Unable to Create Folder - Redis Server Went Away


#1

Steps to reproduce

  1. Log into Owncloud
  2. Navigate to one of the default folders from the home screen
  3. Create a new folder or drag and drop a photo to any of the folders

Expected behaviour

Should be able to create new folder or upload content to the Owncloud WebUI server

Actual behaviour

When creating a new folder, a yellow notification message said "Could not create folder folder-name"
When drag and drop a file to the server, a yellow message said "Redis server went away."

Server configuration

CentOS Linux release 7.3.1611 (Core)

Database:

mysql  Ver 15.1 Distrib 5.5.56-MariaDB, for Linux (x86_64) using readline 5.1

PHP version:

PHP 7.2.3 (cli) (built: Mar  2 2018 12:41:10) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies

ownCloud version: (see ownCloud admin page)

ownCloud	10.0.7 (stable)

Where did you install ownCloud from:
Fresh install by downloading from Owncloud and followed the manual install method posted.

The content of config/config.php:

    <?php
    $CONFIG = array (
      'instanceid' => '*********',
      'passwordsalt' => '*********',
      'secret' => '*********',
      'trusted_domains' => 
      array (
        0 => 'owncloud-server',
        1 => '*********',
      ),
      'datadirectory' => '/path/to/data/',
      'overwrite.cli.url' => 'https://owncloud-server/owncloud',
      'dbtype' => 'sqlite3',
      'version' => '10.0.7.2',
      'dbname' => 'owncloud',
      'dbhost' => 'localhost',
      'dbtableprefix' => 'oc_',
      'dbuser' => 'owncloud-user',
      'dbpassword' => '*********',
      'logtimezone' => 'America/Los_Angeles',
      'installed' => true,
      'memcache.local' => '\OC\Memcache\APCu',
      'memcache.locking' => '\OC\Memcache\Redis',
      'redis' =>
      array ( 
        'host' => 'localhost',
        'port' => 6379,
      ),
    );

Are you using encryption: yes/no
No

Client configuration

Browser:
Chrome, Firefox

Operating system:
Windows 7, Ubuntu 16.04 LTS

ownCloud log (data/owncloud.log)

$ ls -lthr owncloud.log
-rw-r-----. 1 apache apache 3.3M Feb 10 21:17 owncloud.log

$ tail -n 2 owncloud.log 
{"reqId":"****************","remoteAddr":"xxx.xxx.xxx.xxx","app":"core","message":"Trusted domain error. \"xxx.xxx.xxx.xxx\" tried to access using \"xxx.xxx.xxx.xxx\" as host.","level":2,"time":"2018-02-10T14:33:09+00:00","method":"GET","url":"\/","user":"--"}
{"reqId":"****************","remoteAddr":"xxx.xxx.xxx.xxx","app":"core","message":"Trusted domain error. \"xxx.xxx.xxx.xxx\" tried to access using \"xxx.xxx.xxx.xxx:443\" as host.","level":2,"time":"2018-02-11T05:17:58+00:00","method":"GET","url":"\/","user":"--"}

Redis Version & Status

$ rpm -qa | grep redis
php-pecl-redis-3.1.6-1.el7.remi.7.2.x86_64
rh-redis32-runtime-2.3-1.el7.x86_64
redis-3.2.10-2.el7.x86_64
rh-redis32-redis-3.2.4-1.el7.x86_64

$ sudo systemctl status redis
● redis.service - Redis persistent key-value database
   Loaded: loaded (/usr/lib/systemd/system/redis.service; disabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/redis.service.d
           └─limit.conf
   Active: active (running) since Thu 2018-03-29 23:52:30 PDT; 4s ago
  Process: 24978 ExecStop=/usr/libexec/redis-shutdown (code=exited, status=0/SUCCESS)
 Main PID: 25000 (redis-server)
   CGroup: /system.slice/redis.service
           └─25000 /usr/bin/redis-server 127.0.0.1:6379

Mar 28 23:01:29 owncloud-server systemd[1]: Started Redis persistent key-value database.
Mar 28 23:01:29 owncloud-server systemd[1]: Starting Redis persistent key-value database...

$ ps aux | grep redis
redis     4646  0.0  0.1 136940  7952 ?        Ssl  Mar28   0:35 /opt/rh/rh-redis32/root/usr/bin/redis-server 127.0.0.1:6379

$ sudo netstat -ntlp | grep redis
tcp        0      0 127.0.0.1:6379          0.0.0.0:*               LISTEN      4646/redis-server 1

I've followed the Owncloud guide to the letter but was unsuccessful. Also found this similar topic, https://central.owncloud.org/t/problems-using-redis-with-socket-for-filelocking/967, and my settings are almost identical. I used the same guides as the site below. There are also no warning messages in the admin page regarding Redis either.

$ sudo egrep '^unixsocket*' redis.conf 
unixsocket /var/run/redis/redis.sock
unixsocketperm 775

Instead of using www-data as username, mine is apache and redis is a part of that group.

$ cat /etc/group | grep apache
apache:x:48:username,redis

Work Around
Remove the memcache.locking statement.

'memcache.locking' => '\OC\Memcache\Redis',
  'redis' =>
  array ( 
    'host' => 'localhost',
    'port' => 6379,
  ),

Any way to get Redis memcache.locking to work instead of the workaround and allow me to add files to owncloud through WebUI?


#2

I think in contrast to Debian/Ubuntu and so on distros like CentOS are using SELinux as an addtional security layer. Maybe this is preventing ownCloud to access the redis server?


#3

@tom42 You're spot on and thank you!

SELINUX Status:

$ sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

Temporarily Disable:

$ sudo setenforce 0

Permanently Disable:

$ sudo sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux

Your Data directory is not writable by ownCloud
#4

Mhhh, i'm not sure if its a good idea to completely disable SELinux. Maybe there is a way to set some policies to allow the access?


#5

I'll have to look into it but if you know of a way, please share. Thanks.


#6

Unfortunately i don't have any knowledge about SELinux. But i think you're not the only one using it so you probably will find some tutorials or howtos on a CentOS related forums or wiki.


Your Data directory is not writable by ownCloud
#7

I've also tried the following suggestions from Administration Manual, changing to my own path/directory of course, but it didn't work.

When you have SELinux enabled on your Linux distribution, you may run into permissions problems after a new ownCloud installation, and see permission denied errors in your ownCloud logs.

The following settings should work for most SELinux systems that use the default distro profiles. Run these commands as root, and remember to adjust the filepaths in these examples for your installation

semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/data(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/config(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/apps(/.*)?'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/.htaccess'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/.user.ini'

restorecon -Rv '/var/www/html/owncloud/'

If you have customized SELinux policies and these examples do not work, you must give the HTTP server write access to these directories:

/var/www/html/owncloud/data
/var/www/html/owncloud/config
/var/www/html/owncloud/apps

and

Redis on RHEL 7 & Derivatives
On RHEL 7 and its derivatives, if you are using Redis for both local server cache and file locking and Redis is configured to listen on a Unix socket instead of a TCP/IP port (which is recommended if Redis is running on the same system as ownCloud) you must instruct SELinux to allow daemons to enable cluster mode. You can do this using the following command:

setsebool -P daemons_enable_cluster_mode 1


#8

I think then its probably time that you contact some one with the knowledge about SELinux and CentOS. :slight_smile:


#9

I ended up following the suggested steps documented on OwnCloud and that fixed my issue. I’m not sure how I’d missed it before but probably was going back and forth between the version 8.x and version 9.x documentation while I’m running version 10.

https://doc.owncloud.org/server/10.0/admin_manual/installation/selinux_configuration.html

The two settings that I tried were:

Allow access to a remote database
An additional setting is needed if your installation is connecting to a remote database:

setsebool -P httpd_can_network_connect_db on

and

Allow access to remote network
ownCloud requires access to remote networks for functions such as Server-to-Server sharing, external storages or the ownCloud Marketplace. To allow this access use the following setting:

setsebool -P httpd_can_network_connect on