Can't move key location

encryption

#1

Steps to reproduce

  1. Install ownCloud
  2. Enable encryption (master key)
  3. Move Key Location

Expected behaviour

Changing the key location from the original location to /etc/keys

Actual behaviour

Getting an error saying “New root folder doesn’t exist. Please create the folder or check the permissions and try again.”

Server configuration

Operating system:
Ubuntu Server 18.04 LTS
Web server:
Apache 2.4.29
Database:
MySQL 5.7.23-0ubuntu0.18.04.1
PHP version:
PHP Version 7.2.7-0ubuntu0.18.04.2
ownCloud version: (see ownCloud admin page)
10.0.9.5
Updated from an older ownCloud or fresh install:
fresh install
Where did you install ownCloud from:
The official owncloud repositories
Signing status (ownCloud 9.0 and above):
No errors have been found.

The content of config/config.php:
{
“system”: {
“updatechecker”: false,
“instanceid”: “oczn6emam469”,
“passwordsalt”: “REMOVED SENSITIVE VALUE”,
“secret”: “REMOVED SENSITIVE VALUE”,
“trusted_domains”: [
“192.168.70.206”,
],
“datadirectory”: “/media/owncloud”,
“overwrite.cli.url”: “http://192.168.70.206/”,
“dbtype”: “mysql”,
“version”: “10.0.9.5”,
“dbname”: “owncloud”,
“dbhost”: “localhost”,
“dbtableprefix”: “oc_”,
“mysql.utf8mb4”: true,
“dbuser”: “REMOVED SENSITIVE VALUE”,
“dbpassword”: “REMOVED SENSITIVE VALUE”,
“logtimezone”: “Europe/Berlin”,
“installed”: true,
“memcache.local”: “\OC\Memcache\Redis”,
“filelocking.enabled”: “true”,
“memcache.distributed”: “\OC\Memcache\Redis”,
“memcache.locking”: “\OC\Memcache\Redis”,
“redis”: {
“host”: “localhost”,
“port”: 6379,
“timeout”: 0,
“dbindex”: 0
},
“singleuser”: false
}
}

List of activated apps:

Enabled:

  • comments: 0.3.0
  • configreport: 0.1.1
  • dav: 0.3.2
  • encryption: 1.3.1
  • federatedfilesharing: 0.3.1
  • federation: 0.1.0
  • files: 1.5.1
  • files_external: 0.7.1
  • files_sharing: 0.10.1
  • files_trashbin: 0.9.1
  • files_versions: 1.3.0
  • files_videoplayer: 0.9.8
  • firstrunwizard: 1.1
  • market: 0.2.5
  • notifications: 0.3.4
  • provisioning_api: 0.5.0
  • systemtags: 0.3.0
  • updatenotification: 0.2.1

Are you using external storage, if yes which one:

Are you using encryption: yes/no
yes
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/…
no

Client configuration

Browser:
Google Chrome Version 68.0.3440.84
Operating system:
Windows 7 Professional

I’ve done all the steps like said in the documentation but everytime I’m running into the same issue. The www-data and root user have both access to the folder and also the neccessary permissions.

It’s worth to notice that my data folder is on a second partition mounted on /media/owncloud.

Also I’m accessing the ubuntu-server via PuTTY (SSH).

I’ve also re-done these steps with different folders (e.g. /keys/ or /etc/enc/ and so on) but I always got the same error message.

Hope you guys can help me - thanks in advance!

Best
jf712


#2

Hey,

is no one out there who’s got any suggestions?

All the best
jf712


#3

Maybe @sharidasan can help.


#4

I am afraid if you can move keys out of your data folder ( assuming your data folder is not /etc ). The error says that you need to create a folder inside the data folder so that you can change the location of the keys from the default location to the new location.

Let me know if you find it helpful.


#5

Do I understand you right, that it is only possible to move the keys to a new directory inside the data folder and not to an external folder?
As I said in the first post, my data-folder is /media/owncloud and I want to move the key-directory to /etc/keys - this is not possible?

Best
Julian


#6

Yes you are right. Inside data folder you can create a new directory and move your keys. Hope this helps you?


#7

To give you a direct answer - No this is not possible.

You can’t move the keys outside your Data Directory


#8

Okay, thank you for your answers :slight_smile:

Then the documentation for ‘Encryption Configuration’ should be edited. It doesn’t mention that you can’t move your keys outside your data folder. Instead it says that you can even move them to any root folder either local or on another server. This is totally confusing and heading the user to the wrong direction.
Also the example in the documentation shows moving the keys to /etc/keys/.


#9

Thanks for your feedback. I will edit the documentation to reflect your experience :slight_smile:

Only with feedback like yours the documentation can grow and improve.