nextcloud
[Bug]: suspicious_login app dependencies require a 64-bit build of PHP
⚠️ This issue respects the following points: ⚠️
- [X] This is a bug, not a question or a configuration/webserver/proxy issue.
- [X] This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
- [X] Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
- [X] I agree to follow Nextcloud's Code of Conduct.
Bug description
Upgrading to v28.0.2rc4 on a 32 bit armhf system yields the error
Steps to reproduce
- Use web updater
Expected behavior
Nextcloud updates cleanly to v28.0.2rc4
Installation method
None
Nextcloud Server version
28
Operating system
Debian/Ubuntu
PHP engine version
PHP 8.2
Web server
Other
Database engine version
MariaDB
Is this bug present after an update or on a fresh install?
Updated from a MINOR version (ex. 22.1 to 22.2)
Are you using the Nextcloud Server Encryption module?
Encryption is Disabled
What user-backends are you using?
- [X] Default user-backend (database)
- [ ] LDAP/ Active Directory
- [ ] SSO - SAML
- [ ] Other
Configuration report
Composer detected issues in your platform:
Your Composer dependencies require a 64-bit build of PHP.
Nextcloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
{
"system": {
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"nextcloud.131kk.duckdns.org"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"dbtype": "mysql",
"version": "28.0.2.0",
"overwrite.cli.url": "https:\/\/nextcloud.xxx.org",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"default_phone_region": "MY",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"instanceid": "***REMOVED SENSITIVE VALUE***",
"activity_expire_days": 14,
"auth.bruteforce.protection.enabled": true,
"blacklisted_files": [
".htaccess",
"Thumbs.db",
"thumbs.db"
],
"cron_log": true,
"enable_previews": true,
"enabledPreviewProviders": [
"OC\\Preview\\PNG",
"OC\\Preview\\JPEG",
"OC\\Preview\\GIF",
"OC\\Preview\\BMP",
"OC\\Preview\\XBitmap",
"OC\\Preview\\Movie",
"OC\\Preview\\PDF",
"OC\\Preview\\MP3",
"OC\\Preview\\TXT",
"OC\\Preview\\MarkDown"
],
"filesystem_check_changes": 0,
"filelocking.enabled": "true",
"htaccess.RewriteBase": "https:\/\/nextcloud.xxx.org",
"integrity.check.disabled": false,
"knowledgebaseenabled": false,
"logfile": "\/var\/nc_data\/nextcloud.log",
"loglevel": 0,
"logtimezone": "Asia\/Kuala_Lumpur",
"log_rotate_size": 104857600,
"maintenance": false,
"maintenance_window_start": 20,
"memcache.local": "\\OC\\Memcache\\APCu",
"memcache.locking": "\\OC\\Memcache\\Redis",
"overwriteprotocol": "https",
"preview_max_x": "2048",
"preview_max_y": "2048",
"preview_max_scale_factor": 1,
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 0,
"timeout": 0,
"dbindex": 0
},
"quota_include_external_storage": false,
"share_folder": "\/Shares",
"skeletondirectory": "",
"theme": "",
"trashbin_retention_obligation": "auto, 7",
"updater.release.channel": "beta",
"app_install_overwrite": [
"quickaccesssorting",
"cookbook",
"contacts",
"unsplash",
"music",
"camerarawpreviews",
"social",
"dropit",
"carnet",
"twofactor_email",
"twofactor_nextcloud_notification",
"twofactor_totp",
"twofactor_admin",
"radio",
"riotchat",
"occweb",
"external",
"bookmarks",
"files_external_gdrive",
"talk_matterbridge",
"duplicatefinder",
"epubreader",
"qownnotesapi",
"mediadc",
"files_opds",
"spreed",
"notify_push"
],
"mail_smtpmode": "smtp",
"mail_smtpsecure": "ssl",
"mail_sendmailmode": "smtp",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_smtpauthtype": "LOGIN",
"mail_smtpauth": 1,
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "465",
"has_rebuilt_cache": true,
"data-fingerprint": "8c36fa460d37c96724963aa0574f0974",
"jpeg_quality": "60",
"music.lastfm_api_key": "a6a8ce8f6fa8c6a8691fd30bc9089f04",
"trusted domains": {
"1": "nextcloud.131kk.duckdns.org"
},
"trusted_proxies": "***REMOVED SENSITIVE VALUE***",
"ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory",
"overwritehost": "nextcloud.131kk.xxx.org",
"memories.exiftool_no_local": true,
"updater.secret": "***REMOVED SENSITIVE VALUE***"
}
}
List of activated Apps
Composer detected issues in your platform:
Your Composer dependencies require a 64-bit build of PHP.
Nextcloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
Enabled:
- activity: 2.20.0
- admin_audit: 1.18.0
- bookmarks: 13.1.3
- bruteforcesettings: 2.8.0
- calendar: 4.6.4
- camerarawpreviews: 0.8.4
- circles: 28.0.0-dev
- cloud_federation_api: 1.11.0
- comments: 1.18.0
- contacts: 5.5.1
- contactsinteraction: 1.9.0
- cookbook: 0.11.0
- dashboard: 7.8.0
- dav: 1.29.1
- duplicatefinder: 1.1.4
- federatedfilesharing: 1.18.0
- federation: 1.18.0
- files: 2.0.0
- files_external: 1.20.0
- files_pdfviewer: 2.9.0
- files_reminders: 1.1.0
- files_sharing: 1.20.0
- files_trashbin: 1.18.0
- files_versions: 1.21.0
- firstrunwizard: 2.17.0
- logreader: 2.13.0
- lookup_server_connector: 1.16.0
- nextcloud_announcements: 1.17.0
- notes: 4.9.2
- notifications: 2.16.0
- notify_push: 0.6.8
- oauth2: 1.16.3
- password_policy: 1.18.0
- privacy: 1.12.0
- provisioning_api: 1.18.0
- recommendations: 2.0.0
- related_resources: 1.3.0
- serverinfo: 1.18.0
- settings: 1.10.1
- sharebymail: 1.18.0
- support: 1.11.0
- suspicious_login: 6.0.0
- systemtags: 1.18.0
- text: 3.9.1
- theming: 2.3.0
- twofactor_backupcodes: 1.17.0
- twofactor_email: 2.7.4
- twofactor_totp: 10.0.0-beta.2
- updatenotification: 1.18.0
- user_ldap: 1.19.0
- user_status: 1.8.1
- viewer: 2.2.0
- weather_status: 1.8.0
- workflowengine: 2.10.0
Disabled:
- encryption: 2.16.0 (installed 2.14.0)
- files_rightclick: 0.15.1 (installed 1.6.0)
- memories: 6.2.2 (installed 6.2.2)
- photos: 2.4.0 (installed 2.3.0)
- survey_client: 1.16.0 (installed 1.1.0)
Nextcloud Signing status
Internal Server Error
The server was unable to complete your request.
If this happens again, please send the technical details below to the server administrator.
More details can be found in the server log.
Technical details
Remote Address: 192.168.131.38
Request ID: d3Y1p9LcQL3MplfhPhFx
Nextcloud Logs
Log entry
{
"reqId": "nl4PbpdYFjnSxmCiGgu7",
"level": 3,
"time": "2024-01-27T07:50:22+08:00",
"remoteAddr": "192.168.131.38",
"user": "--",
"app": "base",
"method": "PROPFIND",
"url": "/remote.php/dav/files/peter/",
"message": "Failed to start session",
"userAgent": "Mozilla/5.0 (Linux) mirall/3.11.0git (Nextcloud, arch-6.7.1-arch1-1 ClientArchitecture: x86_64 OsArchitecture: x86_64)",
"version": "28.0.2.0",
"exception": {
"Exception": "Exception",
"Message": "Failed to start session",
"Code": 0,
"Trace": [
{
"file": "/var/www/nextcloud/lib/base.php",
"line": 446,
"function": "__construct",
"class": "OC\\Session\\Internal",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/base.php",
"line": 705,
"function": "initSession",
"class": "OC",
"type": "::"
},
{
"file": "/var/www/nextcloud/lib/base.php",
"line": 1200,
"function": "init",
"class": "OC",
"type": "::"
},
{
"file": "/var/www/nextcloud/remote.php",
"line": 119,
"args": [
"/var/www/nextcloud/lib/base.php"
],
"function": "require_once"
}
],
"File": "/var/www/nextcloud/lib/private/Session/Internal.php",
"Line": 62,
"message": "Failed to start session",
"exception": {},
"CustomMessage": "Failed to start session"
}
}
{
"reqId": "nl4PbpdYFjnSxmCiGgu7",
"level": 1,
"time": "2024-01-27T07:50:22+08:00",
"remoteAddr": "192.168.131.38",
"user": "--",
"app": "no app in context",
"method": "PROPFIND",
"url": "/remote.php/dav/files/peter/",
"message": "Unable to generate a URL for the named route \"activity.Activities.index\" as such route does not exist.",
"userAgent": "Mozilla/5.0 (Linux) mirall/3.11.0git (Nextcloud, arch-6.7.1-arch1-1 ClientArchitecture: x86_64 OsArchitecture: x86_64)",
"version": "28.0.2.0",
"exception": {
"Exception": "Symfony\\Component\\Routing\\Exception\\RouteNotFoundException",
"Message": "Unable to generate a URL for the named route \"activity.Activities.index\" as such route does not exist.",
"Code": 0,
"Trace": [
{
"file": "/var/www/nextcloud/lib/private/Route/Router.php",
"line": 380,
"function": "generate",
"class": "Symfony\\Component\\Routing\\Generator\\UrlGenerator",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/private/Route/CachingRouter.php",
"line": 65,
"function": "generate",
"class": "OC\\Route\\Router",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/private/URLGenerator.php",
"line": 103,
"function": "generate",
"class": "OC\\Route\\CachingRouter",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/private/NavigationManager.php",
