Local external storage doesn't work

[searing]

Steps to reproduce

1. Install Nextcloud 14
2. Create local external storage
3. Try to access local external storage

Expected behaviour

Able to view, modify, etc. files in local directory outside the main data directory

Actual behaviour

Viewing the main "Files" view of the web UI shows this (the "Music" directory is an external storage): https://i.imgur.com/jHKP85d.png

Trying to click on the folder causes my browser to try downloading the literal symlink file that Nextcloud uses.

If I click on "External Storages" on the left hand side of the Files app, and then click Music, I get a message at the top that reads: "You don't have permission to upload or create files here".

The external storage is created as editable (not read only). Here's the row from the admin External Storages page: https://i.imgur.com/r1J5Wde.png

Here's the directory listing from my user's "files" directory. Notice the symlink, which is seemingly correct, and has the right permissions:

[root@<server name> files]# ls -l
total 12
lrwxrwxrwx  1 http http   26 Oct  7 22:02 Music -> /glusterfs/nextcloud/Music
drwxr-xr-x  2 http http 4096 Oct  8 12:51 Notes
drwxr-xr-x  4 http http 4096 Oct  8 17:44 Outlook
drwxr-xr-x 10 http http 4096 Oct  7 21:43 Personal

And the permissions on the (empty) target directory:

[root@<server name> files]# ls -la /glusterfs/nextcloud/Music/
total 8
drwxr-xr-x 2 http http 4096 Oct  7 23:43 .
drwxr-xr-x 4 http http 4096 Oct  7 23:43 ..

If I sudo to http and open a shell, I can freely create and modify files, both in the target directory AND in the Nextcloud data directory going through the symlink.

As a few other notes, before I tried the external storage system, I tried simply moving the folder and putting the symlink in, hoping it would be transparent to Nextcloud. That didn't work, so I tried moving and symlinking my user's folder, and then the entire "data" directory (as described elsewhere, in this official-looking guide https://help.nextcloud.com/t/howto-change-move-data-directory-after-installation/17170 ). Nothing seemed to work, all due to permissions issues.

Finally, my system does not have SELinux enabled. The PHP process (PHP-FPM) actually runs as "http", there is no www-data user on my system (maybe that's a Debian/Ubuntu thing?). I can read/write files just fine to normal directories, without the symlink, but the symlink that seems to be used for the External Storages feature just doesn't look like it works.

At one point I also tried this:

• Created normal Music directory (no external storage/symlink)
• Setup a sync with the Windows desktop client
• Wrote some files
• Put server into maintenance mode
• Moved files to other directory, setup symlink
• Took server out of maintenance mode

When I did this, I could download the files in there, but trying to add any others resulted in Forbidden errors in the Windows desktop client.

I tried doing some debugging (I don't know PHP very well). I think it's because at some point it checks whether or not you can create files in the directory, which only seems to pass if the path is indeed a directory. I'm not sure if the fact that it's actually a symbolic link trips up the code because it's, strictly speaking, not a real directory, just a symlink. I'm not well-versed enough in PHP to figure out exactly where that check is in the code (I saw something about a "filetype" function returning either "dir" or "file" but when I tried to call it directly I got a PHP exception about lstat failing).

Server configuration

Operating system: Arch Linux ARM (ODROID-XU4)

Web server: nginx/1.14.0

Database: PostgreSQL 10.5

PHP version: PHP 7.2.10 (cli) (built: Sep 11 2018 09:57:13) ( NTS )

Nextcloud version: (see Nextcloud admin page) 14.0.1

Updated from an older Nextcloud/ownCloud or fresh install: Fresh install

Where did you install Nextcloud from: Arch Linux ARM official repos

Signing status:

Signing status

No errors have been found.

List of activated apps:

App list

Enabled:
  - accessibility: 1.0.1
  - activity: 2.7.0
  - calendar: 1.6.2
  - cloud_federation_api: 0.0.1
  - comments: 1.4.0
  - contacts: 2.1.6
  - dav: 1.6.0
  - federatedfilesharing: 1.4.0
  - federation: 1.4.0
  - files: 1.9.0
  - files_external: 1.5.0
  - files_pdfviewer: 1.3.2
  - files_sharing: 1.6.2
  - files_texteditor: 2.6.0
  - files_trashbin: 1.4.1
  - files_versions: 1.7.1
  - files_videoplayer: 1.3.0
  - firstrunwizard: 2.3.0
  - gallery: 18.1.0
  - logreader: 2.0.0
  - lookup_server_connector: 1.2.0
  - nextcloud_announcements: 1.3.0
  - notes: 2.4.2
  - notifications: 2.2.1
  - oauth2: 1.2.1
  - password_policy: 1.4.0
  - provisioning_api: 1.4.0
  - serverinfo: 1.4.0
  - sharebymail: 1.4.0
  - support: 1.0.0
  - survey_client: 1.2.0
  - systemtags: 1.4.0
  - tasks: 0.9.7
  - theming: 1.5.0
  - twofactor_backupcodes: 1.3.1
  - updatenotification: 1.4.1
  - workflowengine: 1.4.0
Disabled:
  - admin_audit
  - encryption
  - user_external
  - user_ldap

Nextcloud configuration:

Config report

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "***REMOVED SENSITIVE VALUE***"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "pgsql",
        "version": "14.0.1.1",
        "overwrite.cli.url": "***REMOVED SENSITIVE VALUE***",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "maintenance": false
    }
}

(I redacted my server's external hostname.)

