Server: Update to minor version drives to update to major version
Steps to reproduce
- Use Version e.g. .16.0.6, see that there is already newer 16.0.7 and other Major version 17.0.2 on the market.
See that Minor version presented and try to update to it (channel is Stable).
Try to do update and see that it is Major version instead:
Go back because I need minor update.
Expected behaviour
What is shown is what you get - if Update to 16.0.7 shown, it should be also in the updater, not new Major version.
Actual behaviour
Trying update to minor version drives to update to major version.
Server configuration
Operating system: Ubuntu 18.04
Web server: Apache/2.4.41 (Ubuntu)
Database: mysql Ver 15.1 Distrib 10.1.43-MariaDB, for debian-linux-gnueabihf (armv7l) using readline 5.2
PHP version: PHP 7.3.11
Nextcloud version: 16.06
Updated from an older Nextcloud/ownCloud or fresh install: Updated
Where did you install Nextcloud from: Official
Signing status:
Signing status
No errors have been found.
List of activated apps:
App list
Enabled:
- accessibility: 1.2.0
- activity: 2.9.1
- admin_audit: 1.6.0
- audioplayer: 2.8.4
- bruteforcesettings: 1.4.0
- calendar: 1.7.1
- checksum: 0.4.3
- cloud_federation_api: 0.2.0
- comments: 1.6.0
- data_request: 1.3.0
- dav: 1.9.2
- deck: 0.6.6
- federatedfilesharing: 1.6.0
- federation: 1.6.0
- files: 1.11.0
- files_automatedtagging: 1.6.0
- files_external: 1.7.0
- files_pdfviewer: 1.5.0
- files_retention: 1.5.1
- files_rightclick: 0.15.1
- files_sharing: 1.8.0
- files_texteditor: 2.8.0
- files_trashbin: 1.6.0
- files_versions: 1.9.0
- files_videoplayer: 1.5.0
- firstrunwizard: 2.5.0
- flowupload: 0.1.5
- gallery: 18.3.0
- gpxpod: 4.1.0
- keeweb: 0.5.1
- logreader: 2.1.0
- lookup_server_connector: 1.4.0
- mail: 0.17.0
- maps: 0.1.2
- nextcloud_announcements: 1.5.0
- notes: 3.0.3
- notifications: 2.4.1
- oauth2: 1.4.2
- password_policy: 1.6.0
- phonetrack: 0.5.2
- polls: 0.10.4
- previewgenerator: 2.1.0
- privacy: 1.0.0
- provisioning_api: 1.6.0
- radio: 0.6.5
- recommendations: 0.4.0
- serverinfo: 1.6.0
- sharebymail: 1.6.0
- survey_client: 1.4.0
- systemtags: 1.6.0
- theming: 1.7.0
- twofactor_backupcodes: 1.5.0
- twofactor_totp: 3.0.1
- unsplash: 1.1.4
- updatenotification: 1.6.0
- viewer: 1.2.0
- weather: 1.6.4
- workflowengine: 1.6.0
Disabled:
- encryption
- files_external_dropbox
- impersonate
- sharerenamer
- support
- user_ldap
- workflow_script
Nextcloud configuration:
Config report
{
"system": {
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": {
"0": "DOMAIN1",
"2": "DOMAIN2"
},
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"overwrite.cli.url": "https:\/\/DOMAIN1\/nextcloud",
"dbtype": "mysql",
"version": "16.0.6.1",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"filesystem_check_changes": 0,
"memcache.local": "\\OC\\Memcache\\APCu",
"memcache.locking": "\\OC\\Memcache\\Redis",
"memcache.distributed": "\\OC\\Memcache\\Redis",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 6379,
"timeout": 1.5
},
"mail_smtpmode": "smtp",
"mail_smtpauthtype": "LOGIN",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"maintenance": false,
"theme": "",
"logfile": "\/var\/nextcloud\/data\/nextcloud.log",
"loglevel": 1,
"trashbin_retention_obligation": "14, auto",
"versions_retention_obligation": "14, 180",
"data-fingerprint": "***REMOVED SENSITIVE VALUE***",
"enable_previews": true,
"enabledPreviewProviders": [
"OC\\Preview\\PNG",
"OC\\Preview\\JPEG",
"OC\\Preview\\GIF",
"OC\\Preview\\BMP",
"OC\\Preview\\XBitmap",
"OC\\Preview\\Movie",
"OC\\Preview\\PDF",
"OC\\Preview\\MP3",
"OC\\Preview\\TXT",
"OC\\Preview\\MarkDown"
],
"preview_max_x": 1080,
"preview_max_y": 1920,
"auth.bruteforce.protection.enabled": true,
"simpleSignUpLink.shown": false,
"mail_smtpsecure": "tls",
"mail_smtpauth": 1,
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "587",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"twofactor_enforced": "true",
"twofactor_enforced_groups": [
"admin"
],
"twofactor_enforced_excluded_groups": [],
"has_rebuilt_cache": true
}
}
Are you using external storage, if yes which one: local + WebDAV
Are you using encryption: no
Are you using an external user-backend, if yes which one: No
GAS85
All 15 comments
1) There is a file updater.log somewhere. Please grab "[info] updateURL: xxxx" and post it here.
2) Modify nextcloud to log the updaterURL used by updatenotification app. Wait around 30 minutes (because the updater response is cached for 30 minutes) and visit the admin page again. Look for updateURL in nextcloud.log and post it here.