"line": 374,
"function": "linkToRoute",
"class": "OC\\URLGenerator",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/private/NavigationManager.php",
"line": 131,
"function": "init",
"class": "OC\\NavigationManager",
"type": "->"
},
{
"file": "/var/www/nextcloud/apps/theming/lib/ThemingDefaults.php",
"line": 199,
"function": "getAll",
"class": "OC\\NavigationManager",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/private/legacy/OC_Defaults.php",
"line": 271,
"function": "getShortFooter",
"class": "OCA\\Theming\\ThemingDefaults",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/public/Defaults.php",
"line": 176,
"function": "getLongFooter",
"class": "OC_Defaults",
"type": "->"
},
{
"file": "/var/www/nextcloud/core/templates/layout.guest.php",
"line": 51,
"function": "getLongFooter",
"class": "OCP\\Defaults",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/private/Template/Base.php",
"line": 180,
"args": [
"/var/www/nextcloud/core/templates/layout.guest.php"
],
"function": "include"
},
{
"file": "/var/www/nextcloud/lib/private/Template/Base.php",
"line": 150,
"function": "load",
"class": "OC\\Template\\Base",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/private/legacy/OC_Template.php",
"line": 139,
"function": "fetchPage",
"class": "OC\\Template\\Base",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/private/legacy/OC_Template.php",
"line": 170,
"function": "fetchPage",
"class": "OC_Template",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/private/Template/Base.php",
"line": 132,
"function": "fetchPage",
"class": "OC_Template",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/private/legacy/OC_Template.php",
"line": 291,
"function": "printPage",
"class": "OC\\Template\\Base",
"type": "->"
},
{
"file": "/var/www/nextcloud/lib/base.php",
"line": 456,
"function": "printExceptionErrorPage",
"class": "OC_Template",
"type": "::"
},
{
"file": "/var/www/nextcloud/lib/base.php",
"line": 705,
"function": "initSession",
"class": "OC",
"type": "::"
},
{
"file": "/var/www/nextcloud/lib/base.php",
"line": 1200,
"function": "init",
"class": "OC",
"type": "::"
},
{
"file": "/var/www/nextcloud/remote.php",
"line": 119,
"args": [
"/var/www/nextcloud/lib/base.php"
],
"function": "require_once"
}
],
"File": "/var/www/nextcloud/3rdparty/symfony/routing/Generator/UrlGenerator.php",
"Line": 144,
"message": "Unable to generate a URL for the named route \"activity.Activities.index\" as such route does not exist.",
"exception": {},
"CustomMessage": "Unable to generate a URL for the named route \"activity.Activities.index\" as such route does not exist."
}
}
Additional info
No response
hi, same issue here with a 32bits armbian after the upgrade to 27.1.6 from 27.1.5. ( ⚠️ not 28 ugprade )
+1 I have the same issue after upgrading from 27.1.5 to 27.1.6 on my 32bit raspbian
Same for me as https://github.com/nextcloud/server/issues/43157#issuecomment-1913070824 (27.1.5.1 to 27.1.6.2).
Nextcloud is out of order because of this!
Did you guys stop testing with 32 bit? First time I need to think about on how to rollback/downgrade...
@BkSouX + @Zylean how did you solve this issue? It's quite, no really urgent for me to solve this asap... ⚠️
I spent / wasted already 2.5 hours. Checked so many things but could not find which component is causing this dependency requirement and if it's easy to resolve by hopefully just exchanging/tweaking some files.
Checked most of https://github.com/nextcloud/server/releases/tag/v27.1.6 already. Put by bets on the OAuth2 fix which is also the only app that got updated (1.5.1 to 1.5.2). As it is part of core, it unfortunately can not be disabled (for testing purposes) to see if it would resolve the situation.
Is there ANY quick way to resolve the situation and bring Nextcloud back online?
Because restoring following https://docs.nextcloud.com/server/latest/admin_manual/maintenance/restore.html#restoring is quite complicated, even I got
nextclouddirectory includingthemeandconfigdirectories backup 2 days before update incidentdatadir backup 2 days before update incident (of course I also have the current files)- database backup 7 hours before update incident --> it does not match the
nextcloudanddatadir backup time.
