When deleting a user from YNH webadmin and asking for that user's data to be purged, the user appears to be removed from Nextcloud user list, but many tracks of it actually remains in Nextcloud MySQL database.
Some might be considered as legitimate (I can think of past conversations for instance), but some are not.
What concerns me in particular is that Nextcloud Mail keeps connecting via IMAP to the (removed) email account associated to the deleted user, which should obviously not happen (causing YNH server's IP being blocked on the external email server due to repeated connection errors).
Context
Hardware: VPS bought online
YunoHost version: 11.1.19
I have access to my server: Through SSH & through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: no
Using package version: 25.0.6~ynh1
Steps to reproduce
Go in YNH webadmin and create a user with user ID "testuser"
Grant "testuser" rights to access Nextcloud
Log in as "testuser"
Go to Nextcloud, logged as "testuser"
Go to Nextcloud Mail (assuming Nextcloud Mail is already installed)
Configure an email account
a. I checked only with an external email account. Not sure whether the problem would be the same with the default YNH email?
b. I checked only via IMAP, but my guess is that it would do the same for all protocols.
Refresh emails to see it working
Disconnect "testuser" session in YNH
Go back to YNH webadmin and delete "testuser", checking the option to erase all user's data.
Note: before doing so, I tried to remove "testuser" from Nexcloud (logged as Nextcloud admin user), but it simply triggered an error message saying it was not possible (I assume it is configured as such by default so that everything should be managed from YNH, which seems very fine to me).
Access YNH instance via SSH and log as root
type mysql
type USE nextcloud;
type SELECT * FROM oc_mail_accounts WHERE user_id IN ('testuser'); and you should see that the email account associated to the now deleted user is still here. For some reason Nextcloud Mail keeps trying to connect to it regularly.
type SELECT * FROM oc_accounts WHERE uid IN ('testuser'); and you should see that the Nextcloud account corresponding
More generally, references to "testuser" can be found in the following tables of nextcloud MySQL database (some of which, again, might be considered as legitimate):
When deleting a user from YNH webadmin, asking for the user's data to be purged, I would have expected all Nextcloud data spectific to the users (data and config stored) to be removed (what could remain are past conversations log and the business card saying maybe that the user was removed, so that other users are still able to access it).
Or in case data & config are not wiped out for safety purposes (to avoid accidental removal), a method to delete user data & config should at least be provided.
What is obvious is that Nextcloud Mail should not try to retrieve emails anymore for that accounts. Not sure at this stage whether there might a bug within Nextcloud Mail.
Logs
YNH user delete log
2023-05-20 14:54:53,029: DEBUG - Le groupe 'all_users' a été mis à jour
