Error message: session_start() Permission denied
stephaneeybert
30/11/2011, 11h20
Voila aussi ce que montrait la log:
[Wed Nov 30 11:50:41 2011] [error] [client 84.52.0.132] Error message: session_start() [
function.session-start]: open(/tmp/sess_d5iq7d422kffrlqtqmlnilvpl0, O_RDWR) failed: Permission denied (13), referer:
http://www.learnintouch.com/engine/m...tion/admin.php
Cela corrobore le problème de permissions.
Il est surprenant que ce soit le user du fichier script php, et non le user de httpd, qui soit pris en compte lors de l'accès au fichier de session dans /tmp
stephaneeybert
30/11/2011, 11h03
J'ai l'impression que cela est peut-être lié à la chose suivante:
Il m'arrive d'oublier de donner le user et le group sur les fichiers scripts php que je déploie sur le server.
Ainsi, ces fichiers ont ils le user stephane et le group stephane alors qu'ils devraient avoir le user learnintouch et le group www
vps13495 stephane # ll ../learnintouch/engine/modules/elearning/assignment/class/admin.php
-rw-r--r-- 1 stephane stephane 5238 2011-11-30 11:49 ../learnintouch/engine/modules/elearning/assignment/class/admin.php
vps13495 stephane # chown -R learnintouch:www ../learnintouch/
vps13495 stephane # ll ../learnintouch/engine/modules/elearning/assignment/class/admin.php
-rw-r--r-- 1 learnintouch www 5238 2011-11-30 11:49 ../learnintouch/engine/modules/elearning/assignment/class/admin.php
vps13495 stephane #
Ce changement de user et group a provoqué la disparition du message d'erreur de la session.
stephaneeybert
30/11/2011, 10h52
Et le problème vient de refaire surface..
Le même message:
Error message: session_start() [function.session-start]: open(/tmp/sess_d5iq7d422kffrlqtqmlnilvpl0, O_RDWR) failed: Permission denied (13)
Mais sur une autre page cette fois-ci.
Pourtant mon répertoire de fichiers de sessions a l'air correct:
vps13495 stephane # ll /tmp/
total 80
-rw-r--r-- 1 ovh ovh 1881 2011-11-30 11:50 cpu_stats
-rw-r--r-- 1 learnintouch www 44564 2011-11-30 10:00 oi_plugins.php
-rw------- 1 learnintouch www 177 2011-11-30 11:20 sess_095rpav0b7ecehf3nshdmb5d50
-rw------- 1 learnintouch www 351 2011-11-30 10:19 sess_6n4hg7tca20nnllj8qmhc3auj1
-rw------- 1 learnintouch www 163 2011-11-30 10:55 sess_cs2kgrdsdaf6goao5gnd6v9v96
-rw------- 1 learnintouch www 123 2011-11-30 11:47 sess_d5iq7d422kffrlqtqmlnilvpl0
-rw------- 1 learnintouch www 177 2011-11-30 11:20 sess_kansk3541193sum68f7aobqp05
-rw------- 1 learnintouch www 177 2011-11-30 10:23 sess_obckcecj2ifmujmgrfg50gebu0
-rw------- 1 learnintouch www 177 2011-11-30 10:23 sess_tglakrh0mnp8or1d1dakdk9293
drwxr-xr-x 7 201 201 4096 2010-12-24 13:25 vmware-tools-distrib
vps13495 stephane #
stephaneeybert
30/11/2011, 08h58
Le problème ne se produit plus maintenant. Etrange.. Je n'ai rien fais pour cela pourtant.
stephaneeybert
27/11/2011, 14h40
The /tmp directory had a sticky bit:
drwxrwxrwt 6 root root 28672 2011-11-27 15:29 tmp
I changed the permissions to 777:
drwxrwxrwx 6 root root 28672 2011-11-27 15:29 tmp
But it didn't help and the error remained the same.
And I don't know why the session files have the user and group stephane as in:
vps13495 stephane # ll /tmp/
total 8
-rw------- 1 stephane stephane 162 2011-11-27 15:39 sess_v2qob5ji089bo74sq982ct8hu3
stephaneeybert
25/11/2011, 10h33
Here is my session setup:
session
Session Support enabled
Registered save handlers files user sqlite
Registered serializer handlers php php_binary
Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_httponly Off Off
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 1000 1000
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.hash_bits_per_character 5 5
session.hash_function 0 0
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path no value no value
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies On On
session.use_trans_sid 0 0
SimpleXML
Simplexml support enabled
Revision $Revision: 314376 $
Schema support enabled
stephaneeybert
25/11/2011, 10h31
Otherwise, I can also see that my PHP 5.3.8-pl0-gentoo has the following directive:
session.use_only_cookies = 1
It is recommanded to avoid session hijacking.
