Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: detect inadvertent overlapping config files that break things #49956

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

joshtrichards
Copy link
Member

@joshtrichards joshtrichards commented Dec 21, 2024

Summary

Addresses avoidable support matters (on the forum/etc) and invalid bug reports about updating/upgrading problems when people back up their config.php as something like old.config.php. This can create numerous problems (i.e. "Why are my config changes never taking effect?" and "Why does my Nextcloud keep saying it needs an upgrade after upgrading?").

This PR detects when there are multiple config files and any of them (other than the default config.php) contain a version string. This is a telltale sign of an inadvertent *.config.php (such as a backup) existing in config/ and creating a conflict.

Since this is a Nextcloud Server managed parameter + the built-in updater doesn't even support multiple configuration files there is virtually zero chance this is a valid situation. So we consider it fatal.

PR also lightly enhances and refactors error message handling same area of code a bit:

  • avoid showing the uncontrollable leading content when a config file contains leading content (by wrapping in output buffering)
  • generate a proper HTTP return code (500 rather than 200) when leading content is detected (since we can now with the OB wrapping in place)
  • don't generate unhandled exceptions that the web UI can't handle properly anyway (i.e. avoid generating Fatal error: Uncaught Error: Typed static property OC::$server must not be accessed before initialization in /[...] alongside the actual error)
  • use basename in all, not just most cases (to minimize exposure of unnecessary path details to unauthenticated users when seen via the web)
  • tiny tweaks to make output format more consistent across the various possible fatal errors here
  • streamlined error output at both command-line and web

TODO

  • ...

Checklist

Fixes #32648

Detects when there are multiple config files and any of them other than the default `config.php` contain a `version` string: the telltale sign of an inadvertent `*.config.php` (such as a backup) existing in `config/` and creating a conflict (which breaks upgrades).

Also refactors error message handling.

Signed-off-by: Josh <[email protected]>
@joshtrichards joshtrichards added bug 3. to review Waiting for reviews feature: install and update papercut Annoying recurring issue with possibly simple fix. feature: settings feature: occ ♻️ refactor Refactor code (not a bug fix, not a feature just refactoring) labels Dec 21, 2024
@joshtrichards joshtrichards added this to the Nextcloud 31 milestone Dec 21, 2024
@joshtrichards joshtrichards requested review from a team, artonge, skjnldsv and provokateurin and removed request for a team December 21, 2024 19:24
@joshtrichards joshtrichards changed the title fix: detect inadvertent overlapping config files that break upgrades fix: detect inadvertent overlapping config files that break things Dec 21, 2024
@provokateurin
Copy link
Member

Also see #49926.
I think we might want to prevent a few other keys to be defined in any additional config file, like installed for example.

}

// Try to acquire a file lock
if (!flock($filePointer, LOCK_SH)) {
throw new \Exception(sprintf('Could not acquire a shared lock on the config file %s', $file));
http_response_code(500);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use Http framework:

public const STATUS_INTERNAL_SERVER_ERROR = 500;

if (isset($CONFIG) && is_array($CONFIG)) {
// try to detect unintentionally overlapping config files (which will break things like upgrades)
if (isset($CONFIG['version']) && $file !== $this->configFilePath) {
http_response_code(500);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here.

@blizzz blizzz mentioned this pull request Jan 8, 2025
This was referenced Jan 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
3. to review Waiting for reviews bug feature: install and update feature: occ feature: settings papercut Annoying recurring issue with possibly simple fix. ♻️ refactor Refactor code (not a bug fix, not a feature just refactoring)
Projects
None yet
3 participants