@mattab opened this Issue on December 21st 2010 Member

On the demo server, there are thousands of session files in tmp/sessions.

I also saw a tweet complaining about these: http://translate.googleusercontent.com/translate_c?hl=en&sl=auto&tl=en&u=http://twitter.com/gerritvanaaken/statuses/16796496468905984&rurl=translate.google.com&twu=1&usg=ALkJrhgTQd9DhFc-ekLd1yoPAtBVLTADDw

What is the solution to this problem, could we purge on a regular basis the out of date session files?

@robocoder commented on December 21st 2010 Contributor

Marking as dupe of #1279. When we move sessions to db, we'll have to implement our own session file cleanup.

Previously commented on in #1279

@mattab commented on December 22nd 2010 Member

I think we can run a manual cleanup function as a Piwik Scheduled task

Something like

$current_time = time();
$path = '/path/to/sessions/';

$handle = opendir($path);
while (($filename = readdir($handle)) !== false)
if ($filename != '.' && $filename != '..')
$filemtime = filemtime($path . $filename);
if ($current_time - $filemtime > 3600) {unlink($path . $filename);}
@robocoder commented on December 22nd 2010 Contributor

(In [3514]) refs #1279, refs #1910 - language preference for anonymous users is now stored in a cookie; we can't use this workaround for the dashboard layout because of cookie size limits

@robocoder commented on December 22nd 2010 Contributor

(In [3515]) refs #1279, refs #1910 - fix typo

@robocoder commented on December 29th 2010 Contributor

(In [3548]) refs #1910 - set expiry on anonymous user dashboard layouts

@robocoder commented on December 29th 2010 Contributor

matt: on demo.piwik.org, session.gc_probability = 0 ... which means garbage collection never runs. AFAIK this is a web server configuration error.

@robocoder commented on December 30th 2010 Contributor

looking at gerritvanaaken's tweet, the ftp user ID can't access the tmp files created under the web server user ID (which is an expected permission issue).

@mattab commented on January 1st 2011 Member

I wonder if it would

  • work at all to call ini_set( session.gc_probability ) and set it to non zero value
  • when we detect that this is zero
  • and if this is desired to interact with server configuration
  • and if PHP will apply the garbage collection to the current customized session path (ie tmp/sessions)

Requires experimentation

@robocoder commented on January 1st 2011 Contributor

Judging from the comments in php.ini, I think the behaviour on the demo was Debian-specific. In a standard PHP build, if session.gc_probability is undefined, it defaults to 1.

Looking at the PHP source, garbage collection is triggered at the end of session_start().

So, I'll set session.gc_probability to 1 if zero, and we're using a local session folder.

@robocoder commented on January 1st 2011 Contributor

(In [3552]) fixes #1910

@Jakhotiya commented on December 15th 2019

@mattab @robocoder I think setting session.gc_probability=1 in general causes problems for different environments. For example our session handler is redis and session save_path for webserver is /var/run/redis.sock
In this case automatic garbage cleanup will attempt to cleanup a directory to which it does not have access to, For example, opendir(/var/lib/php/session) failed: permission denied fails in my case.
As a result I see errors like
ERROR Piwik\Session[2019-12-12 09:14:06 UTC] [2267b] Unable to start session
Occasionally which are frequent but hard to reproduce.
When you are using redis for php sessions there is no need for garbage collection since TTL will take care of removing old sessions. Hence session.gc_probability should be zero. What Do you think??

@mattab commented on December 15th 2019 Member

@Jakhotiya would you mind creating a new issue to report this problem? This issue has been closed for a few years so it's better to create a new one.

@robocoder commented on December 15th 2019 Contributor

@Jakhotiya if you read my comment, setting it to 1 makes sense for local session files. If you're using some other session handler, you have to know what you signed up for and adapt the config/code accordingly.

@Jakhotiya commented on December 16th 2019

@mattab opened [issue](https://github.com/matomo-org/matomo/issues/15274
@robocoder This FAQ gave me impression matomo supports redis sessions. Is there a way adapt the config/code accordingly?

This Issue was closed on January 1st 2011
Powered by GitHub Issue Mirror