New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OCC Decrypt all always fails to complete. #25599
Comments
@owncloud/qa please verify - THX |
@wipeoutdude when you run ./occ encryption:decrypt-all command via CLI, did you get the following message in your screen? Files for following users couldn't be decrypted, |
@davitol - No, I don't get that message, it appears to be processing through all users just fine but has never completed yet and as I said appears to be going thorough the same files (shared files) over and over again.. |
@wipeoutdude this shouldn't happen. We skip files which are already decrypted, see https://github.com/owncloud/core/blob/master/lib/private/Encryption/DecryptAll.php#L220 Maybe because of some caching issues it might happen that your server still reads the old value? I couldn't reproduce it. For many large shared folders it might even have a performance impact if it works as expected, just because we look at every shared file just to decide that nothing has to be done. Therefore I proposed this PR at the Nextcloud repository, maybe you want to give it a try if this changes anything for you: nextcloud/server#608 @DeepDiver1975 feel free to copy it if it turns out to be useful. If we ignore the tests, the changes should be small enough to avoid copyright issues. |
Thanks for the pointer @schiessle - much appreciated! |
@wipeoutdude I had a simular issue while decrypting all files. It takes very long and shared files are decrypted multiple times. |
What type did you see? THX |
gettype($file->isEncrypted()) says it is a string |
what are the values you are observing? |
I get "1" for encrypted and "0" for unencrypted files. |
THX |
While this was obviously a valid bug report, I would like to point out that the motivation for decrypting as stated by @wipeoutdude does not make much sense to me. There seem to be a couple of misunderstandings as to how encryption works that keep coming back:
Maybe we should consider documenting this somewhere? |
@jknockaert You can edit and send a pull request https://github.com/owncloud/documentation/blob/master/admin_manual/configuration_files/encryption_configuration.rst :) |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Firstly let me say that Owncloud is brilliant..
When I first installed Owncloud back in the 8.x days I didn't properly grasp how the encryption module works and that locally encrypted files are a little pointless since the keys are sitting there too.. 100% of our storage is local so I really shouldn't have even enabled the module in the first place..
For quite a while now I have been trying to run the decrypt-all OCC command to remove encryption from the local files but it always fails.. I upgraded to OC 9.1 over the weekend and tried again but it still failed.. There are no specific error messages it simply appears to stop after a number of hours..
Another issue that seems to be causing the process to run a LOT longer than it needs to is the attempted re-decrypting of shared files over and over again for each user who has access to those files.. 99% of the files stored on the server are shared between most/all of the users and the decryption is running through the same files over and over again.. Surely if the file has been decrypted in step 1 of x it doesn't need to be re-decrypted for each user that has access to that file?
Perhaps I need to decrypt user by user individually then i won't try re-decrypt the files? Issue there is that it seems the first step is to disable the encryption module so not sure how that would work out.. Or maybe I have to un-share all files then decrypt-all and then re-share the files again but that too would be quite a job and would cause a lot of resyncing of data to the PC's..
The documentation doesn't suggest there is a special process to follow to remove and disable encryption..
Steps to reproduce
Expected behaviour
All files for all users decrypted and encryption module no longer required.
Actual behaviour
Process starts and runs for a very long time through step 1 of 7, 2 of 7.... Then it falls over..
Last attempt made it to 6 of 7 before stopping but other attempts haven't made it as far.. This took about 3 hours.. All files then totally inaccessible through the web interface so I then have to completely restore the server from backup..
Server configuration
Operating system:
Cpanel server running Centos
Web server:
Apache under Cpanel
Database:
Mysql under Cpanel
PHP version:
5.6.20
ownCloud version: (see ownCloud admin page)
Currently 9.1 but have had the issue through all the 9.0.x versions since I started trying to remove the encryption module.
Updated from an older ownCloud or fresh install:
Upgraded
Where did you install ownCloud from:
Owncloud website
Signing status (ownCloud 9.0 and above):
No errors found
List of activated apps:
Enabled:
Disabled:
The content of config/config.php:
Default config
Are you using external storage, if yes which one: local/smb/sftp/...
No
Are you using encryption: yes/no
Yes
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...
No
Client configuration
Browser:
SSH
The text was updated successfully, but these errors were encountered: