App-passwords not working

I migrated my owncloud server to new hardware. To do that, I just copied the whole server-directory over to the new hardware. Since the DB is on an external server, and the data also (nfs) that should suffice (I think).
After modifying the config (trusted domain) I started the server.
Everything seems OK. I can login with 2FA and see my files and directories.
The problem starts when I try to access the data via the desktop-client. There my old app-password is not recognized. Creating a new password does not help.
Reverting back to the old server, everything works, with the old passwords (other app-passwords : desktop/laptop).

Nothing gets logged that I can see. I now see there is a way to augment the log-level. I’ll search for that next. Or where should I look ?

TIA,

Koenraad.

Steps to reproduce

  1. start owncloud desktop client
  2. enter app-password

Expected behaviour

app-password should be accepted

Actual behaviour

Password is rejected, a message to create a new app-password is shown.
After the new password is created, the new password is rejected again, again showing the message to create a new app-password.

Server configuration

Operating system: ubuntu 20.04

Web server: apache2

Database: mysql

**PHP version:**7.3

ownCloud version: 10.4.1

Updated from an older ownCloud or fresh install: upgrade/migration. i.e. the old server was upgraded a while ago, now to new hardware with the same version (just copied the whole directory).

Where did you install ownCloud from: owncloud

Signing status (ownCloud 9.0 and above):

Login as admin user into your ownCloud and access 
http://example.com/index.php/settings/integrity/failed 
paste the results into https://gist.github.com/ and puth the link here.

The content of config/config.php:
{
“basic”: {
“license key”: “REMOVED SENSITIVE VALUE”,
“date”: “Sun, 12 Jul 2020 14:49:05 +0000”,
“ownCloud version”: “10.4.1.3”,
“ownCloud version string”: “10.4.1”,
“ownCloud edition”: “Community”,
“server OS”: “Linux”,
“server OS version”: “Linux uranus2 5.6.0-1017-oem #17-Ubuntu SMP Tue Jun 23 18:59:19 UTC 2020 x86_64”,
“server SAPI”: “fpm-fcgi”,
“webserver version”: “Apache/2.4.43 (Ubuntu)”,
“hostname”: “xxx.be”,
“logged-in user”: “root”
},
“stats”: {
“users”: {
“Database”: {
“count”: 7,
“seen”: 7,
“logged in (30 days)”: 2
}
},
“groups”: {
“OC\Group\Database”: 3
}
},
“config”: {
“trusted_domains”: [
“localhost”,
“xxx.be”,
“192.168.xxx.2”
],
“datadirectory”: “/net/mail/owncloud”,
“overwrite.cli.url”: “http://uranus2/owncloud”,
“dbtype”: “mysql”,
“dbname”: “owncloud1”,
“dbhost”: “sql-server”,
“dbtableprefix”: “oc_”,
“dbuser”: “REMOVED SENSITIVE VALUE”,
“dbpassword”: “REMOVED SENSITIVE VALUE”,
“logtimezone”: “Europe/Brussels”,
“log_rotate_size”: 52428800,
“logfile”: “/var/log/owncloud-new.log”,
“log_type”: “owncloud”,
“mail_smtpmode”: “smtp”,
“mail_smtphost”: “REMOVED SENSITIVE VALUE”,
“maintenance”: false,
“theme”: “”,
“loglevel”: 1,
“instanceid”: “oc86fdfc3a25”,
“passwordsalt”: “REMOVED SENSITIVE VALUE”,
“version”: “10.4.1.3”,
“installed”: true,
“forcessl”: true,
“secret”: “REMOVED SENSITIVE VALUE”,
“mail_from_address”: “REMOVED SENSITIVE VALUE”,
“mail_domain”: “REMOVED SENSITIVE VALUE”,
“mail_smtpport”: “25”,
“forceSSLforSubdomains”: true,
“trashbin_retention_obligation”: “auto”,
“singleuser”: false,
“memcache.local”: “\OC\Memcache\APCu”,
“memcache.locking”: “\OC\Memcache\Redis”,
“redis”: {
“host”: “localhost”,
“port”: 6379
}
},
“integritychecker”: {
“passing”: true,
“enabled”: true,
“result”: []
},
List of activated apps:
Enabled:

  • activity: 2.5.3
  • calendar: 1.6.4
  • comments: 0.3.0
  • configreport: 0.2.0
  • contacts: 1.5.5
  • dav: 0.5.0
  • federatedfilesharing: 0.5.0
  • files: 1.5.2
  • files_external: 0.7.1
  • files_mediaviewer: 1.0.2
  • files_pdfviewer: 0.11.1
  • files_sharing: 0.12.0
  • files_texteditor: 2.3.0
  • files_trashbin: 0.9.1
  • files_versions: 1.3.0
  • firstrunwizard: 1.2.0
  • gallery: 16.1.1
  • gpxpod: 2.2.2
  • market: 0.5.0
  • metadata: 0.10.0
  • notifications: 0.5.0
  • provisioning_api: 0.5.0
  • systemtags: 0.3.0
  • templateeditor: 0.4.0
  • twofactor_totp: 0.6.1
  • updatenotification: 0.2.1
    Disabled:
  • encryption
  • external
  • federation
  • user_external

Are you using external storage, if yes which one: nfs

Are you using encryption: no

Are you using an external user-backend, if yes which one: no

Client configuration

Browser: Firefox

Operating system: Kubuntu 18.04

Just added some logging :

‘log.conditions’ => [
[
‘users’ => [‘test1’],
‘logfile’ => ‘/tmp/test2.log’
]

Nothing gets logged for that user when trying to connect. That user was logged in on the web-interface, so that generated some logging. After logging out, nothing was logged any more.
But : it’s not the app-passwords, but the whole authentication is not working.
That test1 user has no 2FA, so should be able to log in with his regular password. He can’t.
When using the old server, everything is fine.
What am I missing ?
Thanks,
Koenraad.

Hey,

if everything is working on the “old” server but the issue started on the “new” server maybe the problem is causing by some environmental factors like different web server / PHP versions or configurations? I think you could try to compare both servers for such differences. For example i have read that the following isn’t supported at all:

because according to:

https://doc.owncloud.org/server/10.4/admin_manual/installation/system_requirements.html

only mod_php seems to be supported.

1 Like

Hi,
I tried it, because the only thing I could loose is time.
And it works !
My problem was that my old server is/was ubuntu 16.04. There the standard php is 5.6. So I installed 7.3 and enabled fcgi to activate it for owncloud. There is works.
On ubuntu 20.04 the standard php is 7.4, and owncloud is not ready for that, so I activated 7.3 in the same way as on ubuntu 16.04.
Now I have php7.3 as standard. I have to check if other virtual servers still work.

So, thanks for the idea to try.

2 Likes