Deleted files from external storage get stored on internal space

Steps to reproduce

  1. Mount external storage in userspace. For me it’s S3, but suppose it’s valid for all kinds of external storage
  2. Have files_trashbin enabled, same might be for files_versions (untested)
  3. Delete files from external storage

Expected behaviour

Retention of the deleted files should be on the external storage still

Actual behaviour

all files in trashbin get stored on local storage

Which could be an issue if storage was explicitly expanded with external ressources because of internal shortage of storage and a huge chunk of files get deleted

Server configuration

Operating system:
Red Hat Enterprise Linux Server release 7.8

Web server:

MariaDB 10.3

PHP version:

PHP Version 7.3.24

ownCloud version: (see ownCloud admin page)

Updated from an older ownCloud or fresh install:

Where did you install ownCloud from:
.zip File

Signing status (ownCloud 9.0 and above):

Login as admin user into your ownCloud and access 
paste the results into and puth the link here.

No errors have been found.

The content of config/config.php:

Log in to the web-UI with an administrator account and click on
'admin' -> 'Generate Config Report' -> 'Download ownCloud config report'
This report includes the config.php settings, the list of activated apps
and other details in a well sanitized form.


If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your ownCloud installation folder

*ATTENTION:* Do not post your config.php file in public as is. Please use one of the above
methods whenever possible. Both, the generated reports from the web-ui and from occ config:list
consistently remove sensitive data. You still may want to review the report before sending.
If done manually then it is critical for your own privacy to dilligently
remove *all* host names, passwords, usernames, salts and other credentials before posting.
You should assume that attackers find such information and will use them against your systems.

“system”: {
“instanceid”: “ocn0m55yidnr”,
“passwordsalt”: “REMOVED SENSITIVE VALUE”,
“trusted_domains”: [
“datadirectory”: “/home/whoamu/ocx-files/data”,
“overwrite.cli.url”: “”,
“logtimezone”: “UTC”,
“installed”: true,
“maintenance”: false,
“debug”: false,
“dbtype”: “mysql”,
“version”: “”,
“dbname”: “whoamu_ocx”,
“dbhost”: “”,
“dbtableprefix”: “oc_”,
“mail_from_address”: “REMOVED SENSITIVE VALUE”,
“mail_smtpmode”: “smtp”,
“default_language”: “de”,
“defaultapp”: “files”,
“knowledgebaseenabled”: false,
“trashbin_retention_obligation”: “3, 10”,
“versions_retention_obligation”: “3, 10”,
“activity_expire_days”: 365,
“theme”: “”,
“loglevel”: 3,
“log_type”: “owncloud”,
“logfile”: “/home/whoamu/logs/owncloud.log”,
“log_rotate_size”: 5242880,
“tempdirectory”: “/home/whoamu/tmp”,
“memcache.local”: “\OC\Memcache\APCu”,
“memcache.locking”: “\OC\Memcache\APCu”,
“mail_smtpsecure”: “tls”,
“mail_smtpauthtype”: “LOGIN”,
“mail_smtpauth”: 1,
“mail_smtphost”: “REMOVED SENSITIVE VALUE”,
“mail_smtpport”: “587”,
“mail_smtpname”: “REMOVED SENSITIVE VALUE”,
“mail_smtppassword”: “REMOVED SENSITIVE VALUE

List of activated apps:

If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your ownCloud installation folder.


  • activity: 2.5.4
  • calendar: 1.6.4
  • comments: 0.3.0
  • configreport: 0.2.0
  • contacts: 1.5.5
  • customgroups: 0.6.0
  • dav: 0.6.0
  • diagnostics: 0.1.4
  • extract: 1.2.4
  • federatedfilesharing: 0.5.0
  • federation: 0.1.0
  • files: 1.5.2
  • files_clipboard: 1.0.2
  • files_external: 0.7.1
  • files_external_ftp: 0.2.1
  • files_external_s3: 1.0.0
  • files_mediaviewer: 1.0.3
  • files_pdfviewer: 0.11.2
  • files_sharing: 0.13.0
  • files_texteditor: 2.3.0
  • files_textviewer: 1.0.3
  • files_trashbin: 0.9.1
  • files_versions: 1.3.0
  • firstrunwizard: 1.2.0
  • gallery: 16.1.1
  • guests: 0.9.0
  • impersonate: 0.5.0
  • market: 0.6.0
  • notifications: 0.5.2
  • oauth2: 0.4.4
  • provisioning_api: 0.5.0
  • tasks: 0.9.7
  • templateeditor: 0.4.0
  • twofactor_totp: 0.7.0
  • updatenotification: 0.2.1
  • encryption
  • external
  • systemtags
  • user_external

Are you using external storage, if yes which one: local/smb/sftp/…

yes, hence the problem.

Are you using encryption: yes/no


Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/…


LDAP configuration (delete this part if not used)

With access to your command line run e.g.:
sudo -u www-data php occ ldap:show-config
from within your ownCloud installation folder

Without access to your command line download the data/owncloud.db to your local
computer or access your SQL server remotely and run the select query:
SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap';

Eventually replace sensitive data as the name/IP-address of your LDAP server or groups.

Client configuration

Brave 1.16.72 Chromium: 86.0.4240.183 (Offizieller Build) (x86_64)

Operating system:
Mac OS 10.15.7


Web server error log

Insert your webserver log here

ownCloud log (data/owncloud.log)

Insert your ownCloud log here

Browser log

Insert your browser log here, this could for example include:

a) The javascript console log
b) The network log 
c) ...
1 Like

I think it might be better in this case to generate an issue in github

Depending on if you can reproduce the issue with all kinds of external storage or only with specific types it might be wort also checking the issue tracker for the specific type of external storage:

1 Like

I think it’s implemented that way, so not a bug.

So far, the alternative is to disable the files_trashbin app.

I guess the problem is that we can’t mark properly that a file has been deleted in the external storage.

  • Using an additional file to store the deletion info, or renaming the file by appending “deleted” or similar won’t do because the files are still accesible from the external storage.
  • Hiding the file or making it not-readable won’t do neither because the file is expected to be deleted. It will still consume space.
  • Other apps outside of ownCloud will still have access to those files and will likely ignore the ownCloud’s semantics for those files. They might break things in ownCloud.
  • There is no guarantee that ownCloud will have access to the trashbin area in the external storage, and maybe there isn’t any.

In this sense, I think there is no good mechanism to be used as trashbin in an external storage.

1 Like