Nextcloud version (eg, 20.0.5): 25.09
Operating system and version (eg, Ubuntu 20.04): Ubuntu 22.04
Apache or nginx version (eg, Apache 2.4.25): Nginx 1.18
PHP version (eg, 7.4): 7.4
The issue you are facing:
I am using nextcloud with external storage for SMB. As the Admin user, I configured “External Storage” to make the samba share “bookeeping” available to all users. I have also checked the box that says “Verify ACL access when listing files” which is supposed to filter out users who do not have read access to the external share as shown below.
However, when a user logs in that does not have read access the bookkeeping folder instead of it being filtered out, the share shows up with a pink background which when clicked on says “External mount error”. This will be pretty ugly to end users.
Does anyone have any idea why?
What sayeth the group?
Is this the first time you’ve seen this error? (Y/N): Y
Steps to replicate it:
- See the first image - add a samba share
- Verify ACL access when listing files
- login as a user who does not have rights to that folder
The output of your Nextcloud log in Admin > Logging:
Info lib Storage with smb::dave.smith@127.0.0.1//bookkeeping// marked as unavailable July 29, 2023 12:45:08
Info no app in context External storage not available: stat() failed July 29, 2023 12:45:08
Info no app in context Deprecated event type for OCP\IPreview:PreviewRequested: Symfony\Component\EventDispatcher\GenericEvent is used July 29, 2023 12:45:08
Warning no app in context OCP\Files\StorageNotAvailableException: Storage with mount id 6 is not available
[no app in context] Warning: OCP\Files\StorageNotAvailableException: Storage with mount id 6 is not available at <<closure>>
0. /SM_DATA/web_cloud/public_html/lib/private/Files/Storage/Wrapper/Wrapper.php line 548
OC\Files\Storage\FailedStorage->getAvailability()
1. /SM_DATA/web_cloud/public_html/lib/private/Files/Storage/Wrapper/Availability.php line 81
OC\Files\Storage\Wrapper\Wrapper->getAvailability()
2. /SM_DATA/web_cloud/public_html/lib/private/Files/Storage/Wrapper/Availability.php line 92
OC\Files\Storage\Wrapper\Availability->isAvailable()
3. /SM_DATA/web_cloud/public_html/lib/private/Files/Storage/Wrapper/Availability.php line 342
OC\Files\Storage\Wrapper\Availability->checkAvailability()
4. /SM_DATA/web_cloud/public_html/lib/private/Files/Storage/Wrapper/Wrapper.php line 334
OC\Files\Storage\Wrapper\Availability->free_space()
5. /SM_DATA/web_cloud/public_html/lib/private/legacy/OC_Helper.php line 521
OC\Files\Storage\Wrapper\Wrapper->free_space()
6. /SM_DATA/web_cloud/public_html/apps/dav/lib/Connector/Sabre/Directory.php line 328
OC_Helper::getStorageInfo()
7. /SM_DATA/web_cloud/public_html/3rdparty/sabre/dav/lib/DAV/CorePlugin.php line 770
OCA\DAV\Connector\Sabre\Directory->getQuotaInfo()
8. /SM_DATA/web_cloud/public_html/3rdparty/sabre/dav/lib/DAV/PropFind.php line 95
Sabre\DAV\CorePlugin->Sabre\DAV\{closure}("*** sensitive parameters replaced ***")
9. /SM_DATA/web_cloud/public_html/3rdparty/sabre/dav/lib/DAV/CorePlugin.php line 774
Sabre\DAV\PropFind->handle()
10. /SM_DATA/web_cloud/public_html/3rdparty/sabre/event/lib/WildcardEmitterTrait.php line 89
Sabre\DAV\CorePlugin->propFind()
11. /SM_DATA/web_cloud/public_html/3rdparty/sabre/dav/lib/DAV/Server.php line 1052
Sabre\DAV\Server->emit()
12. /SM_DATA/web_cloud/public_html/3rdparty/sabre/dav/lib/DAV/Server.php line 984
Sabre\DAV\Server->getPropertiesByNode()
13. /SM_DATA/web_cloud/public_html/3rdparty/sabre/dav/lib/DAV/Server.php line 1662
Sabre\DAV\Server->getPropertiesIteratorForPath()
14. /SM_DATA/web_cloud/public_html/3rdparty/sabre/dav/lib/DAV/Server.php line 1647
Sabre\DAV\Server->writeMultiStatus()
15. /SM_DATA/web_cloud/public_html/3rdparty/sabre/dav/lib/DAV/CorePlugin.php line 346
Sabre\DAV\Server->generateMultiStatus()
16. /SM_DATA/web_cloud/public_html/3rdparty/sabre/event/lib/WildcardEmitterTrait.php line 89
Sabre\DAV\CorePlugin->httpPropFind()
17. /SM_DATA/web_cloud/public_html/3rdparty/sabre/dav/lib/DAV/Server.php line 472
Sabre\DAV\Server->emit()
18. /SM_DATA/web_cloud/public_html/3rdparty/sabre/dav/lib/DAV/Server.php line 253
Sabre\DAV\Server->invokeMethod()
19. /SM_DATA/web_cloud/public_html/3rdparty/sabre/dav/lib/DAV/Server.php line 321
Sabre\DAV\Server->start()
20. /SM_DATA/web_cloud/public_html/apps/dav/lib/Server.php line 360
