# [solved] Permission problem with nextcloud

## equaeghe

I'm trying to install and configure nextcloud on my Gentoo VPS. Installation using webapp-config into the right spot seems to have gone well, as well as the installation part using nextcloud's occ command. However, when I try to access my nextcloud instance from the internet, I get a nice nextcloud page saying an internal server error has occurred. Looking in my logs, I see that there are apparently some permission issues:

```
[error] 1181863#0: *183 FastCGI sent in stderr:

"PHP message: {"reqId":"…","level":3,"time":"…","remoteAddr":"…","user":"--","app":"PHP","method":"GET","url":"/index.php/csrftoken","message":"touch(): Utime failed: Permission denied at …/nextcloud/lib/private/Config.php#241","userAgent":"…","version":""}

PHP message: {"reqId":"…","level":3,"time":"…","remoteAddr":"…","user":"--","app":"PHP","method":"GET","url":"/index.php/csrftoken","message":"fopen(…/nextcloud/config/config.php): failed to open stream: Permission denied at …/nextcloud/lib/private/Config.php#242","userAgent":"…","version":""}

PHP message: {"reqId":"…","level":3,"time":"…","remoteAddr":"…","user":"--","app":"PHP","method":"GET","url":"/index.php/csrftoken","message":"chmod(): Operation not permitted at …/nextcloud/lib/private/Config.php#245","userAgent":"…","version":""}

PHP message: {"reqId":"…","level":3,"time":"…","remoteAddr":"…","user":"--","app":"index","method":"GET","url":"/index.php/csrftoken","message":{"Exception":"OC\\HintException","Message":"Can't write into config directory!","Code":0,"Trace":[{"file":"…/nextcloud/lib/private/Config.php","line":133,"function":"writeData","class":"OC\\Config","type":"->"},{"file":"…/nextcloud/lib/private/SystemConfig.php","line":112,"function":"setValue","class":"OC\\Config","type":"->"},{"file":"…/nextcloud/lib/private/legacy/util.php","line":1151,"function":"setValue","class":"OC\\SystemConfig","type":"->"},{"file":"/srv/c…

[error] 1181863#0: *183 FastCGI sent in stderr:

"PHP message: {"reqId":"…","level":3,"time":"…","remoteAddr":"…","user":"--","app":"PHP","method":"GET","url":"/index.php/csrftoken","message":"chmod(): Operation not permitted at …/nextcloud/lib/private/Log/File.php#84","userAgent":"…","version":""}"

while reading upstream, client: …, server: …, request: "GET /index.php/csrftoken HTTP/2.0", upstream: "fastcgi://127.0.0.1:9000", host: "…", referrer: "https://…/"
```

When I look at the nextcloud directory, I see:

```
nextcloud # ls -al

total 1944

drwxr-xr-x 14 root  root     4096 21 mei 17:44 .

drwxr-xr-x  3 root  root     4096 21 mei 17:44 ..

drwxr-xr-x 33 root  root     4096 21 mei 17:44 3rdparty

drwxrwxr-x 43 nginx nginx    4096 21 mei 17:44 apps

-rw-r--r--  2 root  root    15752 26 apr 21:36 AUTHORS

drwxrwxr-x  2 nginx nginx    4096 21 mei 21:26 config

-rw-r--r--  2 root  root     3910 26 apr 21:36 console.php

-rw-r--r--  2 root  root    34520 26 apr 21:36 COPYING

drwxr-xr-x 23 root  root     4096 21 mei 17:44 core

-rw-r--r--  2 root  root     5048 26 apr 21:36 cron.php

drwxrwxr-x  3 nginx nginx    4096 21 mei 21:29 data

-rw-r--r--  1 root  root     2537 21 mei 17:44 .htaccess

-rw-r--r--  2 root  root      156 26 apr 21:36 index.html

-rw-r--r--  2 root  root     2976 26 apr 21:36 index.php

drwxr-xr-x  6 root  root     4096 21 mei 17:44 lib

-rw-r--r--  2 root  root      283 26 apr 21:36 occ

drwxr-xr-x  2 root  root     4096 21 mei 17:44 ocm-provider

drwxr-xr-x  2 root  root     4096 21 mei 17:44 ocs

drwxr-xr-x  2 root  root     4096 21 mei 17:44 ocs-provider

-rw-r--r--  2 root  root     3056 26 apr 21:36 public.php

-rw-r--r--  2 root  root     5235 26 apr 21:36 remote.php

drwxr-xr-x  4 root  root     4096 21 mei 17:44 resources

-rw-r--r--  2 root  root       26 26 apr 21:36 robots.txt

-rw-r--r--  2 root  root     2381 26 apr 21:36 status.php

drwxr-xr-x  3 root  root     4096 21 mei 17:44 themes

drwxr-xr-x  2 root  root     4096 21 mei 17:44 updater

-rw-r--r--  2 root  root      101 26 apr 21:36 .user.ini

-rw-r--r--  2 root  root      362 26 apr 21:36 version.php

-rw-------  1 root  root      335 21 mei 17:44 .webapp

-rw-------  1 root  root  1815241 21 mei 17:44 .webapp-nextcloud-18.0.4
```