2023-05-20 14:54:53,030: DEBUG - Journal complet de cette opération : '<a href="#/tools/logs/20230520-145453-user_group_update-all_users" style="text-decoration:underline"> Mettre à jour 'all_users' pour le groupe </a>'
2023-05-20 14:54:53,055: SUCCESS - Le groupe 'access_all_apps' a été mis à jour</span>
2023-05-20 14:54:53,057: DEBUG - Journal complet de cette opération : '<a href="#/tools/logs/20230520-145453-user_group_update-access_all_apps" style="text-decoration:underline"> Mettre à jour 'access_all_apps' pour le groupe </a>'
2023-05-20 14:54:53,476: DEBUG - The permission database has been resynchronized
2023-05-20 14:54:53,760: DEBUG - La configuration de SSOwat a été regénérée
2023-05-20 14:54:53,767: DEBUG - Suppression du groupe 'testuser'
2023-05-20 14:54:53,767: DEBUG - Journal complet de cette opération : '<a href="#/tools/logs/20230520-145453-user_group_delete-testuser" style="text-decoration:underline"> Supprimer le groupe 'testuser' </a>'
2023-05-20 14:54:53,798: DEBUG - Executing command '['sh', '-c', '/bin/bash -x "./ynh_multimedia" testuser True 7>&1']'
2023-05-20 14:54:53,810: DEBUG - + user=testuser
2023-05-20 14:54:53,810: DEBUG - + MEDIA_DIRECTORY=/home/yunohost.multimedia
2023-05-20 14:54:53,810: DEBUG - + '[' -n testuser ']'
2023-05-20 14:54:53,810: DEBUG - + '[' -e /home/yunohost.multimedia/testuser ']'
2023-05-20 14:54:53,811: DEBUG - + sudo rm -r /home/yunohost.multimedia/testuser
2023-05-20 14:54:54,812: DEBUG - Executing command '['sh', '-c', '/bin/bash -x "./50-freshrss" testuser True 7>&1']'
2023-05-20 14:54:54,821: DEBUG - + set -a
2023-05-20 14:54:54,821: DEBUG - + source /usr/share/yunohost/helpers
2023-05-20 14:54:54,822: DEBUG - +++ set +o
2023-05-20 14:54:54,822: DEBUG - +++ grep xtrace
2023-05-20 14:54:54,825: DEBUG - ++ readonly 'XTRACE_ENABLE=set -o xtrace'
2023-05-20 14:54:54,826: DEBUG - ++ XTRACE_ENABLE='set -o xtrace'
2023-05-20 14:54:54,865: DEBUG - + app=freshrss
2023-05-20 14:54:54,866: DEBUG - ++ ynh_app_setting_get --app=freshrss --key=final_path
2023-05-20 14:54:54,867: DEBUG - ++ local _globalapp=freshrss
2023-05-20 14:54:54,917: DEBUG - ++ app=freshrss
2023-05-20 14:54:54,917: DEBUG - ++ [[ final_path =~ (unprotected|protected|skipped)_ ]]
2023-05-20 14:54:54,918: DEBUG - ++ ynh_app_setting get freshrss final_path
2023-05-20 14:54:54,989: DEBUG - + final_path=/var/www/freshrss
2023-05-20 14:54:54,990: DEBUG - + username=testuser
2023-05-20 14:54:54,990: DEBUG - + sudo -u freshrss /var/www/freshrss/cli/delete-user.php --user testuser
2023-05-20 14:54:55,273: DEBUG - FreshRSS deleting user “testuser”…
<span class="alert-warning">2023-05-20 14:54:55,283: WARNING - Deleting SQL data for user “testuser”…</span>
2023-05-20 14:54:56,287: DEBUG - Executing command '['sh', '-c', '/bin/bash -x "./50-wallabag2" testuser True 7>&1']'
2023-05-20 14:54:56,302: DEBUG - + app=wallabag2
2023-05-20 14:54:56,302: DEBUG - + user=wallabag2
2023-05-20 14:54:56,302: DEBUG - + username=testuser
2023-05-20 14:54:56,303: DEBUG - + purge=True
2023-05-20 14:54:56,303: DEBUG - + cd /var/www/wallabag2
2023-05-20 14:54:56,303: DEBUG - + sudo -u wallabag2 php bin/console --no-interaction --env=prod fos:user:deactivate testuser
2023-05-20 14:54:57,294: DEBUG - User "testuser" has been deactivated.