Edit:
(hopefully) solved by "downgrading" to 27.1.5.1 (without database or data directory) by
- restoring
$nextcloud-data-dir/updater-ocXXXXXXXXXX/backups/nextcloud-27.1.5.1-1706394934over my/var/www/nextcloud - and running
occ upgradeafterwards.
Many double checks, backups and tests before and after that included made this freaking 27.1.6.2 update steal me 5 and a half hours of my life time (instead of the usual 10 minutes for minor updates), making this the worst update experience EVER.
Because of this personal experience with a stable (!!!) release AND the fact that
- a) https://github.com/nextcloud/server/issues/43157 got absolutely no attention so far (only someone constantly minimizing comments, so watching but not responding/helping at all)
- b) this should have been discovered in the RC version (https://help.nextcloud.com/t/rc4-of-nextcloud-28-0-2/179990) already and
- c) likely there've been NO tests made with 32 bit systems which violates the promises made at https://help.nextcloud.com/t/update-on-32-bit-support-decision-to-block-the-update-on-nextcloud-26-reverted/153345
... I currently can't trust Nextcloud('s update mechanisms) anymore. I don't hope but expect others to run into this very same issue once the 27.1.6.2 or 28.0.2 update is performed by other 32 bit users. Have fun with that.
I'll check back in a few weeks once https://github.com/nextcloud/server/issues/43157 is hopefully confirmed to be fixed in the 27 channel.
@bcutter I restaured the last backup (done during the upgrade process)
@BkSouX Hi Bruno, I have this updater backup too, but it does not contain user data AND the database changed during update.
So
- one needs to restore the database too right?
- how exactly did you restore the updater backup? Via rsync?
@bcutter I restaured the last backup (done during the upgrade process)
@BkSouX Hi Bruno, I have this updater backup too, but it does not contain user data AND the database changed during update.
So
* one needs to restore the database too right? * how exactly did you restore the updater backup? Via rsync?
i don't think there are database changes between 27.1.6 and 27.1.5. I backed up the current nextcloud folder, deleted it, and copied the backup of the 27.1.5 at the same place.
Thanks.
i don't think there are database changes between 27.1.6 and 27.1.5
Oh yes there are. The Oauth2 app got updated (1.5.1 to 1.5.2 for a NC 27 series) and during database update things changed. I checked the PR (https://github.com/nextcloud/server/pull/43020) which also seems to confirm database adjustments.
There are also general changes made on every update, at least in xx_appconfig table you'll have some with appid = core referencing a newer version, e. g. configkey = lastupdateResult with
{"version":"27.1.6.2","versionstring":"Nextcloud 27.1.6","url":"https:\/\/download.nextcloud.com\/server\/releases\/nextcloud-27.1.6.zip","web":"https:\/\/docs.nextcloud.com\/server\/27\/admin_manual\/maintenance\/upgrade.html","changes":"https:\/\/updates.nextcloud.com\/changelog_server\/?version=27.1.6","autoupdater":"1","eol":"0"}
Really not sure if it's a good idea to not restore the database. Not that things will break in future. IF there is a future so someone will finally assign this issue and provide a fix ⚠️
To whomever marked recent comments as off-topic (very likely rightly):
will there also finally be a dev response to this major issue?
The 27.1.6.2 update breaks every 32 bit installation ⚠️ So there's definitely more to come once users start to upgrade...
... I currently can't trust Nextcloud('s update mechanisms) anymore. I don't hope but expect others to run into this very same issue once the 27.1.6.2 or 28.0.2 update is performed by other 32 bit users. Have fun with that.
@bcutter :
- Don't (ever) upgrade any production system blindly.
- Always test before upgrade on a spare (staging) system before puting on production.
- Don't upgrade any system just because a new version is out; check changelogs and upgrade if needed (security, bugs affecting YOUR system...).
- You're relying on open-source software; contribute to it reporting issues, with code if you can, but don't just ask for support for your own errors (yes, even if software is buggy or a stable release isn't "that stable", blind upgrades and lack of good backup strategy it is your responsability only).
- Nextcloud provides enterprise support if you have mission-critical needs (it seems you have)!
Happy system administration 🥳
@solracsf Yeah, thanks for that response.
- I have a multi-stage backup system - and never had to restore any part of NC yet in the last 11 years (only few single database tables which rendered rubbish by app updates, some incidents even back in Owncloud times).
