Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exclude files, can´t change something in webinterface #159

Open
TimoHess opened this issue Aug 28, 2020 · 3 comments
Open

Exclude files, can´t change something in webinterface #159

TimoHess opened this issue Aug 28, 2020 · 3 comments

Comments

@TimoHess
Copy link

Steps to reproduce

  1. Install it
  2. Configure it and its still there.

Expected behaviour

Make exceptions like the whitelist.fp for files or for virus category. Should accept changes in the admin UI.

Actual behaviour

When I enter something like /.:Win.Virus.Ramnit-7537604-0. FOUND$/ in the webinterface it will not be accepted.
More details on Discourse:

https://help.nextcloud.com/t/how-can-i-whitelist-some-files/89820/8

Server configuration detail

Operating system: Linux 4.15.0-112-generic 113-Ubuntu SMP Thu Jul 9 23:41:39 UTC 2020 x86_64

Webserver: Apache/2.4.29 (Ubuntu) (fpm-fcgi)

Database: mysql 10.4.14

PHP version:

7.4.9
Modules loaded: Core, date, libxml, openssl, pcre, zlib, filter, hash, Reflection, SPL, session, standard, sodium, cgi-fcgi, pdlib, mysqlnd, PDO, xml, apcu, bcmath, bz2, calendar, ctype, curl, dom, mbstring, FFI, fileinfo, ftp, gd, gettext, gmp, iconv, imagick, intl, json, exif, mysqli, pdo_mysql, apc, posix, readline, redis, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tokenizer, xmlreader, xmlwriter, xsl, zip, Phar, Zend OPcache