2023-05-20 14:54:58,297: DEBUG - Executing command '['sh', '-c', '/bin/bash -x "./50-mygpo" testuser True 7>&1']'
2023-05-20 14:54:58,306: DEBUG - + source /usr/share/yunohost/helpers
2023-05-20 14:54:58,307: DEBUG - +++ set +o
2023-05-20 14:54:58,307: DEBUG - +++ grep xtrace
2023-05-20 14:54:58,310: DEBUG - ++ readonly 'XTRACE_ENABLE=set -o xtrace'
2023-05-20 14:54:58,310: DEBUG - ++ XTRACE_ENABLE='set -o xtrace'
2023-05-20 14:54:58,341: DEBUG - + app=mygpo
2023-05-20 14:54:58,341: DEBUG - + username=testuser
2023-05-20 14:54:58,342: DEBUG - + purge=True
2023-05-20 14:54:58,342: DEBUG - ++ ynh_app_setting_get --app=mygpo --key=final_path
2023-05-20 14:54:58,342: DEBUG - ++ local _globalapp=mygpo
2023-05-20 14:54:58,370: DEBUG - ++ app=mygpo
2023-05-20 14:54:58,370: DEBUG - ++ [[ final_path =~ (unprotected|protected|skipped)_ ]]
2023-05-20 14:54:58,370: DEBUG - ++ ynh_app_setting get mygpo final_path
2023-05-20 14:54:58,466: DEBUG - + final_path=/opt/yunohost/mygpo
2023-05-20 14:54:58,467: DEBUG - + env_path=/opt/yunohost/mygpo/envs/prod
2023-05-20 14:54:58,467: DEBUG - + pushd /opt/yunohost/mygpo
2023-05-20 14:54:58,467: DEBUG - /opt/yunohost/mygpo /etc/yunohost/hooks.d/post_user_delete
2023-05-20 14:54:58,467: DEBUG - + ynh_exec_as mygpo /opt/yunohost/mygpo/venv/bin/envdir /opt/yunohost/mygpo/envs/prod /opt/yunohost/mygpo/venv/bin/python /opt/yunohost/mygpo/manage.py shell
2023-05-20 14:54:58,467: DEBUG - + local user=mygpo
2023-05-20 14:54:58,468: DEBUG - + shift 1
2023-05-20 14:54:58,468: DEBUG - ++ whoami
2023-05-20 14:54:58,470: DEBUG - + [[ mygpo = root ]]
2023-05-20 14:54:58,471: DEBUG - + sudo -u mygpo /opt/yunohost/mygpo/venv/bin/envdir /opt/yunohost/mygpo/envs/prod /opt/yunohost/mygpo/venv/bin/python /opt/yunohost/mygpo/manage.py shell
2023-05-20 14:55:00,488: DEBUG - + popd
2023-05-20 14:55:00,489: DEBUG - /etc/yunohost/hooks.d/post_user_delete
<span class="alert-success">2023-05-20 14:55:01,490: SUCCESS - L'utilisateur a été supprimé</span></code>
Nextcloud Mail log for a failed IMAP connection (to the deleted external email account of the supposedly deleted YNH user)
Avertissement mail Horde_Imap_Client_Exception: Authentication failed.
/var/www/nextcloud/apps/mail/vendor/bytestream/horde-imap-client/lib/Horde/Imap/Client/Socket.php - line 4565:
Horde_Imap_Client_Socket->_responseCode()
/var/www/nextcloud/apps/mail/vendor/bytestream/horde-imap-client/lib/Horde/Imap/Client/Socket.php - line 4313:
Horde_Imap_Client_Socket->_getLine()
/var/www/nextcloud/apps/mail/vendor/bytestream/horde-imap-client/lib/Horde/Imap/Client/Socket.php - line 4241:
Horde_Imap_Client_Socket->_sendCmdChunk()
/var/www/nextcloud/apps/mail/vendor/bytestream/horde-imap-client/lib/Horde/Imap/Client/Socket.php - line 849:
Horde_Imap_Client_Socket->_sendCmd()
/var/www/nextcloud/apps/mail/vendor/bytestream/horde-imap-client/lib/Horde/Imap/Client/Socket.php - line 512:
Horde_Imap_Client_Socket->_tryLogin("*** sensiti ... *")
/var/www/nextcloud/apps/mail/vendor/bytestream/horde-imap-client/lib/Horde/Imap/Client/Base.php - line 850:
Horde_Imap_Client_Socket->_login("*** sensiti ... *")
/var/www/nextcloud/apps/mail/vendor/bytestream/horde-imap-client/lib/Horde/Imap/Client/Base.php - line 2507:
Horde_Imap_Client_Base->login("*** sensiti ... *")
/var/www/nextcloud/apps/mail/vendor/bytestream/horde-imap-client/lib/Horde/Imap/Client/Base.php - line 2490:
Horde_Imap_Client_Base->_fetchWrapper()
/var/www/nextcloud/apps/mail/lib/IMAP/MessageMapper.php - line 674:
Horde_Imap_Client_Base->fetch()
