Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exception during scan: Invalid request for / (ForbiddenException) #8657

Closed
addaitrs opened this issue Mar 5, 2018 · 1 comment
Closed

Exception during scan: Invalid request for / (ForbiddenException) #8657

addaitrs opened this issue Mar 5, 2018 · 1 comment

Comments

@addaitrs
Copy link

addaitrs commented Mar 5, 2018
edited
Loading

Steps to reproduce

  1. sudo -u www-data php -f /var/www/html/occ files:scan --unscanned --all

Expected behaviour

Update of external SMB

Actual behaviour

Errors with

Exception during scan: Invalid request for / (ForbiddenException)

Full error output is in the web server log section.

Server configuration

Operating system:
Ubuntu 17.10
Web server:
Apache2
Database:
MySQL
PHP version:
7.1
Nextcloud version: (see Nextcloud admin page)
13.0.0
Updated from an older Nextcloud/ownCloud or fresh install:
Fresh Install
Where did you install Nextcloud from:
Magic
Signing status:

Signing status 
Login as admin user into your Nextcloud and access 
http://example.com/index.php/settings/integrity/failed 
paste the results here.

List of activated apps:

App list 
If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your Nextcloud installation folder

Nextcloud configuration:

Config report 
If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your Nextcloud installation folder

or 

Insert your config.php content here. 
Make sure to remove all sensitive content such as passwords. (e.g. database password, passwordsalt, secret, smtp password, …)

Are you using external storage, if yes which one: smb3.1.1

Are you using encryption: no

Are you using an external user-backend, if yes which one: LDAP

LDAP configuration (delete this part if not used)

LDAP config 
+-------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| hasMemberOfFilterSupport      | 1                                                                                                                                                                 |
| hasPagedResultSupport         |                                                                                                                                                                   |
| homeFolderNamingRule          |                                                                                                                                                                   |
| lastJpegPhotoLookup           | 0                                                                                                                                                                 |
| ldapAgentName                 | CN=NextCloudAdmin,OU=System Accounts,OU=client client,DC=client,DC=com                                                                                            |
| ldapAgentPassword             | ***                                                                                                                                                               |
| ldapAttributesForGroupSearch  |                                                                                                                                                                   |
| ldapAttributesForUserSearch   |                                                                                                                                                                   |
| ldapBackupHost                |                                                                                                                                                                   |
| ldapBackupPort                |                                                                                                                                                                   |
| ldapBase                      | DC=client,DC=com                                                                                                                                                  |
| ldapBaseGroups                | DC=client,DC=com                                                                                                                                                  |
| ldapBaseUsers                 | DC=client,DC=com                                                                                                                                                  |
| ldapCacheTTL                  | 600                                                                                                                                                               |
| ldapConfigurationActive       | 1                                                                                                                                                                 |
| ldapDefaultPPolicyDN          |                                                                                                                                                                   |
| ldapDynamicGroupMemberURL     |                                                                                                                                                                   |
| ldapEmailAttribute            | mail                                                                                                                                                              |
| ldapExperiencedAdmin          | 0                                                                                                                                                                 |
| ldapExpertUUIDGroupAttr       |                                                                                                                                                                   |
| ldapExpertUUIDUserAttr        |                                                                                                                                                                   |
| ldapExpertUsernameAttr        | sAMAccountName                                                                                                                                                    |
| ldapGidNumber                 | gidNumber                                                                                                                                                         |
| ldapGroupDisplayName          | cn                                                                                                                                                                |
| ldapGroupFilter               | (|(cn=client)(cn=client)(cn=client)(cn=client Drive))                                                                                                             |
| ldapGroupFilterGroups         | client;client;client;client Drive                                                                                                                                 |
| ldapGroupFilterMode           | 0                                                                                                                                                                 |
| ldapGroupFilterObjectclass    |                                                                                                                                                                   |
| ldapGroupMemberAssocAttr      | member                                                                                                                                                            |
| ldapHost                      | 1.1.1.1                                                                                                                                                           |
| ldapIgnoreNamingRules         |                                                                                                                                                                   |
| ldapLoginFilter               | (&(&(|(objectclass=person))(|(|(memberof=CN=client Drive,OU=Groups,OU=client client,DC=client,DC=com)(primaryGroupID=1709))))(|(sAMAccountName=%uid)))            |
| ldapLoginFilterAttributes     | sAMAccountName                                                                                                                                                    |
| ldapLoginFilterEmail          | 0                                                                                                                                                                 |
| ldapLoginFilterMode           | 0                                                                                                                                                                 |
| ldapLoginFilterUsername       | 1                                                                                                                                                                 |
| ldapNestedGroups              | 0                                                                                                                                                                 |
| ldapOverrideMainServer        |                                                                                                                                                                   |
| ldapPagingSize                | 500                                                                                                                                                               |
| ldapPort                      | 389                                                                                                                                                               |
| ldapQuotaAttribute            |                                                                                                                                                                   |
| ldapQuotaDefault              |                                                                                                                                                                   |
| ldapTLS                       | 0                                                                                                                                                                 |
| ldapUserDisplayName           | displayname                                                                                                                                                       |
| ldapUserDisplayName2          |                                                                                                                                                                   |
| ldapUserFilter                | (&(|(objectclass=person))(|(|(memberof=CN=client Drive,OU=Groups,OU=client client,DC=client,DC=com)(primaryGroupID=1709))))                                       |
| ldapUserFilterGroups          | client Drive                                                                                                                                                      |
| ldapUserFilterMode            | 0                                                                                                                                                                 |
| ldapUserFilterObjectclass     | person                                                                                                                                                            |
| ldapUuidGroupAttribute        | auto                                                                                                                                                              |
| ldapUuidUserAttribute         | auto                                                                                                                                                              |
| turnOffCertCheck              | 0                                                                                                                                                                 |
| turnOnPasswordChange          | 0                                                                                                                                                                 |
| useMemberOfToDetectMembership | 1                                                                                                                                                                 |
+-------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Client configuration

