Server Internal Error - users completely locked out

[Githopp192]

Actual behaviour

Some user reported - they are not able to login via WEB anymore. They got "Server internal error" message.

Steps to reproduce

Users did try to logon several times - login not possbile anymore. Locked out

After disabling suspicous_login - the users could login again and server internal error gone

Expected behaviour

Nextcloud proudly praises of the many apps that are available. On the other hand, these apps should not interfere with the core function to the detriment of the cloud stability in general.

app errors

Client configuration details

--------------------------------

Winows 10, Mac & ore

Server configuration details

Version: Intel(R) Xeon(R) E-2136 CPU @ 3.30GHz Max Speed : 4300 MHz Current Speed: 3300 MHz Memory: 16GB

Operating System: CentOS Linux release 8.4.2105

Upstream OS : Derived from Red Hat Enterprise Linux 8.4

Webserver: Apache/2.4.37 (centos)

Database: mysql 10.3.28-MariaDB,

PHP version: PHP Version => 7.4.25

[PHP Modules] apcu bcmath bz2 calendar Core ctype curl date dom exif fileinfo filter ftp gd gettext gmp hash iconv igbinary imagick intl json ldap libsmbclient libxml mbstring memcached msgpack mysqli mysqlnd openssl pcntl pcre PDO pdo_mysql pdo_sqlite Phar posix readline redis Reflection session shmop SimpleXML smbclient sockets sodium SPL sqlite3 standard sysvmsg sysvsem sysvshm tokenizer xml xmlreader xmlwriter xsl Zend OPcache zip zlib

[Zend Modules] Zend OPcache

Nextcloud: - version: 21.0.5.1

Updated from an older Nextcloud/ownCloud or fresh install:

Where did you install Nextcloud from:

Signing status:

Login as admin user into your Nextcloud and access http://example.com/index.php/settings/integrity/failed paste the results here.

No errors have been found. { "system": { "memcache.distributed": "\OC\Memcache\Redis", "memcache.locking": "\OC\Memcache\Redis", "memcache.local": "\OC\Memcache\APCu", "filelocking.enabled": true, "redis": { "host": "REMOVED SENSITIVE VALUE", "port": 0, "dbindex": 0, "timeout": 1.5, "password": "REMOVED SENSITIVE VALUE" }, "passwordsalt": "REMOVED SENSITIVE VALUE", "secret": "REMOVED SENSITIVE VALUE", "trusteddomains": [ ], "datadirectory": "REMOVED SENSITIVE VALUE", "htaccess.RewriteBase": "\/", "overwriteprotocol": "https", "dbtype": "mysql", "version": "21.0.5.1", "dbname": "REMOVED SENSITIVE VALUE", "dbhost": "REMOVED SENSITIVE VALUE", "dbport": "", "dbtableprefix": "oc", "mysql.utf8mb4": true, "dbuser": "REMOVED SENSITIVE VALUE", "dbpassword": "REMOVED SENSITIVE VALUE", "installed": true, "maintenance": false, "theme": "", "loglevel": 2, "auth.bruteforce.protection.enabled": true, "check_for_working_htaccess": true, "updater.release.channel": "stable", "logfile": "\/media\/log\/nextcloud.log", "instanceid": "REMOVED SENSITIVE VALUE", "mail_from_address": "REMOVED SENSITIVE VALUE", "mail_smtpmode": "xxxx", "mail_smtpauthtype": "LOGIN", "mail_domain": "REMOVED SENSITIVE VALUE", "mail_smtpsecure": "tls", "mail_smtpauth": 1, "mail_smtpname": "REMOVED SENSITIVE VALUE", "mail_smtppassword": "REMOVED SENSITIVE VALUE", "mail_smtphost": "REMOVED SENSITIVE VALUE", "mail_smtpport": "xxxxx", "session_lifetime": xxxx, "session_keepalive": false, "default_phone_region": "xxxx", "knowledgebaseenabled": false, "log_rotate_size": 3145728, "mail_sendmailmode": "smtp", "app_install_overwrite": [ "passman", "dicomviewer", "radio", "cookbook", "health" ] },

Enabled:

• accessibility: 1.7.0
• activity: 2.14.3
• analytics: 3.6.1
• announcementcenter: 5.0.1
• apporder: 0.13.0
• audioplayer: 3.2.2
• audioplayer_editor: 0.3.0
• audioplayer_sonos: 1.3.0
• bookmarks: 10.0.2
• breezedark: 21.0.11
• bruteforcesettings: 2.2.0
• calendar: 2.3.4
• circles: 0.21.4
• cloud_federation_api: 1.4.0
• cms_pico: 1.0.16
• comments: 1.11.0
• contacts: 4.0.3
• contactsinteraction: 1.2.0
• cookbook: 0.9.6
• cospend: 1.3.7
• dashboard: 7.1.0
• data_request: 1.8.0
• dav: 1.17.1
• deck: 1.4.5
• dicomviewer: 1.2.2
• documentserver_community: 0.1.11
• drawio: 1.0.1
• drop_account: 1.0.2
• end_to_end_encryption: 1.7.1
• event_update_notification: 1.3.0
• extract: 1.3.2
• federatedfilesharing: 1.11.0
• federation: 1.11.0
• files: 1.16.0
• files_antivirus: 3.2.2
• files_automatedtagging: 1.11.0
• files_downloadactivity: 1.11.1
• files_external: 1.12.0
• files_external_onedrive: 1.1.0
• files_markdown: 2.3.4
• files_mindmap: 0.0.25
• files_pdfviewer: 2.1.0
• files_photospheres: 1.21.1
• files_rightclick: 1.0.0
• files_sharing: 1.13.1
• files_trashbin: 1.11.0
• files_versions: 1.14.0
• files_videoplayer: 1.10.0
• firstrunwizard: 2.10.0
• flow_notifications: 1.1.0
• forms: 2.3.0
• gpxmotion: 0.1.0
• gpxpod: 4.2.8
• groupfolders: 9.0.3
• health: 1.3.0
• impersonate: 1.8.0
• integration_discourse: 1.0.0
• integration_dropbox: 1.0.1
• integration_github: 1.0.0
• integration_gitlab: 1.0.0
• integration_google: 1.0.2
• integration_jira: 1.0.0
• integration_mastodon: 1.0.0
• integration_moodle: 1.0.0
• integration_onedrive: 1.0.4
• integration_openproject: 1.0.4
• integration_reddit: 0.0.11
• integration_suitecrm: 0.0.4
• integration_twitter: 1.0.0
• integration_zammad: 1.0.1
• logreader: 2.6.0
• lookup_server_connector: 1.9.0
• maps: 0.1.9
• nextcloud_announcements: 1.10.0
• notes: 4.1.1
• notifications: 2.9.0
• oauth2: 1.9.0
• onlyoffice: 7.1.2
• passman: 2.3.1335
• password_policy: 1.11.0
• photos: 1.3.0
• podcast: 0.3.1
• polls: 3.3.0
• privacy: 1.5.0
• provisioning_api: 1.11.0
• quicknotes: 0.7.2
• quota_warning: 1.11.0
• rainloop: 7.1.2
• ransomware_protection: 1.11.0
• recommendations: 1.0.0
• serverinfo: 1.11.0
• settings: 1.3.0
• sharebymail: 1.11.0
• social: 0.4.2
• socialsharing_diaspora: 2.3.0
• socialsharing_email: 2.3.0
• socialsharing_facebook: 2.3.0
• socialsharing_twitter: 2.3.0
• spreed: 11.3.3
• support: 1.4.0
• systemtags: 1.11.0
• talk_matterbridge: 1.22.4
• tasks: 0.14.2
• terms_of_service: 1.7.1
• text: 3.2.0
• theming: 1.12.0
• timemanager: 0.2.5
• twofactor_backupcodes: 1.10.0
• twofactor_totp: 6.1.0
• updatenotification: 1.11.0
• user_status: 1.1.1
• video_converter: 1.0.3
• viewer: 1.5.0
• weather_status: 1.1.0
• welcome: 1.0.0
• workflow_media_converter: 1.2.12
• workflow_ocr: 1.21.1
• workflow_pdf_converter: 1.6.0
• workflow_script: 1.6.0
• workflowengine: 2.3.1 Disabled:
• admin_audit
• encryption
• external
• files_3d
• files_accesscontrol
• files_fulltextsearch
• flowupload
• fulltextsearch
• fulltextsearch_elasticsearch
• gpxedit
• integration_whiteboard
• issuetemplate
• joplin
• ojsxc
• passwords
• registration
• side_menu
• socialsharing_googleplus
• survey_client
• talked
• user_ldap
• weather

[ChristophWurst]

Sounds like a dependency conflict with the Flysystem library

[Githopp192]

Sounds like a dependency conflict with the Flysystem library

yes, i do like the appropr. FlySystem :-)

How we can troubleshoot this?

[ChristophWurst]

There must be at least one other app shipping a incompatible version of https://packagist.org/packages/league/flysystem. You could search your apps/ directory for paths like league/flysystem.

[Githopp192]

Christoph .. first time after reading "flysystem" i thought, you have made a typo. After you did repeat "flysystem", i realized - ok, seems to be something behind the story :-)

That's what the search found:

nextclod# find . -name 'flysystem'

./nextcloud/3rdparty/league/flysystem ./nextcloud/apps/files_external_onedrive/vendor/hevelius/flysystem-onedrive ./nextcloud/apps/files_external_onedrive/vendor/league/flysystem ./nextcloud/apps/files_external_onedrive/vendor/league/flysystem-cached-adapter

Is ONEDRIVE one of the culprits (i almost knew, that microsoft has got their fingers in). ?

[ChristophWurst]

Then this is even a known issue: https://github.com/nextcloud/suspicious_login/issues/509#issuecomment-883790040 ;)