After upgrade from 8.2.10 to 9.0.8 local users could not log in except the admin user

upgrade

#1

Steps to reproduce
1. Access login page
2. Enter username of a local user
3. Enter password
4. Click login

Expected behaviour
Successful user login. Local user should see his files.

Actual behaviour
After some time the browser shows "504 Gateway Time-out".

Server configuration
Operating system: Ubuntu 16.04.2 LTS
Web server: nginx 1.10.0
Database: mysql-server 5.7.17
PHP version: php7.0-fpm 7.0.17
ownCloud version (see ownCloud admin page): 9.0.8
Updated from an older ownCloud or fresh install: Updated from 8.2.10
Special configuration (external storage, external authentication, reverse proxy, server-side-encryption): none

ownCloud log (data/owncloud.log)

nginx error log

2017/03/26 12:55:50 [error] 8090#8090: *55 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "PROPFIND /remote.php/caldav/calendars/bob/pers%c3%b6nlich/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 12:55:53 [error] 8090#8090: *59 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "PROPFIND /remote.php/caldav/calendars/bob/pers%c3%b6nlich/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:11:25 [error] 8278#8278: *372 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "POST / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:15:49 [error] 8278#8278: *410 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "PROPFIND /remote.php/caldav/calendars/bob/familienkalender/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:15:49 [error] 8278#8278: *411 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "PROPFIND /remote.php/caldav/calendars/bob/pers%C3%B6nlich/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:15:58 [error] 8278#8278: *418 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "PROPFIND /remote.php/carddav/addressbooks/bob/kontakte/ HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:17:29 [error] 8278#8278: *441 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "POST / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:21:18 [error] 8278#8278: *499 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "POST / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:27:03 [error] 8666#8666: *11 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "POST / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"
2017/03/26 13:41:23 [error] 1566#1566: *13 upstream timed out (110: Connection timed out) while reading response header from upstream, client: IP-ADDRESS, server: host.example.com, request: "POST / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9200", host: "host.example.com"

Integrity status for oC9+
Not possible, because I already rolled back to 8.2.10.

Additional Information
I followed the Manual ownCloud Upgrade Documentation.

Here is my nginx vhost configuration:

## BEGIN OWNCLOUD CONFIGURATION ###############################################
upstream php-handler {
    server 127.0.0.1:9200;
}
server {
	listen 80;
	listen [::]:80;
	server_name host.example.com;
	return 301 https://$server_name$request_uri; # enforce https
}
server {
    # Listen on Port 443
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name host.example.com; 
    ssl_certificate /var/www/bob/sites/host.example.com/ssl/host.example.com_chained.crt;
ssl_certificate_key /var/www/bob/sites/host.example.com/ssl/host.example.com.key;

ssl_ciphers 'my ciphers here';

ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dh_params.pem;

# Add headers to serve security related headers
  	add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
  	add_header X-Content-Type-Options nosniff;
  	add_header X-Frame-Options "SAMEORIGIN";
  	add_header X-XSS-Protection "1; mode=block";
  	add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    # Path to the root of your installation
    root /var/www/bob/sites/$host/public;
    # Path to the logfiles
access_log /var/www/bob/sites/logs/host.example.com_access.log combined;
error_log /var/www/bob/sites/logs/host.example.com_error.log error;
    # Standardconfiguration from owncloud.org following
    # set max upload size
    client_max_body_size 10G;
    fastcgi_buffers 64 4K;
    # Disable gzip to avoid the removal of the ETag header
  	gzip off;
    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
    index index.php;
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }
    location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
        deny all;
    }
    location / {
        # The following 2 rules are only needed with webfinger
        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
        try_files $uri $uri/ index.php;
    }
    location ~ ^(.+?\.php)(/.*)?$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param HTTPS on;
		fastcgi_param modHeadersAvailable true;
        fastcgi_pass php-handler;
    }
    # Optional: set long EXPIRES header on static assets
    location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
        expires 30d;
        # Optional: Don't log access to assets
         access_log off;
    }
}
## END OWNCLOUD CONFIGURATION #################################################

#2

Make sure that you're using the nginx config for oC9+ shown in the documentation [1].

[1] https://doc.owncloud.org/server/latest/admin_manual/installation/nginx_examples.html


#3

Well, from what I could see I've adapted the example config to my setup the correct way.


#4

Hi,

if you compare your posted nginx config with the one linked above this is far from being the same configuration.


#5

Hi,

Now I finally had the time to compare the nginx configuration file examples thoroughly. I could see the differences, now.

But what do to first? Should I edit the nginx configuration file before or after doing the upgrade to OC 9.0.8? Any advice on this?

Best regards,
Tronde


#6

Hi all,

Got the same issue (admin = OK, users = KO) with a 10.0.3 version... What was the advice on the nginx config?

Thanks in advance for any help!