

? Do the occ commands not tell some error? Try instead

sudo -u nginx php occ maintenance:mode --on

The owner of /path/to/nextcloud is: root.www-data

ct117-nextcloud:~# ls -l /usr/share/webapps/
total 4
drwxr-x--- 15 root www-data 4096 Oct  5 20:18 nextcloud

This it recommended setting of Nextcloud documented here.

The current permissions of /path/to/nextcloud/occ are:
-rwxr-x--x 1 root www-data 283 Sep 27 14:08 occ

This means that group www-data is allowed to execute occ.
And nginx is member of www-data:

ct117-nextcloud:~# id nginx
uid=101(nginx) gid=102(nginx) groups=102(nginx),82(www-data),102(nginx)

Did you anyway try to run the command as www-data? That’s what I do all the time.
sudo -u www-data php occ maintenance:mode --on

It’s recommended for NC9.
You should not change permissions anymore.


1 Like

But then I depend on the permission configuration defined by package provider.
Therefore my question:
What is the NC recommendation regarding permissions?

Please note this:
I don’t use sudo.

To my best knowledge the HTTP user is: nginx.
Why do I think this?

ct114-devcloud:/home# cat /etc/php7/php-fpm.d/www.conf | grep user
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
user = nginx
ct114-devcloud:/home# cat /etc/nginx/nginx.conf | grep user
user nginx;
ct114-devcloud:/home# ps -ef | grep nginx
  494 root      0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
  497 nginx     0:00 nginx: worker process
  633 nginx     0:05 {php-fpm7} php-fpm: pool www
 1430 nginx     0:02 {php-fpm7} php-fpm: pool www
11526 nginx     0:00 {php-fpm7} php-fpm: pool www
11549 root      0:00 grep nginx

Installing package “sudo” solved the issue.

This is indeed the answser for me. Over the years sudo -u www-data php occ maintenance… was required. However, when installing Version 23, it failed with no return errors. Simply removing the “-u www-data” caused it to work perfectly

If you remove the -u www-data part on a standard linux distribution like Ubuntu, Debian etc… you are going to run the command as root, which you shouldn’t do. The occ command should always be executed in the context of the user of the web server. So unless you are logged in to the system as the web server user, which you shouldn’t do either, you should always add -u www-data, httpd, nginx, apache or whatever the name of the webserver user happens to be on your system.

The only exeptions to this rule I can think of, are web-hosting platforms with CLI access or maybe if you are using any appliances or things like the Snap package, that usually provide their own custom scripts to manage Nextcloud.