After upgrade from 8.2.10 to 9.0.8 local users could not log in except the admin user

Steps to reproduce
1. Access login page
2. Enter username of a local user
3. Enter password
4. Click login

Expected behaviour
Successful user login. Local user should see his files.

Actual behaviour
After some time the browser shows "504 Gateway Time-out".

Server configuration
Operating system: Ubuntu 16.04.2 LTS
Web server: nginx 1.10.0
Database: mysql-server 5.7.17
PHP version: php7.0-fpm 7.0.17
ownCloud version (see ownCloud admin page): 9.0.8
Updated from an older ownCloud or fresh install: Updated from 8.2.10
Special configuration (external storage, external authentication, reverse proxy, server-side-encryption): none

ownCloud log (data/owncloud.log)

nginx error log

2017/03/26 12:55:50 [error] 8090#8090: *55 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "PROPFIND /remote.php/caldav/calendars/bob/pers%c3%b6nlich/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 12:55:53 [error] 8090#8090: *59 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "PROPFIND /remote.php/caldav/calendars/bob/pers%c3%b6nlich/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:11:25 [error] 8278#8278: *372 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "POST / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:15:49 [error] 8278#8278: *410 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "PROPFIND /remote.php/caldav/calendars/bob/familienkalender/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:15:49 [error] 8278#8278: *411 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "PROPFIND /remote.php/caldav/calendars/bob/pers%C3%B6nlich/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:15:58 [error] 8278#8278: *418 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "PROPFIND /remote.php/carddav/addressbooks/bob/kontakte/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:17:29 [error] 8278#8278: *441 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "POST / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:21:18 [error] 8278#8278: *499 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "POST / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:27:03 [error] 8666#8666: *11 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "POST / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:41:23 [error] 1566#1566: *13 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "POST / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"

Integrity status for oC9+
Not possible, because I already rolled back to 8.2.10.

Additional Information
I followed the Manual ownCloud Upgrade Documentation.

Here is my nginx vhost configuration:

## BEGIN OWNCLOUD CONFIGURATION ###############################################
upstream php-handler {
    server 127.0.0.1:9200;
}
server {
	listen 80;
	listen [::]:80;
	server_name host.example.com;
	return 301 https://$server_name$request_uri; # enforce https
}
server {
    # Listen on Port 443
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name host.example.com; 
    ssl_certificate /var/www/bob/sites/host.example.com/ssl/host.example.com_chained.crt;
ssl_certificate_key /var/www/bob/sites/host.example.com/ssl/host.example.com.key;

ssl_ciphers 'my ciphers here';

ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dh_params.pem;

# Add headers to serve security related headers
  	add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
  	add_header X-Content-Type-Options nosniff;
  	add_header X-Frame-Options "SAMEORIGIN";
  	add_header X-XSS-Protection "1; mode=block";
  	add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    # Path to the root of your installation
    root /var/www/bob/sites/$host/public;
    # Path to the logfiles
access_log /var/www/bob/sites/logs/host.example.com_access.log combined;
error_log /var/www/bob/sites/logs/host.example.com_error.log error;
    # Standardconfiguration from owncloud.org following
    # set max upload size
    client_max_body_size 10G;
    fastcgi_buffers 64 4K;
    # Disable gzip to avoid the removal of the ETag header
  	gzip off;
    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
    index index.php;
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }
    location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
        deny all;
    }
    location / {
        # The following 2 rules are only needed with webfinger
        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
        try_files $uri $uri/ index.php;
    }
    location ~ ^(.+?\.php)(/.*)?$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param HTTPS on;
		fastcgi_param modHeadersAvailable true;
        fastcgi_pass php-handler;
    }
    # Optional: set long EXPIRES header on static assets
    location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
        expires 30d;
        # Optional: Don't log access to assets
         access_log off;
    }
}
## END OWNCLOUD CONFIGURATION #################################################

Make sure that you're using the nginx config for oC9+ shown in the documentation [1].

[1] https://doc.owncloud.org/server/latest/admin_manual/installation/nginx_examples.html

Well, from what I could see I've adapted the example config to my setup the correct way.

Hi,

if you compare your posted nginx config with the one linked above this is far from being the same configuration.

Hi,

Now I finally had the time to compare the nginx configuration file examples thoroughly. I could see the differences, now.

But what do to first? Should I edit the nginx configuration file before or after doing the upgrade to OC 9.0.8? Any advice on this?

Best regards,
Tronde

Hi all,

Got the same issue (admin = OK, users = KO) with a 10.0.3 version... What was the advice on the nginx config?

Thanks in advance for any help!