Index: lib/private/Updater/VersionCheck.php
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
--- lib/private/Updater/VersionCheck.php (revision 29f6f15cf3c63df07b81d7c97fe547f27a3906b3)
+++ lib/private/Updater/VersionCheck.php (date 1576767974554)
@@ -87,6 +87,7 @@
//fetch xml data from updater
$url = $updaterUrl . '?version=' . $versionString;
+ \OC::$server->getLogger()->info('updateURL: ' . $url);
$tmp = [];
try {
The updater server should return the same update for the same request hence we need to figure out why the updater sends a different request then admin view. Thanks in advance :+1:
kesselb
on 19 Dec 2019
Having the same issue when invoking the update via command line. It says update to 16.0.7 when checking the web gui and 17.0.2 with updater.phar.
As requested (hope it helps):
[info] updateURL: https://updates.nextcloud.com/updater_server/?version=16x0x6x1xxxstablexx2019-11-07T22%3A22%3A16%2B00%3A00+0e57eabfa0d510bcab79bc361f87d4b06f6deb85x7x3x11
After applying your patch and waiting for an hour, the behavior is the same (gui proposes 16.0.7 and cli wants to install 17.0.2).
Nils160988
on 20 Dec 2019
Thanks @Nils160988
Please check the nextcloud.log for updateURL.
kesselb
on 20 Dec 2019
You mean updater.log probably?
updateURL in updater.log stays the same and there is no entry in nextcloud.log
Nils160988
on 20 Dec 2019
No. nextcloud.log. The patch above should log the used updaterURL. Please ensure that your logging info message. Should be loglevel = 1. Updater itself is a component independent from nextcloud. Nextcloud and Updater both check the updater_server for available updates. I suspect that the request differs.
kesselb
on 20 Dec 2019
Ah, was missing loglevel = 1...
nextcloud.log:
https:\/\/updates.nextcloud.com\/updater_server\/?version=16x0x6x1x1438463944.1522x1576840340xstablexx
Nils160988
on 20 Dec 2019
Hmm. Could you recheck? The url is missing some parts (after stablexx should be something about your php version. 7x4x0 for example).
kesselb
on 20 Dec 2019
After stablexx there is some timestamp I thought is not part of the URL anymore...
This should be the full entry:
updateURL: https:\/\/updates.nextcloud.com\/updater_server\/?version=16x0x6x1x1438463944.1522x1576840340xstablexx2019-11-07T22:22:16+00:00 0e57eabfa0d510bcab79bc361f87d4b06f6deb85x7x3x11
Nils160988
on 20 Dec 2019
https://updates.nextcloud.com/updater_server/?version=16x0x6x1xxxstablexx2019-11-07T22%3A22%3A16%2B00%3A00+0e57eabfa0d510bcab79bc361f87d4b06f6deb85x7x3x11
https://updates.nextcloud.com/updater_server/?version=16x0x6x1x1438463944.1522x1576840340xstablexx2019-11-07T22%3A22%3A16%2B00%3A00+0e57eabfa0d510bcab79bc361f87d4b06f6deb85x7x3x11
Updater does not send the installation date. But the "chance" is derived from the installation date. "change" is the probability that nextcloud 16.0.7 or nextcloud 17.0.2 is announced to your instance. Without installation date the updater_server will announce you the first element (usually the newest one).
Never the less we should query the updater_server with the same data. installedat and lastupdatedat are app values (=> they are stored in the database) hence not available to updater (only config.php values are available). It's like that since a while and there are some other reports about this issue around. Not sure if it's a issue for many people.
cc @nextcloud/server-triage for opinions
kesselb
on 20 Dec 2019
No, 16.0.6 should always get 16.0.7 offered
nickvergessen
on 20 Dec 2019
If so the updater_server has to be configured properly: https://github.com/nextcloud/updater_server/blob/4d34da73a480d6a9f5aac95e21b95053e954d1b9/config/config.php#L355-L384
I asked @jospoortvliet about that at some topic over at help.nextcloud.com and he told me that he will discuss this with the release managers.
But still the updater and updatenotification app are sending different requests.
kesselb
on 20 Dec 2019
This is getting a bit critical now regarding 17.0.5 and 18.0.3 security updates.
If I read the discussion #20119 correctly there is a security relevant bug in Nextcloud and the updates are kind of urgent.
I have a 17.0.4 (stable) production system I do not want (and due to missing app support) cannot update to 18.0.3, but the updater is only offering 18.0.3.
So I have to choose between staying on 17.0.4 with a possibly security related flaw or update to 18.0.3 and loose apps.
Not a pleasant decision...
bpcurse
on 24 Mar 2020
Updating manual is just fine in the meantime:
https://docs.nextcloud.com/server/latest/admin_manual/maintenance/manual_upgrade.html
nickvergessen
on 24 Mar 2020
@nickvergessen Thank you for the quick reply, but I cannot stop or restart the webserver on shared hosting.
Or maybe it is sufficient to remove the subdomain connected to the webspace temporarily?
bpcurse
on 24 Mar 2020
Or maybe it is sufficient to remove the subdomain connected to the webspace temporarily?
yes, it's just to prevent people accessing it
nickvergessen
on 24 Mar 2020
Related issues
jancborchardt
路
3Comments
ChristophWurst
路
3Comments
MariusBluem
路
3Comments
georgehrke
路
3Comments
georgehrke
路
3Comments
Most helpful comment
This is getting a bit critical now regarding 17.0.5 and 18.0.3 security updates.
If I read the discussion #20119 correctly there is a security relevant bug in Nextcloud and the updates are kind of urgent.
I have a 17.0.4 (stable) production system I do not want (and due to missing app support) cannot update to 18.0.3, but the updater is only offering 18.0.3.
So I have to choose between staying on 17.0.4 with a possibly security related flaw or update to 18.0.3 and loose apps.
Not a pleasant decision...