Solved

Plesk PHP Session Cleanup unable to delete files from /var/lib/php/session

Posted on 2014-04-10
9
2,551 Views
Last Modified: 2014-04-16
I'm using 11.0.9 CentOS 6 110120608.16

All session files on my server are stored in the folder /var/lib/php/session

The folder has the following permissions set:

drwx-wx-wt 2 root root 548864 Apr 10 20:09 session

But all session files inside that folder only have rw permissions for there apache user exclusively

So I think the cron configured in /etc/cron.hourly/plesk-php-cleanuper is unable to actually perform the session cleanup, hence the size of the folder continues to grow and at this point every time the job runs and combs through all files the I/O weight goes to 100% and slows my entire server down to the point where the applications hosted on it are completely unaccessible.

How can I resolve this matter?
0
Comment
Question by:SWB-Consulting
  • 6
  • 3
9 Comments
 
LVL 25

Expert Comment

by:Zephyr ICT
Comment Utility
I think you can set the rights on this folder as follows:

chmod 1777 /var/lib/php/session

Using sticky bit nobody can change the rights on this folder but the root user.
0
 

Author Comment

by:SWB-Consulting
Comment Utility
OK, but how do I get the actual session files to be generated so they're accessible to the root user? Right now they are only generated with rw permissions to the apache user.
0
 
LVL 25

Expert Comment

by:Zephyr ICT
Comment Utility
So the files get created with user apache:apache in rw? Is that the issue? I'm sorry, might have misunderstood ...

I'm assuming you already did the upgrade: http://kb.parallels.com/en/115704 ??
0
 

Author Comment

by:SWB-Consulting
Comment Utility
No worries, yes I did that workaround on there. But I'm actually running PHP as module so not sure if that applies.

Yes, the problem seems to be that all session files are created with rw permission for ONLY the apache user. But the cleanup job is run under root.

Even when I try to remove a single file in that folder as root user it won't do it, it just finishes the delete command without any response and nothing has changed.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 25

Expert Comment

by:Zephyr ICT
Comment Utility
You can change the permissions on those file though, no?

chmod 777 /var/lib/php/session/*

or change the owner for all files in that directory first then run the script again for cleanup?

chown root:root /var/lib/php/session/*
0
 

Author Comment

by:SWB-Consulting
Comment Utility
True, if I do it manually one time I could do that. But on an ongoing basis I have an automated job running that always tries to remove those files.

Or I could maybe just run the job as a crontab under the apache user.

I understand and appreciate your idea, but it strikes me as a bit of a patch/workaround. Everything that is in place right now is the way plesk seems to have it set by default, so I'm wondering if there isn't some way to get the session files saved with less restrictive permissions?

I can't be the only one on plesk with this issue (although I haven't found anyone with exactly this issue)
0
 

Author Comment

by:SWB-Consulting
Comment Utility
This is the cronjob that plesk has created to cleanup sessions:

[ -x /usr/lib64/plesk-9.0/maxlifetime ] && [ -d /var/lib/php/session ] && find /var/lib/php/session -depth -mindepth 1 -maxdepth 1 -type f -cmin +$(/usr/lib64/plesk-9.0/maxlifetime) ! -execdir fuser -s {} 2>/dev/null \; -delete

Open in new window

0
 

Accepted Solution

by:
SWB-Consulting earned 0 total points
Comment Utility
Actually I figured it out: I changed the permissions from the officially prescribed Plesk ones (1733) to 733. Now the root user can delete files in that folder.
0
 

Author Closing Comment

by:SWB-Consulting
Comment Utility
I found the problem.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

This article discusses four methods for overlaying images in a container on a web page
This article discusses how to create an extensible mechanism for linked drop downs.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now