Nextcloud version: 19.0.2 - 19.0.2.2

Updated from an older Nextcloud/ownCloud or fresh install: yes

Where did you install Nextcloud from: nextcloud.com

List of activated apps 
Enabled:
 - accessibility: 1.5.0
 - activity: 2.12.0
 - admin_audit: 1.9.0
 - admin_notifications: 1.0.2
 - apporder: 0.10.0
 - bookmarks: 3.3.4
 - bruteforcesettings: 2.0.0
 - calendar: 2.0.4
 - camerarawpreviews: 0.7.8
 - cloud_federation_api: 1.2.0
 - comments: 1.9.0
 - contacts: 3.3.0
 - contactsinteraction: 1.0.0
 - cookbook: 0.7.6
 - data_request: 1.6.0
 - dav: 1.15.0
 - dicomviewer: 1.2.2
 - duplicatefinder: 0.0.2
 - emlviewer: 0.0.17
 - epubreader: 1.4.2
 - event_update_notification: 1.0.2
 - external: 3.6.0
 - extract: 1.2.4
 - facerecognition: 0.6.3
 - federatedfilesharing: 1.9.0
 - federation: 1.9.0
 - files: 1.14.0
 - files_antivirus: 2.4.1
 - files_downloadactivity: 1.8.0
 - files_linkeditor: 1.1.2
 - files_pdfviewer: 1.8.0
 - files_retention: 1.8.2
 - files_rightclick: 0.16.0
 - files_sharing: 1.11.0
 - files_trackdownloads: 1.8.0
 - files_trashbin: 1.9.0
 - files_versions: 1.12.0
 - files_videoplayer: 1.8.0
 - firstrunwizard: 2.8.0
 - geoblocker: 0.3.2
 - gpxmotion: 0.0.11
 - imageconverter: 1.2.1
 - impersonate: 1.6.1
 - issuetemplate: 0.6.0
 - logreader: 2.4.0
 - lookup_server_connector: 1.7.0
 - maps: 0.1.6
 - metadata: 0.12.0
 - news: 14.1.11
 - nextcloud_announcements: 1.8.0
 - notifications: 2.7.0
 - oauth2: 1.7.0
 - ocdownloader: 1.7.8
 - password_policy: 1.9.1
 - passwords: 2020.8.0
 - phonetrack: 0.6.4
 - photos: 1.1.0
 - polls: 1.4.3
 - privacy: 1.3.0
 - provisioning_api: 1.9.0
 - quickaccesssorting: 1.0.3
 - quota_warning: 1.8.0
 - ransomware_detection: 0.8.0
 - ransomware_protection: 1.7.0
 - recommendations: 0.7.0
 - serverinfo: 1.9.0
 - settings: 1.1.0
 - sharebymail: 1.9.0
 - socialsharing_email: 2.1.0
 - spreed: 9.0.3
 - support: 1.2.1
 - survey_client: 1.7.0
 - suspicious_login: 3.1.0
 - systemtags: 1.9.0
 - tasks: 0.13.3
 - text: 3.0.1
 - theming: 1.10.0
 - twofactor_backupcodes: 1.8.0
 - twofactor_nextcloud_notification: 2.3.0
 - twofactor_totp: 5.0.0
 - updatenotification: 1.9.0
 - viewer: 1.3.0
 - workflowengine: 2.1.0
Disabled:
 - encryption
 - files_external
 - files_external_dropbox
 - files_external_onedrive
 - sharepoint
 - user_ldap
Configuration (config/config.php) 
{
    "instanceid": "***REMOVED SENSITIVE VALUE***",
    "passwordsalt": "***REMOVED SENSITIVE VALUE***",
    "secret": "***REMOVED SENSITIVE VALUE***",
    "trusted_domains": [
        "192.168.178.30",
    ],
    "datadirectory": "***REMOVED SENSITIVE VALUE***",
    "overwrite.cli.url": "https:\/\/domain.de",
    "htaccess.RewriteBase": "\/",
    "default_language": "de",
    "default_locale": "de",
    "dbtype": "mysql",
    "version": "19.0.2.2",
    "dbname": "***REMOVED SENSITIVE VALUE***",
    "dbhost": "***REMOVED SENSITIVE VALUE***",
    "dbport": "",
    "dbtableprefix": "oc_",
    "dbuser": "***REMOVED SENSITIVE VALUE***",
    "dbpassword": "***REMOVED SENSITIVE VALUE***",
    "installed": true,
    "maintenance": false,
    "theme": "",
    "logtimezone": "Europe\/Berlin",
    "log_rotate_size": 104857600,
    "mail_from_address": "***REMOVED SENSITIVE VALUE***",
    "mail_smtpmode": "smtp",
    "mail_domain": "***REMOVED SENSITIVE VALUE***",
    "mail_smtpsecure": "tls",
    "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
    "loglevel": 0,
    "quota_include_external_storage": false,
    "enabledPreviewProviders": [
        "OC\\Preview\\PNG",
        "OC\\Preview\\JPEG",
        "OC\\Preview\\GIF",
        "OC\\Preview\\HEIC",
        "OC\\Preview\\MP",
        "OC\\Preview\\XBitmap",
        "OC\\Preview\\MP3",
        "OC\\Preview\\TXT",
        "OC\\Preview\\MarkDown",
        "OC\\Preview\\Movie",
        "OC\\Preview\\MSOfficeDoc",
        "OC\\Preview\\MSOffice2003",
        "OC\\Preview\\MSOffice2007",
        "OC\\Preview\\PDF"
    ],
    "updater.release.channel": "stable",
    "data-fingerprint": "abc123",
    "mysql.utf8mb4": true,
    "overwriteprotocol": "https",
    "app_install_overwrite": [
        "admin_notifications",
        "files_external_dropbox",
        "twofactor_rcdevsopenotp",
        "files_opds",
        "files_external_onedrive",
        "dicomviewer",
        "issuetemplate"
    ],
    "auth.bruteforce.protection.enabled": true,
    "memcache.local": "\\OC\\Memcache\\APCu",
    "memcache.distributed": "\\OC\\Memcache\\Redis",
    "redis": {
        "host": "***REMOVED SENSITIVE VALUE***",
        "port": 0,
        "dbindex": 0,
        "timeout": 1.5
    },
    "mail_sendmailmode": "smtp",
    "mail_smtpauthtype": "LOGIN",
    "mail_smtpauth": 1,
    "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
    "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
    "mail_smtpport": "587",
    "updater.secret": "***REMOVED SENSITIVE VALUE***"
}

Are you using external storage, if yes which one: local/smb/sftp/...

Are you using encryption: false

Are you using an external user-backend, if yes which one: /Webdav/...