/var/www/nextcloud/apps/mail/lib/IMAP/PreviewEnhancer.php - line 86:
OCA\Mail\IMAP\MessageMapper->getBodyStructureData()
/var/www/nextcloud/apps/mail/lib/Service/PreprocessingService.php - line 81:
OCA\Mail\IMAP\PreviewEnhancer->process()
/var/www/nextcloud/apps/mail/lib/BackgroundJob/PreviewEnhancementProcessingJob.php - line 94:
OCA\Mail\Service\PreprocessingService->process()
/var/www/nextcloud/lib/public/BackgroundJob/Job.php - line 78:
OCA\Mail\BackgroundJob\PreviewEnhancementProcessingJob->run()
/var/www/nextcloud/lib/public/BackgroundJob/TimedJob.php - line 103:
OCP\BackgroundJob\Job->start()
/var/www/nextcloud/lib/public/BackgroundJob/TimedJob.php - line 93:
OCP\BackgroundJob\TimedJob->start()
/var/www/nextcloud/cron.php - line 152:
OCP\BackgroundJob\TimedJob->execute()
External Email server's log extract showing YNH server is trying to connect to it (despite "testuser" was deleted in YNH webadmin)
May 19 12:21:38 {ExtServerID} lfd[17129]: (imapd) Failed IMAP login from {YNH server's IP} ({YNH' server's country}): 10 in the last 3600 secs - *Blocked in csf* [LF_IMAPD]
May 19 14:37:39 {ExtServerID} dovecot: imap-login: Disconnected: Connection closed (auth failed, 2 attempts in 4 secs): user=, method=PLAIN, rip={YNH server's IP}, lip=10.195.0.5, TLS, session=
testuser@externalemailserver.com {YNH server's IP} {YNH server's country code} mail dovecot 2023-05-19 10:15:39 2023-05-19 16:15:39 5
ericgaspar
commented
10 months ago
Describe the bug
When deleting a user from YNH webadmin and asking for that user's data to be purged, the user appears to be removed from Nextcloud user list, but many tracks of it actually remains in Nextcloud MySQL database. Some might be considered as legitimate (I can think of past conversations for instance), but some are not. What concerns me in particular is that Nextcloud Mail keeps connecting via IMAP to the (removed) email account associated to the deleted user, which should obviously not happen (causing YNH server's IP being blocked on the external email server due to repeated connection errors).
Context
Steps to reproduce
mysqlUSE nextcloud;SELECT * FROM oc_mail_accounts WHERE user_id IN ('testuser');and you should see that the email account associated to the now deleted user is still here. For some reason Nextcloud Mail keeps trying to connect to it regularly.SELECT * FROM oc_accounts WHERE uid IN ('testuser');and you should see that the Nextcloud account correspondingnextcloudMySQL database (some of which, again, might be considered as legitimate):Expected behavior
When deleting a user from YNH webadmin, asking for the user's data to be purged, I would have expected all Nextcloud data spectific to the users (data and config stored) to be removed (what could remain are past conversations log and the business card saying maybe that the user was removed, so that other users are still able to access it).
Or in case data & config are not wiped out for safety purposes (to avoid accidental removal), a method to delete user data & config should at least be provided.
What is obvious is that Nextcloud Mail should not try to retrieve emails anymore for that accounts. Not sure at this stage whether there might a bug within Nextcloud Mail.
Logs
YNH user delete log
Nextcloud Mail log for a failed IMAP connection (to the deleted external email account of the supposedly deleted YNH user)
External Email server's log extract showing YNH server is trying to connect to it (despite "testuser" was deleted in YNH webadmin)