- Seems like one needs to have this nowadays. Alright, let's spend even more hours on self-hosting NC by nearly doubling the maintenance times :-)
- Did not update blindly - I always read the release notes first, also this time. External trigger to update was CVE-2024-22403 (https://www.heise.de/news/Nextcloud-Luecken-in-Apps-gefaehrden-Nutzerkonten-und-Datensicherheit-9601589.html).
- I contribute, all over several NC repos. Not a dev, so not contributing code.
blind upgrades and lack of good backup strategyare both unjustified accusations based on assumptions. Nice. - No I don't, thanks. But if there's an express lane for fixing such issues... definitely interesting.
Let's face the facts: 27.1.6.2 as a stable release contains a 64 bit dependency which is completely unknown to the people who approved to rollout this release. Otherwise checks prior updating would have been implemented (the updater rushed over it and the final result: broken NC) or - that's the way to go now - that dependency conflict would have been resolved before. I still put by bets on no-one tested that release on a 32 bit system. Or is it a specific component only? A single app maybe? No one even knows this so far.
So now let's wait for someone to minimize this and the previous post too and finally start to fix this. I'm done with now 7 hours spent on this, so please excuse my currently still slightly upset state of mind and view on the whole mess. 27.1.5.1 -> 27.1.6.2 -> 27.1.5.1, what an adventure.
Hmm...
I do not have this issue after updating to 27.1.6 on a 32bit Debian Bookwoorm:
I barely have any apps active though. Do you have any special apps installed?
Do you have any special apps installed?
Define "special". Expectation is to have the updater doing pre-checks to discover potential dependency or platform issues. But anyway, content of nc_apps_beforeUpdate.txt:
Enabled:
- activity: 2.19.0
- admin_audit: 1.17.0
- announcementcenter: 6.7.0
- audioplayer: 3.4.1
- bruteforcesettings: 2.7.0
- calendar: 4.6.4
- camerarawpreviews: 0.8.4
- cfg_share_links: 4.2.0
- checksum: 1.2.3
- circles: 27.0.1
- cloud_federation_api: 1.10.0
- comments: 1.17.0
- contacts: 5.5.1
- contactsinteraction: 1.8.0
- dashboard: 7.7.0
- dav: 1.27.0
- deck: 1.11.3
- encryption: 2.15.0
- end_to_end_encryption: 1.13.1
- extract: 1.3.6
- federatedfilesharing: 1.17.0
- federation: 1.17.0
- files: 1.22.0
- files_accesscontrol: 1.17.1
- files_external: 1.19.0
- files_linkeditor: 1.1.16
- files_markdown: 2.4.1
- files_mindmap: 0.0.30
- files_pdfviewer: 2.8.0
- files_reminders: 1.0.0
- files_rightclick: 1.6.0
- files_share_qr: 0.1
- files_sharing: 1.19.0
- files_trashbin: 1.17.0
- files_versions: 1.20.0
- firstrunwizard: 2.16.0
- forms: 3.4.4
- imageconverter: 1.3.5
- impersonate: 1.14.0
- keeweb: 0.6.13
- logreader: 2.12.0
- lookup_server_connector: 1.15.0
- maps: 1.2.0
- news: 15.4.5
- nextcloud_announcements: 1.16.0
- notes: 4.9.2
- notifications: 2.15.0
- oauth2: 1.15.1
- password_policy: 1.17.0
- photos: 2.3.0
- polls: 5.4.2
- previewgenerator: 5.4.0
- privacy: 1.11.0
- provisioning_api: 1.17.0
- qownnotesapi: 23.12.0
- quota_warning: 1.18.0
- ransomware_protection: 1.14.0
- recommendations: 1.6.0
- related_resources: 1.2.0
