Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Encryption key storage error when deleting user #26935

Closed
PVince81 opened this issue Jan 13, 2017 · 5 comments · Fixed by #26938
Closed

Encryption key storage error when deleting user #26935

PVince81 opened this issue Jan 13, 2017 · 5 comments · Fixed by #26938
Assignees
@PVince81
Labels
regression sev2-high status/STALE Type:Bug
Milestone
10.0

Comments

@PVince81
Copy link
Contributor

Steps

  1. Enable encryption
  2. Create a user "user1"
  3. Login as "user1"
  4. Login as admin
  5. Delete "user1"
  6. Check logs

Expected result

No errors in log, user's keys properly deleted.

Actual result

Errors in log, user's key properly deleted indirectly through the deletion of the home.

{"reqId":"EL6Pp2BhEzJkzopeZJCW","remoteAddr":"127.0.0.1","app":"files","message":" Backends provided no user object for user0","level":3,"time":"2017-01-13T09:18:58+00:00","method":"DELETE","url":"\/owncloud\/index.php\/settings\/users\/users\/user0","user":"admin"}
{"reqId":"EL6Pp2BhEzJkzopeZJCW","remoteAddr":"127.0.0.1","app":"no app in context","message":"Exception: {\"Exception\":\"OC\\\\User\\\\NoUserException\",\"Message\":\"Backends provided no user object for user0\",\"Code\":0,\"Trace\":\"#0 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/Encryption\\\/Keys\\\/Storage.php(349): OC\\\\Files\\\\Filesystem::initMountPoints('user0')\\n#1 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/Encryption\\\/Keys\\\/Storage.php(182): OC\\\\Encryption\\\\Keys\\\\Storage->setupUserMounts('user0')\\n#2 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/Encryption\\\/Keys\\\/Storage.php(141): OC\\\\Encryption\\\\Keys\\\\Storage->constructUserKeyPath('OC_DEFAULT_MODU...', 'publicKey', 'user0')\\n#3 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/apps\\\/encryption\\\/lib\\\/KeyManager.php(586): OC\\\\Encryption\\\\Keys\\\\Storage->deleteUserKey('user0', 'publicKey', 'OC_DEFAULT_MODU...')\\n#4 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/apps\\\/encryption\\\/lib\\\/Hooks\\\/UserHooks.php(200): OCA\\\\Encryption\\\\KeyManager->deletePublicKey('user0')\\n#5 [internal function]: OCA\\\\Encryption\\\\Hooks\\\\UserHooks->postDeleteUser(Array)\\n#6 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/legacy\\\/hook.php(105): call_user_func(Array, Array)\\n#7 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/Server.php(265): OC_Hook::emit('OC_User', 'post_deleteUser', Array)\\n#8 [internal function]: OC\\\\Server->OC\\\\{closure}(Object(OC\\\\User\\\\User))\\n#9 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/Hooks\\\/EmitterTrait.php(98): call_user_func_array(Object(Closure), Array)\\n#10 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/Hooks\\\/PublicEmitter.php(32): OC\\\\Hooks\\\\BasicEmitter->emit('\\\\\\\\OC\\\\\\\\User', 'postDelete', Array)\\n#11 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/User\\\/User.php(229): OC\\\\Hooks\\\\PublicEmitter->emit('\\\\\\\\OC\\\\\\\\User', 'postDelete', Array)\\n#12 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/settings\\\/Controller\\\/UsersController.php(467): OC\\\\User\\\\User->delete()\\n#13 [internal function]: OC\\\\Settings\\\\Controller\\\\UsersController->destroy('user0')\\n#14 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(159): call_user_func_array(Array, Array)\\n#15 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(89): OC\\\\AppFramework\\\\Http\\\\Dispatcher->executeController(Object(OC\\\\Settings\\\\Controller\\\\UsersController), 'destroy')\\n#16 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/AppFramework\\\/App.php(99): OC\\\\AppFramework\\\\Http\\\\Dispatcher->dispatch(Object(OC\\\\Settings\\\\Controller\\\\UsersController), 'destroy')\\n#17 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/AppFramework\\\/Routing\\\/RouteActionHandler.php(46): OC\\\\AppFramework\\\\App::main('UsersController', 'destroy', Object(OC\\\\AppFramework\\\\DependencyInjection\\\\DIContainer), Array)\\n#18 [internal function]: OC\\\\AppFramework\\\\Routing\\\\RouteActionHandler->__invoke(Array)\\n#19 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/Route\\\/Router.php(299): call_user_func(Object(OC\\\\AppFramework\\\\Routing\\\\RouteActionHandler), Array)\\n#20 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/base.php(894): OC\\\\Route\\\\Router->match('\\\/settings\\\/users...')\\n#21 \\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/index.php(46): OC::handleRequest()\\n#22 {main}\",\"File\":\"\\\/srv\\\/www\\\/htdocs\\\/owncloud\\\/lib\\\/private\\\/Files\\\/Filesystem.php\",\"Line\":413}","level":3,"time":"2017-01-13T09:18:58+00:00","method":"DELETE","url":"\/owncloud\/index.php\/settings\/users\/users\/user0","user":"admin"}

Same result with an alternative home.

However when using an alternative root for the keys (occ encryption:change-key-storage-root enckeys), the keys are NOT deleted properly because that exception makes it skip key deletion within the hook.

Versions

master a4883ae, likely introduced by #26917

Possible approaches

  • run the key deletion code earlier, maybe in the pre delete hook
  • or make it ignore the init mount point issue as the keys will be gone anyway through home folder deletion, but need to check if that will also work with alternative root for the keys

@SergioBertolinSG this is the issue you observed in #26844 (comment)
@PVince81 PVince81 added this to the 10.0 milestone Jan 13, 2017
@PVince81 PVince81 self-assigned this Jan 13, 2017
This was referenced Jan 13, 2017
Merged
Merged
Merged
@PVince81
Copy link
Contributor Author

Now I have the feeling that keys deletion itself is overkill in most scenarios when the keys are contained in the home folder. It only makes sense to do extra deletion when keys are stored separately.

But then why not do it in the pre delete hook then ? I see that trashbin clearing also operates there.

@PVince81
Copy link
Contributor Author

Pfff, I just tried in OC 9.1.3 with "change-key-storage-root" and the keys are also not deleted properly. Well, actually it does delete the public key of the user but not the private key. And the file keys also remain.

Ok, so that will be a different issue: #26936.

So the goal in this issue here is to bring the behavior back to what it was before to eliminate the regression and annoying log messages.

@PVince81 PVince81 mentioned this issue Jan 13, 2017
Merged
9 tasks
@PVince81
Copy link
Contributor Author

Fix for the alternate key root case here: #26937

Still need to work on the other case, maybe I'll just make it use the pre delete hook.

@PVince81 PVince81 mentioned this issue Jan 13, 2017
Merged
9 tasks
@PVince81
Copy link
Contributor Author

Fix is here: #26938 (preDelete hook approach)

@PVince81 PVince81 mentioned this issue Jan 18, 2017
Merged
9 tasks
@ownclouders ownclouders mentioned this issue Jan 18, 2019
Closed
@lock
Copy link

lock bot commented Aug 1, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Aug 1, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@PVince81 PVince81

Labels
regression sev2-high status/STALE Type:Bug
Projects
None yet
Milestone
10.0
Development

Successfully merging a pull request may close this issue.

Use preDelete hook to delete encryption keys owncloud/core
2 participants
@PVince81 @ownclouders