I tried to set it to 0 and restarted httpd but the problem remained the same, the I reverted it to 1.
stephaneeybert
25/11/2011, 10h30
The phpinfo() shows the session.save_path has not been set:
session.save_path no value no value
Should I set it ?
stephaneeybert
25/11/2011, 10h00
Mes fonctions de gestion de la session:
class LibSession {
// Open a new session or get the current one if any
// To check if a session exists, do not rely on the session id,
// but rather on a session variable
static function openSession() {
// Using sessions might prevent a browser from caching the form input fields content
// Set the session cache limiter to work around that issue
session_cache_limiter('nocache');
$PHPSESSID = session_id();
if (!$PHPSESSID) {
session_start();
$PHPSESSID = session_id();
}
// Store the session id in the session
LibSession:utSessionValue("PHPSESSID", $PHPSESSID);
}
// Close a session
static function closeSession() {
if (isset($_SESSION)) {
session_unset();
}
}
// Put a session value
// All session variables have a unique name, distinct from any other variables
// The session variable names should start with the word "session..."
static function putSessionValue($name, $value) {
$_SESSION["$name"] = $value;
}
// Get a session value
static function getSessionValue($name) {
$value = '';
if (isset($_SESSION)) {
if (array_key_exists($name, $_SESSION)) {
$value = $_SESSION["$name"];
}
}
return($value);
}
// Delete a session value
// Note : It is necessary to erase the content of the global variable
static function delSessionValue($name) {
LibSession:utSessionValue($name, '');
session_unregister($_SESSION["$name"]);
unset($_SESSION["$name"]);
}
// Check if a value is in a session
static function isSessionValueRegistered($name) {
if (isset($_SESSION) && array_key_exists($name, $_SESSION)) {
$value = $_SESSION["$name"];
} else {
$value = '';
}
if ($value) {
return(true);
} else {
return(false);
}
}
// Print all session variables
static function printSessionVariables() {
foreach ($_SESSION as $name => $value1) {
$value2 = LibSession::getSessionValue($name);
$str = "_SESSION[\"$name\"] = $value1 ( $value2 )";
print($str);
}
}
// Check the validity of a session
static function checkSession($sessionAccessTime, $timePeriod) {
// Get a hold of the current session
LibSession:penSession();
// Check if the session value is registered
if (!LibSession::isSessionValueRegistered($sessionAcc essTime)) {
return(false);
} else {
// Check the session timeout
$lastAccessStr = LibSession::getSessionValue($sessionAccessTime);
if ($lastAccessStr) {
$lastAccess = $lastAccessStr;
} else {
$lastAccess = time();
}
// Express in minutes
$timePeriod = $timePeriod * 60;
$timeElapsed = time() - $lastAccess;
$timeExtension = $timeElapsed - $timePeriod;
if ($timeExtension > 0) {
// Note that the access date must be deleted if the session times out
LibSession::delSessionValue($sessionAccessTime);
return(false);
} else {
// Update the last access time of the session
$accessed = time();
LibSession:utSessionValue($sessionAccessTime, $accessed);
return(true);
}
}
}
stephaneeybert
25/11/2011, 09h51
Pourtant le répertoire /tmp est en 777:
vps13495 stephane # ll /
...
drwxrwxrwt 6 root root 20480 2011-11-25 10:46 tmp
stephaneeybert
25/11/2011, 09h47
En cliquant sur un des drapeaux pour changer la langue, le problème se manifeste.
www.learnintouch.com
stephaneeybert
25/11/2011, 09h45
Le problème se produit dès que je store une variable en session.
stephaneeybert
25/11/2011, 09h38
J'ai un problème soudain:
Error message: session_start() [function.session-start]: open(/tmp/sess_cla8nc78k9f82dph1qg90n9jm0, O_RDWR) failed: Permission denied (13)
Apparemment, il y a un problème de droits sur les fichiers session dans le répertoire /tmp
vps13495 stephane # ll /tmp/sess_cla8nc78k9f82dph1qg90n9jm0
-rw------- 1 learnintouch www 123 2011-11-25 10:20 /tmp/sess_cla8nc78k9f82dph1qg90n9jm0
vps13495 stephane #
Je ne sais pas si avoir les fichiers session dans le répertoire /tmp est une bonne idée.
Sinon, que pensez de l'utilisation de la directive
SuexecUserGroup learnintouch www
au sein d'un virtual host ?
Merci.
Stephane
