Security & setup warnings warns for not existing problem

[rw71]

Steps to reproduce

1. Open Administration Overview
2. Security & setup warnings

Expected behaviour

Everything should be fine because permissions are inherent from main folder

Actual behaviour

"Security & setup warnings" reports directory not existing and other with inherited permissions.

Server configuration

Operating system: Linux DiskStation 4.4.59+ #23824 SMP PREEMPT Fri Sep 7 12:53:00 CST 2018 x86_64

Web server: Apache HTTP Server 2.4

Database: MariaDB 10.3.7

PHP version: 7.0.30

Nextcloud version: 14.0.3

Updated from an older Nextcloud/ownCloud or fresh install: Update

Where did you install Nextcloud from: Updater

Signing status:

Signing status

Some app directories are owned by a different user than the web server one. This may be the case if apps have been installed manually. Check the permissions of the following app directories:
/volume1/web/cloud/apps/@eaDir
/volume1/web/cloud/apps/bruteforcesettings

@eadir is not existing.
bruteforcesettings as inherited permissions from apps

[nextcloud-bot]

GitMate.io thinks possibly related issues are #8028 (Security problem / sharing options), #4596 (Consider about showing SQLite info in "Security & setup warnings" instead of "Tips & tricks" ), #1470 (Avoid warning for non-existing LDAP users), #11531 (Referrer-Policy Warning in "Security & setup warnings" not comprehensive), and #9250 (Security & setup warnings fails with 2 times the same header).

[rw71]

I found a temporary solution:

1. I removed and reinstalled the app "Brute-force settings"
2. I deleted all "@eadir" folder in my web subfolder
   I have a green checkbox now.

[MorrisJobke]

This is most likely due to app folders having the wrong permissions. Setting them to be writable by the web server should solve the issue as well.