Encrypted Files get corrupted/ unaccessable when moving from one folder to another

[raceface2nd]

Steps to reproduce

1. have file encryption activated
2. move a number of files or folders from one folder to another folder (e.g. a subfolder under the same main folder)
3. some of the moved files will get unaccesable with the web GUI apps (like image viewer, pdf viewer, onlyoffice) and will not be synced any longer with the desktop sync app

Expected behaviour

All files should be accesable as before.

Actual behaviour

Some files get corrupted and are trash.

Server configuration

Operating system: univention app container 17.0.2-0

Web server: Apache

Database: postgresql 9.6.15

PHP version: 7.2.24

Nextcloud version: 17.0.2

Updated from an older Nextcloud/ownCloud or fresh install: updated

Where did you install Nextcloud from: from the univention app store

Signing status:

Signing status

Login as admin user into your Nextcloud and access 
http://example.com/index.php/settings/integrity/failed 
paste the results here.

List of activated apps:

App list

Enabled: - accessibility: 1.3.0 - activity: 2.10.1 - admin_audit: 1.7.0 - apporder: 0.9.0 - audioplayer: 2.9.0 - cloud_federation_api: 1.0.0 - cms_pico: 1.0.4 - comments: 1.7.0 - dav: 1.13.0 - encryption: 2.5.0 - extract: 1.2.3 - federatedfilesharing: 1.7.0 - federation: 1.7.0 - files: 1.12.0 - files_downloadactivity: 1.6.0 - files_external: 1.8.0 - files_external_dropbox: 1.2.0 - files_fulltextsearch: 1.3.6 - files_fulltextsearch_tesseract: 1.3.2 - files_mindmap: 0.0.17 - files_pdfviewer: 1.6.0 - files_rightclick: 0.15.1 - files_sharing: 1.9.0 - files_trashbin: 1.7.0 - files_versions: 1.10.0 - files_videoplayer: 1.6.0 - firstrunwizard: 2.6.0 - fulltextsearch: 1.3.8 - fulltextsearch_elasticsearch: 1.4.1 - gallery: 18.4.0 - groupfolders: 5.0.5 - logreader: 2.2.0 - lookup_server_connector: 1.5.0 - maps: 0.1.4 - nextcloud_announcements: 1.6.0 - notifications: 2.5.0 - oauth2: 1.5.0 - ocdownloader: 1.7.5 - onlyoffice: 4.1.4 - passman: 2.3.5 - password_policy: 1.7.0 - passwords: 2020.2.1 - polls: 1.1.6 - privacy: 1.1.0 - provisioning_api: 1.7.0 - ransomware_detection: 0.6.0 - ransomware_protection: 1.5.1 - recommendations: 0.5.0 - serverinfo: 1.7.0 - sharebymail: 1.7.0 - sharepoint: 1.5.0 - sharerenamer: 2.7.3 - spreed: 7.0.2 - support: 1.0.1 - survey_client: 1.5.0 - systemtags: 1.7.0 - text: 1.1.1 - theming: 1.8.0 - twofactor_backupcodes: 1.6.0 - twofactor_totp: 4.1.2 - user_ldap: 1.7.0 - viewer: 1.2.0 - workflowengine: 1.7.0 Disabled: - richdocuments - updatenotification

Nextcloud configuration:

Config report

{ "system": { "passwordsalt": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "trusted_domains": [ "***REMOVED SENSITIVE VALUE***", "***REMOVED SENSITIVE VALUE***", "***REMOVED SENSITIVE VALUE***", "***REMOVED SENSITIVE VALUE***" ], "datadirectory": "***REMOVED SENSITIVE VALUE***", "overwrite.cli.url": "https:\/\/***REMOVED SENSITIVE VALUE***", "dbtype": "pgsql", "version": "17.0.2.1", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbport": "5432", "dbtableprefix": "oc_", "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "installed": true, "instanceid": "***REMOVED SENSITIVE VALUE***", "updatechecker": "false", "memcache.local": "\\OC\\Memcache\\APCu", "overwriteprotocol": "https", "overwritewbroot": "\/", "htaccess.RewriteBase": "\/", "ldapIgnoreNamingRules": false, "ldapProviderFactory": "\\OCA\\User_LDAP\\LDAPProviderFactory", "trusted_proxies": "***REMOVED SENSITIVE VALUE***", "loglevel": 1, "log_rotate_size": 1048576, "maintenance": false, "mail_from_address": "***REMOVED SENSITIVE VALUE***", "mail_smtpmode": "smtp", "mail_sendmailmode": "smtp", "mail_domain": "***REMOVED SENSITIVE VALUE***", "mail_smtpsecure": "tls", "mail_smtpauthtype": "LOGIN", "mail_smtpauth": 1, "mail_smtphost": "***REMOVED SENSITIVE VALUE***", "mail_smtpport": "25", "mail_smtpname": "***REMOVED SENSITIVE VALUE***", "mail_smtppassword": "***REMOVED SENSITIVE VALUE***", "has_rebuilt_cache": true, "filesystem_check_changes": "1", "ldapUserCleanupInterval": "300", "app_install_overwrite": [ "ojsxc", "files_external_dropbox" ] } }

Are you using external storage, if yes which one: local, smb, sftp

Are you using encryption: yes

Are you using an external user-backend, if yes which one: LDAP

LDAP configuration (delete this part if not used)

LDAP config

+-------------------------------+-----------------------------------------------------------------+
| Configuration | s01 |
+-------------------------------+-----------------------------------------------------------------+
| hasMemberOfFilterSupport | 0 |
| homeFolderNamingRule | |
| lastJpegPhotoLookup | 0 |
| ldapAgentName | cn=nextc-12338939,cn=memberserver,cn=computers,dc=REMOVED SENSITIVE VALUE,dc=REMOVED SENSITIVE VALUE |
| ldapAgentPassword | *** |
| ldapAttributesForGroupSearch | |
| ldapAttributesForUserSearch | uid;givenName;sn;employeeNumber;mailPrimaryAddress |
| ldapBackupHost | |
| ldapBackupPort | |
| ldapBase | dc=REMOVED SENSITIVE VALUE,dc=REMOVED SENSITIVE VALUE |
| ldapBaseGroups | dc=REMOVED SENSITIVE VALUE,dc=REMOVED SENSITIVE VALUE |
| ldapBaseUsers | dc=REMOVED SENSITIVE VALUE,dc=REMOVED SENSITIVE VALUE |
| ldapCacheTTL | 600 |
| ldapConfigurationActive | 1 |
| ldapDefaultPPolicyDN | |
| ldapDynamicGroupMemberURL | |
| ldapEmailAttribute | mail |
| ldapExperiencedAdmin | 1 |
| ldapExpertUUIDGroupAttr | |
| ldapExpertUUIDUserAttr | |
| ldapExpertUsernameAttr | uid |
| ldapExtStorageHomeAttribute | |
| ldapGidNumber | gidNumber |
| ldapGroupDisplayName | cn |
| ldapGroupFilter | (&(objectclass=nextcloudGroup)(nextcloudEnabled=1)) |
| ldapGroupFilterGroups | |
| ldapGroupFilterMode | 1 |
| ldapGroupFilterObjectclass | nextcloudGroup |
| ldapGroupMemberAssocAttr | memberUid |
| ldapHost | mail.360x.media |
| ldapIgnoreNamingRules | |
| ldapLoginFilter | (&(objectclass=nextcloudUser)(nextcloudEnabled=1)(uid=%uid)) |
| ldapLoginFilterAttributes | |
| ldapLoginFilterEmail | 0 |
| ldapLoginFilterMode | 1 |
| ldapLoginFilterUsername | 1 |
| ldapNestedGroups | 0 |
| ldapOverrideMainServer | |
| ldapPagingSize | 500 |
| ldapPort | 7389 |
| ldapQuotaAttribute | nextcloudQuota |
| ldapQuotaDefault | |
| ldapTLS | 0 |
| ldapUserAvatarRule | default |
| ldapUserDisplayName | displayname |
| ldapUserDisplayName2 | |
| ldapUserFilter | (&(objectclass=nextcloudUser)(nextcloudEnabled=1)) |
| ldapUserFilterGroups | |
| ldapUserFilterMode | 1 |
| ldapUserFilterObjectclass | |
| ldapUuidGroupAttribute | auto |
| ldapUuidUserAttribute | auto |
| turnOffCertCheck | 0 |
| turnOnPasswordChange | 0 |
| useMemberOfToDetectMembership | 1 |
+-------------------------------+-----------------------------------------------------------------+

Client configuration

Browser: Firefox, Edge, Chrome

Operating system: Windows 10, Windows 7

Logs

Web server error log

Web server error log

Nothing shows up here

Nextcloud log (data/nextcloud.log)

Nextcloud log

nothing shows up here

Browser log

Browser log

nothing shows up here

[aignerat]

hey,

please search the log for missing or bad signature to delimit the error. I had no problems with server-side encryption so far. Personally i would consider using LUKS instead of server-side-encryption.

regards

[szaimen]

Duplicate of #16419