Steps to reproduce
1.
2.
3.
Expected behaviour
Files that have not changed should not continuously sync.
Actual behaviour
Three days ago I received a notice that my data usage has exploded, and I determined that the culprit is the OC server running in my basement where 5+gigs of data is being re-sync'd continuously, over and over again, even though none of the files have changed. The server then sends the files back out to multiple clients, over and over.
Server configuration
Operating system:
Ubuntu 16.10
Web server:
Apache2
Database:
mysql
PHP version:
ownCloud version: (see ownCloud admin page)
10.0.0.12
Updated from an older ownCloud or fresh install:
updated
Where did you install ownCloud from:
Signing status (ownCloud 9.0 and above):
Login as admin user into your ownCloud and access
http://example.com/index.php/settings/integrity/failed
paste the results into https://gist.github.com/ and puth the link here.
No errors have been found.
The content of config/config.php:
{
"basic": {
"license key": "",
"date": "Tue, 04 Jul 2017 01:15:55 +0000",
"ownCloud version": "10.0.0.12",
"ownCloud version string": "10.0.0",
"ownCloud edition": "Community",
"server OS": "Linux",
"server OS version": "Linux jet 4.8.0-58-generic #63-Ubuntu SMP Mon Jun 26 17:08:21 UTC 2017 x86_64",
"server SAPI": "apache2handler",
"webserver version": "Apache\/2.4.18 (Ubuntu)",
"hostname": "XXXXXX",
"user count": 14,
"user directories": 14,
"logged-in user": "XXXXXX"
},
"config": {
"updatechecker": false,
"instanceid": "oczsx0tbcodr",
"passwordsalt": "REMOVED SENSITIVE VALUE",
"secret": "REMOVED SENSITIVE VALUE",
"trusted_domains": [
"*******"
],
"datadirectory": "\/media\/4T\/oc-data\/",
"overwrite.cli.url": "http:\/\/localhost\/owncloud",
"dbtype": "mysql",
"version": "10.0.0.12",
"dbname": "oc_2017",
"dbhost": "localhost",
"dbtableprefix": "oc_",
"dbuser": "REMOVED SENSITIVE VALUE",
"dbpassword": "REMOVED SENSITIVE VALUE",
"logtimezone": "UTC",
"installed": true,
"maintenance": false,
"theme": "",
"loglevel": 2,
"trashbin_retention_obligation": "auto",
"0": 10,
"versions_retention_obligation": "auto",
"1": 5,
"allow_user_to_change_display_name": true,
"updater.secret": "REMOVED SENSITIVE VALUE"
},
"integritychecker": {
"passing": true,
"enabled": true,
"result": []
},
"core": {
"installedat": "1483661997.4416",
"lastcron": "1499130952",
"lastupdateResult": "{\"version\":\"10.0.2\",\"versionstring\":\"ownCloud 10.0.2\",\"url\":\"https:\\/\\/download.owncloud.org\\/community\\/owncloud-10.0.2.zip\",\"web\":\"https:\\/\\/doc.owncloud.org\\/server\\/10.0\\/admin_manual\\/maintenance\\/upgrade.html\"}",
"lastupdatedat": "1499130915",
"public_files": "files_sharing\/public.php",
"public_webdav": "dav\/appinfo\/v1\/publicwebdav.php",
"shareapi_allow_public_upload": "no",
"shareapi_allow_resharing": "no",
"shareapi_allow_social_share": "no",
"shareapi_default_expire_date": "yes",
"shareapi_enabled": "yes",
"shareapi_expire_after_n_days": "4",
"updater.secret.created": "1499004058",
"vendor": ""
},
Log in to the web-UI with an administrator account and click on
'admin' -> 'Generate Config Report' -> 'Download ownCloud config report'
This report includes the config.php settings, the list of activated apps
and other details in a well sanitized form.
or
If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your ownCloud installation folder
*ATTENTION:* Do not post your config.php file in public as is. Please use one of the above
methods whenever possible. Both, the generated reports from the web-ui and from occ config:list
consistently remove sensitive data. You still may want to review the report before sending.
If done manually then it is critical for your own privacy to dilligently
remove *all* host names, passwords, usernames, salts and other credentials before posting.
You should assume that attackers find such information and will use them against your systems.
List of activated apps:
If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your ownCloud installation folder.
Are you using external storage, if yes which one: local/smb/sftp/...
Are you using encryption: yes/no
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...
LDAP configuration (delete this part if not used)
With access to your command line run e.g.:
sudo -u www-data php occ ldap:show-config
from within your ownCloud installation folder
Without access to your command line download the data/owncloud.db to your local
computer or access your SQL server remotely and run the select query:
SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap';
Eventually replace sensitive data as the name/IP-address of your LDAP server or groups.
Client configuration
Browser:
Operating system:
Logs
Web server error log
Insert your webserver log here
ownCloud log (data/owncloud.log)
Insert your ownCloud log here
Browser log
Insert your browser log here, this could for example include:
a) The javascript console log
b) The network log
c) ...