Client configuration

Browser: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0

Operating system: Windows 10

Logs

Web server error log 
sudo netstat -a|grep clam
unix  2      [ ACC ]     STREAM     LISTENING     2746553  /var/run/clamav/clamd.ctl


Error:

[Fri Aug 28 11:13:14.906618 2020] [proxy_fcgi:error] [pid 9233:tid 140160903591680] (70007)The timeout specified has expired: [client 89.204.153.61:60881] AH01075: Error dispatching request to : (reading input brigade)
[Fri Aug 28 12:27:07.358223 2020] [proxy_fcgi:error] [pid 9235:tid 140160903591680] (70008)Partial results are valid but processing is incomplete: [client 192.168.178.52:48695] AH01075: Error dispatching request to : (reading input brigade)
[Fri Aug 28 13:06:27.824212 2020] [access_compat:error] [pid 9233:tid 140160813491968] [client 192.168.178.54:50085] AH01797: client denied by server configuration: /var/www/nextcloud/config
[Fri Aug 28 13:10:15.024839 2020] [access_compat:error] [pid 9233:tid 140160729564928] [client 192.168.178.54:50434] AH01797: client denied by server configuration: /var/www/nextcloud/data/.ocdata
[Fri Aug 28 22:47:14.440039 2020] [access_compat:error] [pid 9233:tid 140160721172224] [client 192.168.178.54:49989] AH01797: client denied by server configuration: /var/www/nextcloud/config
[Fri Aug 28 23:45:09.276042 2020] [access_compat:error] [pid 9233:tid 140160805099264] [client 192.168.178.54:54827] AH01797: client denied by server configuration: /var/www/nextcloud/data/.ocdata
[Fri Aug 28 23:57:47.862974 2020] [access_compat:error] [pid 9233:tid 140160763135744] [client 192.168.178.54:56191] AH01797: client denied by server configuration: /var/www/nextcloud/data/.ocdata
[Sat Aug 29 00:37:11.504255 2020] [access_compat:error] [pid 9235:tid 140160920393472] [client 192.168.178.54:60208] AH01797: client denied by server configuration: /var/www/nextcloud/data/.ocdata

nothing to  mention in access.
Nextcloud log 
Insert your Nextcloud log here
{"reqId":"SkTqeMAeOlE8JHDUcRfE","level":0,"time":"2020-08-29T01:20:04+02:00","remoteAddr":"192.168.178.54","user":"admin","app":"serverDI","method":"GET","url":"/ocs/v2.php/apps/notifications/api/v2/notifications","message":"The requested alias \"PreviewManager\" is depreacted. Please request \"OCP\\IPreview\" directly. This alias will be removed in a future Nextcloud version.","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0","version":"19.0.2.2"}
{"reqId":"Hi8PnSR2sv6flEcuuXFv","level":0,"time":"2020-08-29T01:20:04+02:00","remoteAddr":"192.168.178.54","user":"admin","app":"serverDI","method":"GET","url":"/settings/admin/security","message":"The requested alias \"PreviewManager\" is depreacted. Please request \"OCP\\IPreview\" directly. This alias will be removed in a future Nextcloud version.","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0","version":"19.0.2.2"}

nothing more
Browser log

nothing to mention
@TimoHess
Copy link
Author

TimoHess commented Sep 2, 2020

Still it doesn´t work with v.3.0.0

@markuman markuman mentioned this issue Sep 8, 2020
Open
@markuman
Copy link

markuman commented Sep 8, 2020

@TimoHess I guess it's the wrong parts of your nextcloud.log.

grep your nextcloud.log file for the first entry (level: 0, app: files_antivirus, message: starts with Response:).
On that message you can apply regexp in the nextcloud admin menu.

@TimoHess
Copy link
Author

TimoHess commented Sep 9, 2020
edited

{"reqId":"E5IIH1i9kx4ERHJaMxej","level":0,"time":"2020-09-09T22:45:06+02:00","remoteAddr":"192.168.178.54","user":"Timo","app":"files_antivirus","method":"PUT","url":"/remote.php/dav/uploads/Timo/3171924138/00000001","message":"Response :: stream: Win.Virus.Ramnit-7537604-0 FOUND\n","userAgent":"Mozilla/5.0 (Windows) mirall/3.0.1stable-Win64 (build 20200828) (Nextcloud)","version":"19.0.2.2"}

@markuman I like you linked issue, but for me there is the mistake that I even can´t add rules. I make some rule, reload the page and its gone...:

{"reqId":"tKB9fKTXxhm0Gy0dlM7X","level":0,"time":"2020-09-09T22:53:33+02:00","remoteAddr":"192.168.178.54","user":"admin","app":"serverDI","method":"GET","url":"/apps/files_antivirus/settings/rule/listall","message":"The requested alias "PreviewManager" is depreacted. Please request "OCP\IPreview" directly. This alias will be removed in a future Nextcloud version.","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0","version":"19.0.2.2"}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@markuman @TimoHess