AFAICT, the config and data directories have the correct owner (the http server, nginx), but I must be mistaken about something. Could it be that php doesn't have sufficient rights? Any help getting beyond this roadblock is much appreciated.Last edited by equaeghe on Fri May 22, 2020 12:37 pm; edited 1 time in total

----------

## alamahant

Hi lets check if nginx+fastcgi really work without nextcloud...

Please run

```

echo "<?php phpinfo() ?>" > /var/www/localhost/htdocs/index.php

rc-service nginx restart

firefox<-bin> http://localhost/index.php

```

If you get to see the php page with fastcgi enabled then the nextcloud installation is to blame  somewhere and you should look there....

 :Smile: 

----------

## xaviermiller

Hi,

Check the ownner and permissions of the config file (nextcloud/config/config.php). It should be writeable by the user/group of the http server.

----------

## equaeghe

 *alamahant wrote:*   

> Hi lets check if nginx+fastcgi really work without nextcloud...

 

Yes, the phpinfo page lists fastcgi as active.

----------

## equaeghe

 *xaviermiller wrote:*   

> Check the ownner and permissions of the config file (nextcloud/config/config.php). It should be writeable by the user/group of the http server.

 

Hmm, it is nginx:nginx, which I though was correct, but the phpinfo pages tells me USER is nobody. So that may be the issue. How can I check what the actual user is of the http server? How can I set it to nginx if it is not yet?

----------

## alamahant

Hi 

please run

```

chown -R nginx. <nextcloud-dir>/lib

```

And restart nginx...

 :Smile: 

----------

## equaeghe

 *alamahant wrote:*   

> please run
> 
> ```
> 
> chown -R nginx. <nextcloud-dir>/lib
> ...

 

That did not help. I wasn't expecting it to, as the lib directory is clearly read and the messages “fopen(…/nextcloud/config/config.php): failed to open stream” and “Can't write into config directory!” indicate the issue is located in the config directory. I'd like to explore the user nginx vs. user nobody option, but do not know how.

----------

## equaeghe

 *equaeghe wrote:*   

>  *xaviermiller wrote:*   Check the ownner and permissions of the config file (nextcloud/config/config.php). It should be writeable by the user/group of the http server. 
> 
> Hmm, it is nginx:nginx, which I though was correct, but the phpinfo pages tells me USER is nobody. So that may be the issue.

 

It was. Some Googling allowed me to fix it. The solution was given here: https://serverfault.com/questions/617392/why-is-php-fpm-running-as-nobody/617399#617399.

Namely, I have to make sure that PHP uses the nginx user.

For that, I needed to change /etc/php/fpm-php7.4/fpm.d/www.conf.

```
; Unix user/group of processes

; Note: The user is mandatory. If the group is not set, the default user's group

;       will be used.

user = nginx

group = nginx

```

(Before there was nobody instead of nginx.)

----------