Browser:

Operating system:

Logs

Web server error log

Web server error log 
Scanning files for 8 users
Starting scan for user 1 out of 8 (User1)
Starting scan for user 2 out of 8 (User2)
Starting scan for user 3 out of 8 (User3)
Starting scan for user 4 out of 8 (User4)
Starting scan for user 5 out of 8 (User5)
Starting scan for user 6 out of 8 (User6)
Exception during scan: Invalid request for / (ForbiddenException)
#0 /var/www/html/apps/files_external/3rdparty/icewind/smb/src/NativeState.php(49): Icewind\SMB\Exception\Exception::fromMap(Array, 13, '/')
#1 /var/www/html/apps/files_external/3rdparty/icewind/smb/src/NativeState.php(61): Icewind\SMB\NativeState->handleError('/')
#2 /var/www/html/apps/files_external/3rdparty/icewind/smb/src/NativeState.php(91): Icewind\SMB\NativeState->testResult(false, 'smb://1.1.1...')
#3 /var/www/html/apps/files_external/3rdparty/icewind/smb/src/NativeShare.php(86): Icewind\SMB\NativeState->opendir('smb://1.1.1...')
#4 /var/www/html/apps/files_external/lib/Lib/Storage/SMB.php(231): Icewind\SMB\NativeShare->dir('/')
#5 /var/www/html/apps/files_external/lib/Lib/Storage/SMB.php(219): OCA\Files_External\Lib\Storage\SMB->shareMTime()
#6 /var/www/html/lib/private/Files/Storage/Common.php(181): OCA\Files_External\Lib\Storage\SMB->stat('')
#7 /var/www/html/lib/private/Files/Storage/Common.php(670): OC\Files\Storage\Common->filemtime('')
#8 /var/www/html/lib/private/Files/Storage/Wrapper/Wrapper.php(581): OC\Files\Storage\Common->getMetaData('')
#9 /var/www/html/lib/private/Files/Storage/Wrapper/Availability.php(463): OC\Files\Storage\Wrapper\Wrapper->getMetaData('')
#10 /var/www/html/lib/private/Files/Storage/Wrapper/Wrapper.php(581): OC\Files\Storage\Wrapper\Availability->getMetaData('')
#11 /var/www/html/lib/private/Files/Cache/Scanner.php(112): OC\Files\Storage\Wrapper\Wrapper->getMetaData('')
#12 /var/www/html/lib/private/Files/Cache/Scanner.php(150): OC\Files\Cache\Scanner->getData('')
#13 /var/www/html/lib/private/Files/Cache/Scanner.php(335): OC\Files\Cache\Scanner->scanFile('', 1, -1, NULL, true)
#14 /var/www/html/lib/private/Files/Cache/Scanner.php(508): OC\Files\Cache\Scanner->scan('', true, 1)
#15 /var/www/html/lib/private/Files/Cache/Scanner.php(525): OC\Files\Cache\Scanner->OC\Files\Cache\{closure}()
#16 /var/www/html/lib/private/Files/Cache/Scanner.php(509): OC\Files\Cache\Scanner->runBackgroundScanJob(Object(Closure), '')
#17 /var/www/html/lib/private/Files/Utils/Scanner.php(177): OC\Files\Cache\Scanner->backgroundScan()
#18 /var/www/html/apps/files/lib/Command/Scan.php(159): OC\Files\Utils\Scanner->backgroundScan('/User6')
#19 /var/www/html/apps/files/lib/Command/Scan.php(234): OCA\Files\Command\Scan->scanFiles('User6', '/User6', false, Object(Symfony\Component\Console\Output\ConsoleOutput), true)
#20 /var/www/html/3rdparty/symfony/console/Command/Command.php(264): OCA\Files\Command\Scan->execute(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#21 /var/www/html/core/Command/Base.php(161): Symfony\Component\Console\Command\Command->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#22 /var/www/html/3rdparty/symfony/console/Application.php(874): OC\Core\Command\Base->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#23 /var/www/html/3rdparty/symfony/console/Application.php(228): Symfony\Component\Console\Application->doRunCommand(Object(OCA\Files\Command\Scan), Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#24 /var/www/html/3rdparty/symfony/console/Application.php(130): Symfony\Component\Console\Application->doRun(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#25 /var/www/html/lib/private/Console/Application.php(173): Symfony\Component\Console\Application->run(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#26 /var/www/html/console.php(90): OC\Console\Application->run()
#27 /var/www/html/occ(11): require_once('/var/www/html/c...')
#28 {main}
Starting scan for user 7 out of 8 (User7)
Starting scan for user 8 out of 8 (User8
)

Nextcloud log (data/nextcloud.log)

Nextcloud log 
Insert your Nextcloud log here

Browser log

Browser log
@nextcloud-bot nextcloud-bot added the stale Ticket or PR with no recent activity label Jun 20, 2018
@MorrisJobke
Copy link
Member

Fixed with #9608 in 13.0.3

@nextcloud-bot nextcloud-bot removed the stale Ticket or PR with no recent activity label Jun 25, 2018
@nextcloud-bot nextcloud-bot mentioned this issue Oct 18, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@MorrisJobke @nextcloud-bot @addaitrs