Are you using external storage, if yes which one: local

Are you using encryption: no

Are you using an external user-backend, if yes which one: Nope

Client configuration

Browser: Firefox

Operating system: Windows

Logs

Web server error log

Web server error log

There are a few lines like this, but they don't seem to line up time-wise with anything in this issue. The only other lines are for other virtual hosts on the web server.

Oct 09 19:16:24 nginx[20120]: 2018/10/09 19:16:24 [error] 20122#20122: *9647 access forbidden by rule, client: 192.168.42.1, server: (REDACTED), request: "GET /data/.ocdata?t=1539130584908 HTTP/2.0", host: "(REDACTED)"

Nextcloud log (data/nextcloud.log)

Nextcloud log

There's a ton of info I would want to redact from this. Please let me know roughly what you're looking for and I can post it, but there are no errors that get printed when it fails to synchronize/write files. It seems to take "Forbidden" as a normal response not worthy of logging.

Insert your Nextcloud log here

[nextcloud-bot]

GitMate.io thinks possibly related issues are #4730 (Storage), #9888 (Using local mounted NFS share with External storages does not work properly ), #3789 (External storage), #6685 (External storage encryption not working), and #1020 (Search not working in shared (external/local storage) folders).

[tomtomas99911]

I am using external local storage on Nextcloud 14.0.0. - but it works for me (apache2, php7).

[searing]

I tried a bind mount today and that also does work. I did this by:

• removing the external storage configuration entirely
• disabling the external storage plugin/app
• deleting the symlink in my user's files directory
• create a new "Music" folder in my user's files directory
• set the ownership of that new folder to http:http
• create a bind mount using: mount -o bind /glusterfs/nextcloud/Music Music
• "touch"ed a file inside the new bind mount as the http user, as a test
• ran occ files:scan to pick up the new folder/file

Now my Files view in the web UI looks like this: https://i.imgur.com/YxgbkrT.png

Clicking on "Music" causes it to download a 0-length file. In nextcloud.log, I see this entry:

{"reqId":"wE2UXLHxJ8MpYNGKFRPb","level":3,"time":"2018-10-18T00:25:30+00:00","remoteAddr":"REDACTED","user":"REDACTED","app":"PHP","method":"PROPFIND","url":"\/remote.php\/dav\/files\/REDACTED\/Personal","message":"filemtime(): stat failed for \/usr\/share\/webapps\/nextcloud\/data\/REDACTED\/files\/Music at \/usr\/share\/webapps\/nextcloud\/lib\/private\/LargeFileHelper.php#189","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.3.3 (build 1) (Nextcloud)","version":"14.0.1.1"}

[lachlan-00]

I upgraded to 15 beta 2 and this problem disappeared. (not ideal as half the plugins aren't ready for 15 but it works.)

[ctbrown]

@searing: do you mean the bind mount DID NOT work? You post says:

I tried a bind mount today and that also does work.

But you report a PHP stat() error. I get a similar error. Nextcloud logs say:

Error | PHP | stat(): stat failed for ... at /var/www/html/lib/private/Files/Storage/Local.php#142 -- | -- | --

This is stat() call:

$statResult = stat($fullPath);

It fails for the glusterfs mounted directory.

There is a second error in the nextcloud log:

filemtime(): stat failed for ... at /var/www/html/lib/private/LargeFileHelper.php#189

$result = filemtime($fullPath);

This may related to a bug in PHP.

[the-moog]

Latest NextCloud (18.0.1)
Local 'external' storage.
real folder is read/writable by 'users' of which www-data is a member, this is tested ok.
User/group is added to share in next cloud

When user browses shares -> "You don't have permission to upload or create files here" There are no files.

But, this is not correct!

The new Readme.md file CAN be created, the error message remains.
Any existing files are missing

occ files:scan --path="/path/to/real/filesystem"

does not work, returns user 'path' does not exist.
The only solutions is

occ files:scan --all

Which takes ages!!

But when it's complete the error is removed.

1: It seems the scan is not working "Check for changes on = every direct access" does not work
2: occ files:scan is no use, it does not work with absolute paths
3: The message on a folder you can write to is wrong"

Note: access via sftp to the same folder for the same user using a public key works without having to do the files:scan --all so it a good workround.

[skjnldsv]

Encountered this too, upgraded and no issues so far now
As I cannot reproduce the original issue anymore, I will close this ticket. If this is still happening please make sure to upgrade to the latest version. After that, feel free to reopen.