How do i get the "su" password inside a container? (Nextcloud help)

Hi,
i’ve installed nextcloud (via the app on the store) and i need to import massive data (400GB+) the nextcloud uploader (webDav) struggles with a lot of data (crashes, weird errors, missing files, etc…) i found out that many people are using ssh/ftp do directly upload the data inside the dataset with the user data, after doing so they run:

su -m www-data -c ‘php occ files:scan --all’

(source)

To make nextcloud update and acctualy find the added files when i try to do so i get asked for a password, and i have no idea what this password is, i’ve tryed to run the command both from the pod shell and from the system shell logged as root:

k3s kubectl -n ix-nextcloud exec -ti nextcloud-redis-67bcd9b5b-pxfz9 – su -m www-data -c ‘php occ files:scan --all’

But of course i get asked for the same password, is there any config that i’m missing?

Are you logged in to the webUI as root, or as another user like admin?

I’m logged in as admin(web ui) do I need to log in as root ?

I believe so. I haven’t seen the container commands work as any user other than root.

Someone else may confirm this.

I did try with the root login and i STILL have the same problem:

i’m doing something wrong? this time we have the warning but that’s it

Ticking this:
image
removed the warning but still admin power

image

But still… no luck

I did find a “workaround” i never needed to get the “SU” access, i just needed to tun the OCC command

So i found this:

It’s an app that gives you access to the OCC console from the web UI, with this i was able to run:

files:scan username

image

And the files are now avaible in nextcloud

So, this fixes the issue!

According to Adphi (GitHub - Adphi/occweb), Nextcloud’s architecture no longer allows their tool to work. From what I’m reading in other forums the su password permissions are still an issue.

Any new solutions to this issue?

Hi,
in the end i stopped using nextcloud all together instead, now i’m using SeaFile, it’s super easy to install if you are on ElectricEel,
But,
If your only goal is to sync files between machines then you can also use syncthing wich is even easier to use and hasslefree since you don’t need to open ports.

Does runuser work? Something like (from within the container, pod shell):

runuser --user www-data -- php occ db:add-missing-indices

I’ve never had to enter any su password, strange. The su command that works for me without any password asked for is:

su -s /bin/bash www-data -c 'php occ db:add-missing-indices'

Of course, change the occ commands as needed.

That might be the play. I appreciate all the tools in Nextcloud but it’s been a pain to get working!

Thanks sfatula, runuser command is a new one. Unfortunately, even when logged in as root, it doesn’t want to run.

Using your su command also didn’t seem to change anything. Anytime I try to use su it asks for a password (and it is not my set password, ‘admin’, blank, or the code to my luggage: ‘12345’)

Actually, it says may not be run by NON root users. So, how are you getting into the container, what command or what exactly are you doing?

And, in the container, type whoami please, what is the result?

That’s a good point, I didn’t quite register that nuance. Thanks for pushing that line of questioning. That was critical in resolving the su issue and most of my system errors. (There are a couple left - if you have suggestions, I’d love to hear them)

Logging into the web gui as root >> apps >> nextcloud >> workload >> containers >> nextcloud: 30.0.0



Now, while going through this exercise I noticed the pod name contained 'redis ’ which I don’t think it’s supposed to… spoiler: after some testing it’s not!

I was able to log in as admin, and when I picked the right pod:




Running this has resolved the ‘database is missing some indexes’ warning/error even after restarting TrueNAS (which I had read some users having an issue with).

I also was able to run:

  • ‘occ maintenance:repair --include-expensive’ command to solve the mimetype migration error.
  • ‘occ config:system:set maintenance_window_start --type=integer --value=1’ to handle the maintenance window error.

Remaining errors:


The integrity check appears to be an extra file named ‘nextcloud-init-sync.lock’ and I’m not finding how to remove it.
Per Strict-Transport-Security, I am currently accessing a vpn with no proxies/domains set up. I have not installed any nginx management apps yet.

I figured something like that was up, good you found it. redis is ok, some apps have several “apps” within them. Nextcloud uses redis to cache stuff. But yes, you shouldn’t go into there to do nextcloud commands. Install is looking ok now.

For the sync lock, look in your log file in nextcloud admin and see what it tells you about that file. It probably has an error and tells you the path.

Cool, I was able to find the file nextcloud-init-sync.lock in the top directory (or at least, it’s listed immediately with ‘ls’). Unfortunately, I am having trouble deleting the file now that I’ve found it. The closest result I can get is:

# su -s /bin/bash www-data -c rm nextcloud-init-sync.lock
rm: missing operand

Any ideas what I’m missing here?

Can you not just rm the file without su etc? Isn’t the default user root?

… could of sworn I tried that, apparently not cause that did the trick :slight_smile:

I really appreciate your help on all these!!

Great, so nextcloud fully happy at last?

Pretty much, I still have the Strict-Transport-Security issue. I tried reading about that and it sounds like it might be something to worry about when/if I want to switch from a VPN to a domain address.

Do you know about that issue?