- serverinfo: 1.17.0
- settings: 1.9.0
- sharebymail: 1.17.0
- side_menu: 3.11.4
- spreed: 17.1.5
- support: 1.10.0
- survey_client: 1.15.0
- suspicious_login: 5.0.0
- systemtags: 1.17.0
- tasks: 0.15.0
- text: 3.8.0
- theming: 2.2.0
- twofactor_admin: 4.4.0
- twofactor_backupcodes: 1.16.0
- twofactor_email: 2.7.4
- twofactor_nextcloud_notification: 3.8.0
- twofactor_reminder: 1.1.0
- twofactor_totp: 9.0.0
- updatenotification: 1.17.0
- user_migration: 4.0.1
- user_status: 1.7.0
- user_usage_report: 1.11.1
- viewer: 2.1.0
- weather_status: 1.7.0
- workflowengine: 2.9.0
Disabled:
- backup: 1.3.0 (installed 1.3.0)
- external: 5.2.1 (installed 5.2.1)
- files_antivirus: 5.4.1 (installed 5.4.1)
- files_downloadactivity: 1.16.0 (installed 1.16.0)
- files_locking: 0
- files_zip: 1.4.1 (installed 1.4.1)
- issuetemplate: 0.7.0 (installed 0.7.0)
- music: 1.9.1 (installed 1.9.1)
- ocr: 6.0.58 (installed 6.0.58)
- radio: 1.0.3 (installed 1.0.3)
- sharelisting: 1.2.0 (installed 1.2.0)
- sharerenamer: 3.2.0 (installed 3.2.0)
- social: 0.6.1 (installed 0.6.1)
- socialsharing_email: 3.0.1 (installed 3.0.1)
- unsplash: 2.2.1 (installed 2.2.1)
- uploaddetails: 0.1.3 (installed 0.1.3)
- user_ldap: 1.17.0
- video_converter: 1.0.6 (installed 1.0.6)
- weather: 1.7.7 (installed 1.7.7)
This is my app-list (after update to 27.1.6):
Enabled:
- calendar: 4.6.4
- cloud_federation_api: 1.10.0
- contacts: 5.5.1
- dav: 1.27.0
- federatedfilesharing: 1.17.0
- files: 1.22.0
- files_sharing: 1.19.0
- logreader: 2.12.0
- lookup_server_connector: 1.15.0
- oauth2: 1.15.2
- provisioning_api: 1.17.0
- settings: 1.9.0
- tasks: 0.15.0
- theming: 2.2.0
- twofactor_backupcodes: 1.16.0
- viewer: 2.1.0
- workflowengine: 2.9.0
Disabled:
- activity: 2.19.0 (installed 2.2.1)
- admin_audit: 1.17.0
- bruteforcesettings: 2.7.0 (installed 1.1.0)
- circles: 27.0.1 (installed 22.2.0)
- comments: 1.17.0 (installed 0.2)
- contactsinteraction: 1.8.0 (installed 1.0.0)
- dashboard: 7.7.0 (installed 7.0.0)
- encryption: 2.15.0
- federation: 1.17.0 (installed 0.0.4)
- files_external: 1.19.0
- files_pdfviewer: 2.8.0 (installed 1.2.1)
- files_reminders: 1.0.0 (installed 1.0.0)
- files_rightclick: 1.6.0 (installed 0.15.1)
- files_trashbin: 1.17.0 (installed 0.8.0)
- files_versions: 1.20.0 (installed 1.2.0)
- firstrunwizard: 2.16.0 (installed 1.1)
- nextcloud_announcements: 1.16.0 (installed 1.0)
- notifications: 2.15.0 (installed 0.2.3)
- password_policy: 1.17.0 (installed 1.1.0)
- photos: 2.3.0 (installed 1.0.0)
- privacy: 1.11.0 (installed 1.0.0)
- recommendations: 1.6.0 (installed 0.4.0)
- related_resources: 1.2.0 (installed 1.0.3)
- serverinfo: 1.17.0 (installed 1.1.1)
- sharebymail: 1.17.0 (installed 1.0.1)
- support: 1.10.0 (installed 1.0.0)
- survey_client: 1.15.0 (installed 0.1.5)
- suspicious_login: 5.0.0
- systemtags: 1.17.0 (installed 0.2)
- text: 3.8.0 (installed 1.1.1)
- twofactor_totp: 9.0.0
- updatenotification: 1.17.0 (installed 0.1.0)
- user_ldap: 1.17.0
- user_status: 1.7.0 (installed 1.0.1)
- weather_status: 1.7.0 (installed 1.0.0)
That is my app list, also post-update to 27.1.6:
sudo -u www-data php /var/www/nextcloud/occ app:list
Composer detected issues in your platform:
Your Composer dependencies require a 64-bit build of PHP.
Enabled:
- activity: 2.19.0
- admin_audit: 1.17.0
- calendar: 4.6.4
- camerarawpreviews: 0.8.4
- caniupdate: 0.2.0
- cfg_share_links: 4.2.0
- checksum: 1.2.3
- circles: 27.0.1
- cloud_federation_api: 1.10.0
- comments: 1.17.0
- contacts: 5.5.1
- contactsinteraction: 1.8.0
- dashboard: 7.7.0
- dav: 1.27.0
- drawio: 2.1.4
- duplicatefinder: 1.1.4
- extract: 1.3.6
- federatedfilesharing: 1.17.0
- federation: 1.17.0
- files: 1.22.0
- files_external: 1.19.0
- files_pdfviewer: 2.8.0
- files_reminders: 1.0.0
- files_rightclick: 1.6.0
- files_sharing: 1.19.0
- files_trackdownloads: 1.11.0
- files_trashbin: 1.17.0
- files_versions: 1.20.0
- fileslibreofficeedit: 1.1.0
- firstrunwizard: 2.16.0
- logreader: 2.12.0
- lookup_server_connector: 1.15.0
- mail: 3.5.5
- maps: 1.2.0
- metadata: 0.19.0
- nextcloud_announcements: 1.16.0
- notes: 4.9.2
- notifications: 2.15.0
- oauth2: 1.15.2
- password_policy: 1.17.0
- photos: 2.3.0
- privacy: 1.11.0
- provisioning_api: 1.17.0
- recommendations: 1.6.0
- related_resources: 1.2.0
- richdocuments: 8.2.4
- serverinfo: 1.17.0
- settings: 1.9.0
- sharebymail: 1.17.0
- spreed: 17.1.5
- support: 1.10.0
- suspicious_login: 5.0.0
- systemtags: 1.17.0
- tasks: 0.15.0
- text: 3.8.0
- theming: 2.2.0
- twofactor_backupcodes: 1.16.0
- unsplash: 2.2.1
- updatenotification: 1.17.0
- user_status: 1.7.0
- viewer: 2.1.0
- weather_status: 1.7.0
- workflowengine: 2.9.0
Disabled:
- breezedark: 27.0.0 (installed 27.0.0)
- bruteforcesettings: 2.7.0
- encryption: 2.15.0 (installed 2.11.0)
- files_downloadactivity: 1.16.0 (installed 1.15.0)
- survey_client: 1.15.0 (installed 1.11.0)
- twofactor_totp: 9.0.0
- user_ldap: 1.17.0
Checked most of v27.1.6 (release) already. Put by bets on the OAuth2 fix which is also the only app that got updated (1.5.1 to 1.5.2). As it is part of core, it unfortunately can not be disabled (for testing purposes) to see if it would resolve the situation.
The 32bit CI runs look okay.
28.0.2 RC4 https://github.com/nextcloud/server/actions/runs/7645486630/job/20832184863?pr=43095
27.1.6 https://github.com/nextcloud/server/actions/runs/7645492980/job/20832205423?pr=43096
The oauth2 apps does not have any dependencies as per: https://github.com/nextcloud/server/blob/master/apps/oauth2/composer/composer.json
suspicious_login has darsyn/ip as dependency which requires a 64bit php. Yet I don't see any changes to suspicious_login since 27.0.0 and 28.0.0.
suspicious_login has darsyn/ip as dependency which requires a 64bit php. Yet I don't see any changes to suspicious_login since 27.0.0 and 28.0.0.
Yes indeed there were no changes in that app. Absolutely no app got updated (except OAuth2 from 1.5.1 to 1.5.2 for my 27 channel), that's why I suspected this dependency conflict to happen somehwere in core/server itself.
I'm a bit tired (and lacking discovery skills due to not available dev glasses) of parsing https://github.com/nextcloud/server/releases/tag/v27.1.6 a 3rd time. Do you spot anything there?
Was the breaking change introduced by Composer on its own maybe?
Looks like php-64bit wasn't being enforced until a couple months ago by Composer via composer/composer#11334
https://github.com/composer/composer/releases/tag/2.6.0
This same parameter is how suspicious_login enforces 64bit:
https://github.com/nextcloud/suspicious_login/blob/19f1e0f35d3400aa6ae6ec5a2bd20f18da04acea/composer.lock#L517
In hindsight, this should have broken installs with that app before. But never would have triggered failures if it wasn't really being enforced by Composer. This would explain why it's never been a problem until now.
If we're lucky it's just suspicious_login triggering this. Would also explain why @BernieO isn't experiencing the problem.
I think disabling that app (and restarting mod_php/fpm) should be enough to confirm.
Disabling the suspicious_login app solved the issue for me:
sudo -u www-data php /var/www/nextcloud/occ app:disable suspicious_login
As well as enabling it in my case raised the issue on my installation:
user@server:/var/www/nextcloud# sudo -u www-data php occ app:enable suspicious_login
Composer detected issues in your platform:
Your Composer dependencies require a 64-bit build of PHP.
suspicious_login 5.0.0 enabled
Disabled again and the issue is gone.
Maybr the following line should be added to the app as well? Not sure if that actually helps though: https://github.com/nextcloud/news/blob/46cc276cbdecb47d48c28855f0177387d9bf5b3b/appinfo/info.xml#L46
Maybr the following line should be added to the app as well? Not sure if that actually helps though: https://github.com/nextcloud/news/blob/46cc276cbdecb47d48c28855f0177387d9bf5b3b/appinfo/info.xml#L46
At least it prevents the app from being enabled on my 32bit system, so that the issue doesn't arise:
root@server:/var/www/nextcloud# sudo -u www-data php occ app:enable suspicious_login
App "Suspicious Login" cannot be installed because the following dependencies are not fulfilled: 64bit or higher PHP required.
root@server:/var/www/nextcloud# sudo -u www-data php occ -V
Nextcloud 27.1.6
I have no idea whats gonna happen during an upgrade, if the app was enabled prior to the upgrade.