Sabre\DAV\Server->exec()
21. /SM_DATA/web_cloud/public_html/apps/dav/appinfo/v2/remote.php line 35
OCA\DAV\Server->exec()
22. /SM_DATA/web_cloud/public_html/remote.php line 172
require_once("/SM_DATA/web_cl ... p")
PROPFIND /remote.php/dav/files/AF85BE9F-EA50-4056-B0C9-DFC729B5FDC1/
from 192.168.9.168 by AF85BE9F-EA50-4056-B0C9-DFC729B5FDC1 at 2023-07-29T12:45:08-07:00
The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'passwordsalt' => 'asdfasdfasdf',
'secret' => 'asdfasdfasdf',
'trusted_domains' =>
array (
0 => 'localhost',
1 => 'seattle.mydomain.com',
2 => '192.168.1.*'
),
'datadirectory' => '/home/nextcloud',
'skeletondirectory' => /home/nextcloud/default',
'dbtype' => 'mysql',
'version' => '25.0.9.2',
'overwrite.cli.url' => 'https://cloud.[compumatter.biz](http://mydomain.com)',
'dbname' => 'someone',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'someuser',
'dbpassword' => 'somepassword',
'installed' => true,
'instanceid' => 'ock5320302sf',
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => '/run/redis/redis-server.sock',
'port' => 0,
),
'theme' => '',
'defaultapp' => 'dashboard',
'default_language' => 'en',
'onlyoffice' =>
array (
'verify_peer_off' => 'true',
),
'allow_local_remote_servers' => true,
'logfile' => '/home/nextcloud/nextcloud.log',
'loglevel' => 3,
'logdateformat' => 'F d, Y H:i:s',
'logtimezone' => 'America/Los_Angeles',
'maintenance' => false,
'updater.secret' => 'asdfasdfasdfasdfasdf',
'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
);
The output of your NGINX ACCESS log in /var/log/____:
192.168.9.168 - - [28/Jul/2023:23:05:54 -0700] "GET /apps/files/?dir=/&fileid=876526 HTTP/2.0" 200 15653 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:55 -0700] "GET /apps/theming/icon/files?v=c8667846 HTTP/2.0" 499 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:56 -0700] "GET /ocs/v2.php/search/providers?from=%2Fapps%2Ffiles%2F%3Fdir%3D%2F%26fileid%3D876526 HTTP/2.0" 200 265 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:57 -0700] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/2.0" 200 656 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:57 -0700] "PUT /ocs/v2.php/apps/user_status/api/v1/heartbeat?format=json HTTP/2.0" 200 144 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:57 -0700] "GET /ocs/v2.php/apps/user_status/api/v1/statuses/AF85BE9F-EA50-4056-B0C9-DFC729B5FDC1 HTTP/2.0" 200 151 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:57 -0700] "GET /ocs/v1.php/apps/files_external/api/v1/mounts?format=json HTTP/2.0" 200 183 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:57 -0700] "GET /apps/files_sharing/api/externalShares HTTP/2.0" 200 22 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:57 -0700] "GET /apps/systemtags/lastused HTTP/2.0" 200 22 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:57 -0700] "PROPFIND /remote.php/dav/files/AF85BE9F-EA50-4056-B0C9-DFC729B5FDC1/ HTTP/2.0" 207 1909 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:57 -0700] "GET /ocs/v2.php/apps/text/workspace?path=%2F HTTP/2.0" 200 160 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:57 -0700] "GET /apps/recommendations/api/recommendations HTTP/2.0" 200 379 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:58 -0700] "GET /apps/files/ajax/getstoragestats?dir=%2F HTTP/2.0" 200 248 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0"
192.168.9.168 - - [28/Jul/2023:23:05:58 -0700] "POST /apps/text/session/sync HTTP/2.0" 200 271 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.183"
192.168.9.168 - - [28/Jul/2023:23:05:58 -0700] "GET /index.php/apps/files_external/userglobalstorages/6?testOnly=false HTTP/2.0" 200 170 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
Samba Log:
create_connection_session_info: user ‘SEATTLE\users.name’ (from session setup) not permitted to access this share (bookkeeping)
[2023/07/28 23:09:19.659013, 1, pid=3272883, effective(0, 0), real(0, 0)] …/…/source3/smbd/service.c:545(make_connection_snum)
create_connection_session_info failed: NT_STATUS_ACCESS_DENIED
[2023/07/28 23:09:19.659033, 5, pid=3272883, effective(0, 0), real(0, 0)] …/…/lib/dbwrap/dbwrap.c:143(dbwrap_lock_order_lock)
dbwrap_lock_order_lock: check lock order 1 for /run/samba/smbXsrv_tcon_global.tdb
Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors.
no errors