Master key encrypted setup - File moved out from user folder and back on OS level, can't see

Steps to reproduce

  1. Set master key encryption nowncloud
  2. move out a file from the user’s files firectory to somewhere else on a linux level
  3. move it back like 3 months later
  4. Even if the link is there to the file in the users ui and put back the original file to it’s original location, if they click on it, not found.

Expected behaviour

User should be able to open

Actual behaviour

Can’t download

Server configuration

Operating system: centos 7

Web server: httpd, apache

Database: mariadb galera cluster

PHP version: 7.4

ownCloud version:

Updated from an older ownCloud or fresh install: updated

Where did you install ownCloud from: tar.gz file

Signing status (ownCloud 9.0 and above): not sure

Integrity checker has been disabled. Integrity cannot be verified.

The content of config/config.php:

“system”: {
“instanceid”: “ocj6qt5t097u”,
“passwordsalt”: “REMOVED SENSITIVE VALUE”,
“trusted_domains”: [
“datadirectory”: “/owncloud”,
“overwrite.cli.url”: “”,
“overwritehost”: “”,
“dbtype”: “mysql”,
“version”: “”,
“dbname”: “owncloud”,
“dbhost”: “”,
“dbtableprefix”: “oc_”,
“mysql.utf8mb4”: true,
“lost_password_link”: “disabled”,
“default_language”: “en”,
“allow_user_to_change_mail_address”: “”,
“logtimezone”: “Asia/Bangkok”,
“integrity.check.disabled”: true,
“memcache.local”: “\OC\Memcache\APCu”,
“apps_paths”: [
“path”: “/var/www/html/apps”,
“url”: “/apps”,
“writable”: false
“path”: “/var/www/html/apps-external”,
“url”: “/apps-external”,
“writable”: true
“installed”: true,
“ldapIgnoreNamingRules”: false,
“maintenance”: false,
“loglevel”: 2

List of activated apps:

  • activity:
    • Version: 2.7.1
    • Path: /var/www/html/apps/activity
  • comments:
    • Version: 0.3.0
    • Path: /var/www/html/apps/comments
  • dav:
    • Version: 0.7.0
    • Path: /var/www/html/apps/dav
  • encryption:
    • Version: 1.5.3
    • Path: /var/www/html/apps/encryption
  • federatedfilesharing:
    • Version: 0.5.0
    • Path: /var/www/html/apps/federatedfilesharing
  • files:
    • Version: 1.5.2
    • Path: /var/www/html/apps/files
  • files_antivirus:
    • Version: 1.1.0
    • Path: /var/www/html/apps/files_antivirus
  • files_external:
    • Version: 0.9.0
    • Path: /var/www/html/apps/files_external
  • files_mediaviewer:
    • Version: 1.0.5
    • Path: /var/www/html/apps/files_mediaviewer
  • files_pdfviewer:
    • Version: 1.0.1
    • Path: /var/www/html/apps/files_pdfviewer
  • files_sharing:
    • Version: 0.14.0
    • Path: /var/www/html/apps/files_sharing
  • files_texteditor:
    • Version: 2.4.1
    • Path: /var/www/html/apps/files_texteditor
  • files_trashbin:
    • Version: 0.9.1
    • Path: /var/www/html/apps/files_trashbin
  • notifications:
    • Version: 0.5.4
    • Path: /var/www/html/apps/notifications
  • provisioning_api:
    • Version: 0.5.0
    • Path: /var/www/html/apps/provisioning_api
  • systemtags:
    • Version: 0.3.0
    • Path: /var/www/html/apps/systemtags
  • user_ldap:
    • Version: 0.16.0
    • Path: /var/www/html/apps/user_ldap

Are you using external storage, if yes which one: glusterfs

Are you using encryption: yes

Are you using an external user-backend, if yes which one: LDAP

LDAP configuration (delete this part if not used)

I think not relevant to this issue so let me not put.

Client configuration

Browser: chrome, firefox, edge, safari

Operating system: apple, windows


Web server error log

I think this still not relevant but I’ll provide if needed

ownCloud log (data/owncloud.log)

I think this still not relevant but I’ll provide if needed

Browser log

I think this still not relevant but I’ll provide if needed

I think this could be the source of the problem because i think this is unsupported as i have seen statements like this in the documentation provided by the ownCloud people:

The data directory on the server is exclusive to ownCloud and must not be modified manually.

1 Like

hasn’t been modified actually, just moved out :confused:

How is moving a file on the server not modifying the contents of a folder?

The important part of what @tom42 shared is that you shouldn’t be manipulating the ownCloud server filesystem directly. You need to use an ownCloud client (or WebDAV) to access those files.

1 Like

ok, so is there any way to access it or not?

Actually your case sounds easier, you just need to run a file:scan to get it back into the system.
Assuming that you have not changed the masterkey, nor the salt this should make it work.


Thank you, let me put back the file and scan.

No :frowning: So the file is visible but can’t open :confused:
Tried with .pdf and .png

PDF errors like this:

PDF.js v2.9.0 (build: 58621ea)
Message: Unexpected server response (500) while retrieving PDF "".

PNG like this:

Did you do the other things from the docs?
Restoring ownCloud :: ownCloud Documentation
Generally its indeed a bad idea, sorry for my misleading comment.

1 Like

I guess this part:

Restoring Files From a Backup When Encryption Is Enabled

So I get the values that is written:

MariaDB [owncloud]> SELECT fileid FROM oc_filecache WHERE path = 'files/promql-ceph.png' AND storage = 9;
| fileid |
| 436626 |
1 row in set (0.001 sec)

MariaDB [owncloud]> SELECT encrypted FROM oc_filecache WHERE path = 'files/promql-ceph.png' AND storage = 9;
| encrypted |
|         0 |
1 row in set (0.001 sec)

But the encrypted value is already 0 in the DB that I should set to the queried encrypted value :confused:

Should I set to 1 actually?


i think any use case which needs changes in a database is a bad idea and i think this is the best approach:

1 Like

So if I’d have been moved the files with some client or webdav out and after move back, it should work?

As long as you moved it back with the ownCloud client or WebDAV, yes.

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.