Summary so far:
- Dependency has always been there, but only recently started being enforced by Composer
- This app is shipped, but is not enabled by default
- Scope of impact is limited to environments where the user has gotten curious and manually enabled the app
- Adding a php int size dependency as mentioned by @szaimen will prevent it from accidentally being enabled in 32-bit environments going forward
- Disabling the app immediately fixes the problem
For the record:
- The only reason this app requires 64-bit is due to a dependency which is only used if IPv6 is in active use in that environment[1][2][3]
My inclination is:
- add the check in the app to prevent installation/activation in 32-bit environments (handled by adjusting the
info.xml) - document that it isn't supported in 32-bit environments in the app store description (populated by the
info.xml) - document that it isn't supported in 32-bit environments in the README
What to do about current environments in between, say, v27.1.7 and v28.0.2/v28.0.3?
- It's not a app that is necessarily all that commonly enabled (I don't think), but it's common enough that there will be reports and questions about this
- Easy workaround if it arises: they can disable the app
- The workaround implements what we'll implement going forward: disable the app / prevent it from being enabled in 32-bit environments
And what about adjusting the app to support 32-bit?
- If deemed important enough after the above changes - and if someone is so inclined - they can investigate the feasibility of that
I have no idea whats gonna happen during an upgrade, if the app was enabled prior to the upgrade.
I believe it'll throw the exception you saw and stop. So in 32-bit environments that have previously enabled this app, manually disabling will be required. I don't see a good way around that unless we want to hard code something in server to handle this (and that still wouldn't make it in the current v27 release; I guess v28.0.2 remains a possibility if deemed a critical patch[4]).
Footnotes
[1] https://github.com/nextcloud/suspicious_login/blob/d482467425cdb57c38d83f3446b1dc3b7c1f10c2/lib/Service/IpV6Strategy.php#L28
[2] I suspect, but have not confirmed that the app will function fine as long as it doesn't encounter an IPv6 connection (useful to know if someone has it installed in a <27.1.6 environment already)
[3 Even though the app could theoretically operate in an IPv4 only environments, enabling the app at the moment in 32-bit environments would make it fragile due to the potential to trigger the IPv6 code path
[4] I'm hesitant to suggest it would be critical enough since it's a sensitive code path to change at the last minute + easy workaround exists + does not actually impact all 32-bit environments since not enabled by default + shouldn't be all that necessary after we prevent the app from being enabled again going forward
Tasks
- [x] ~~Move this to the
suspicious_loginsrepo~~ Create an issue insuspicious_loginsrepo to "Investigate use in 32-bit environments" - [x] Create PR(s) that implement items 1/2/3 above
- [x] Maybe post an announcement in the Help Forum to get the word out to the community to disable the app if on 32-bit?
- [ ] Confirm being a shipped app that an initial install still passes
@joshtrichards wow, that's an amazing work. You invested quite some time, really outstanding post and great research work. In two words: thank you.
Seems like this is another case where NC apps create issues for core/server:
- in this case likely accidentally, even the fact it arises now during an update is very exciting
- there've been cases app developers removed 32 bit support like famous NC News app (which is why I'm still running latest 15.4.5)
- so while core is supporting 32 bit and doing good to the world this way, app developers decide the opposite or don't care or (enter reason here why it fails for suspicious login app, we'll see once posted to their repo).
Back on-topic: overall it still feels like
- a) communication is good, but likely not sufficient to efficiently prevent others running into this
- b) technically server needs better pre-checks before updates with an improved dependency check (a sign "STOP! canyon before!" is quite helpful before rushing down the cliff - that's the communication part only, a "ALERT! This bridge has been closed, your vehicle is too heavy for crossing it!" is even better). Also a lesson from NC News back then when the app was updated and server telling us afterwards it can not run it anymore (downgrade of app AND database needed...)
Two cents over, developers the stage is yours.
@joshtrichards Thank you very much for the excellent summary.
We are currently investigating what is required to restore and keep the compatibility of suspicious_login with 32 bit systems.
@joshtrichards Thank you very much for the excellent summary.
We are currently investigating what is required to restore and keep the compatibility of suspicious_login with 32 bit systems.
Can you give an estimation / brief update on the current status (for those not used to cross-check all linked issues, PRs etc.) please?
@ChristophWurst could you please elaborate a bit on your action? Was the issue being resolved? What were the findings?
