[Bug 257157] www/nextcloud: Error updating .htaccess file ... . Server corrupted

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 13 Jul 2021 17:47:04 +0000
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257157

            Bug ID: 257157
           Summary: www/nextcloud: Error updating .htaccess file ... .
                    Server corrupted
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: brnrd_at_freebsd.org
          Reporter: ohartmann_at_walstatt.org
             Flags: maintainer-feedback?(brnrd_at_freebsd.org)
          Assignee: brnrd_at_freebsd.org

running www/nextcloud (php74) on FreeBSD 12.2-RELENG-p9. System is mainatined
with official FreeBSD packages (nothing home-brewn).

After the recent upgrade of the ports (including php74, Apache and Nextcloud
(from21.X.X to 22.0.0), the nextcloud service is corrupted: the Apache server
reports the request could not served, contact administrator. Checking the log
/var/log/httpd-error.log when requesting I see

[...]
[Tue Jul 13 17:22:15.847179 2021] [authz_core:error] [pid 71606] [client
xxx.xxx.xxx.xxx:48910] AH01630: client denied by server configuration:
/usr/local/www/apache24/data/csrftoken
[Tue Jul 13 17:22:16.110620 2021] [authz_core:error] [pid 66249] [client
xxx.xxx.xxx.xxx:11753] AH01630: client denied by server configuration:
/usr/local/www/apache24/data/login
[...]

and /var/log/httpd-access.log

[...]
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:41 +0000] "GET /cloud/index.php/login
HTTP/1.1" 500 16855
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/core/js/dist/files_fileinfo.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/apps-pkg/files_sharing/l10n/de_DE.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/core/l10n/de_DE.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/core/js/dist/files_client.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/core/js/dist/main.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/apps/apporder/l10n/de_DE.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/apps-pkg/files_sharing/js/dist/main.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/apps/apporder/js/apporder.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/apps/epubreader/l10n/de_DE.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/apps/epubreader/js/plugin.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/apps-pkg/files_videoplayer/js/main.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/apps-pkg/files_rightclick/l10n/de_DE.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/apps-pkg/files_rightclick/js/script.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/apps-pkg/files_rightclick/js/files.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/apps-pkg/theming/l10n/de_DE.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/apps-pkg/theming/js/theming.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/core/js/dist/login.js?v=1db512a4-5 HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/core/img/loading-dark.gif HTTP/1.1" 304 -
xxx.xxx.xxx.xxx - - [13/Jul/2021:17:43:43 +0000] "GET
/cloud/core/img/actions/toggle.svg HTTP/1.1" 304 -
[...]


It looks like the documentroot is some kind of weird, since the nextcloud's
document root is located not in /usr/local/www/apache24/data!

Anyway, when upgrading nextcloud via

su -m www -c 'php ./occ upgrade'

nothing unusual has been observed except the fact that when it came to updating
apps, the connection to the app store seemed to have timed out, there was a
further unnoticed error of the php script and I simply restarted the procedure
as shown above and then it went through all steps. After that, restarting
Apache, the server quit the request with not servicing nextcloud content. I
checked the log and revealed the above and issued the command:

root_at_websrv:/usr/local/www/nextcloud # su -m www -c "php ./occ
maintenance:update:htaccess"
Error updating .htaccess file, not enough permissions or "overwrite.cli.url"
set to an invalid URL?

I searched the web for this error and found that one has to set
overwrite.cli.url to the URL in config/config.php, but this object has never
been set before and even setting it either to the local (IP based) or fully
qualified URL doe not solve anything. Further, some tell that the access rights
need to be adjusted to the owner of the running apache (www:www) but on which
.htaccess file and where is a big mystery of internet sloppyness. Most of them
are not usefull.


The access rights of .htaccess file located in the data folder for nextcloud is
www:www and untouched, also the .htaccess file located in
/usr/local/www/nextcloud/config.

/usr/local/etc/apache24/httpd.conf is untouched, so the (prior to the update
working) .conf file in  /usr/local/etc/apache24/Includes.


Now, with this next painin the arse, I'mfloating like a deadman in the water
with nextcloud on freeBSD :-(

-- 
You are receiving this mail because:
You are the assignee for the bug.
Received on Tue Jul 13 2021 - 17:47:04 UTC

Original text of this message