[Bug 482720] [NEW] Php cron job fails when there are a lot of session files in /var/lib/php5

Lorry lawrie at gmail.com
Sat Nov 14 17:20:10 GMT 2009 

*** This bug is a security vulnerability ***

Public security bug reported:

Binary package hint: php5

root at eris:/var/lib/php5# lsb_release -rd
Description:    Ubuntu 8.04.3 LTS
Release:        8.04
root at eris:/var/lib/php5# apt-cache policy php5
php5:
  Installed: 5.2.4-2ubuntu5.6
  Candidate: 5.2.4-2ubuntu5.7
  Version table:
     5.2.4-2ubuntu5.7 0
        500 http://de.archive.ubuntu.com hardy-updates/main Packages
        500 http://security.ubuntu.com hardy-security/main Packages
 *** 5.2.4-2ubuntu5.6 0
        100 /var/lib/dpkg/status
     5.2.4-2ubuntu5 0
        500 http://de.archive.ubuntu.com hardy/main Packages
root at eris:/var/lib/php5#

-- Description:

The cron job /etc/cron.d/php5 is meant to clear out /var/lib/php5 of old
session files, which is fine generally... But:

The cron job uses xargs with the -0 option - This is the effect on a
cleanish and newly purged (30 seconds ago) directory:

root at eris:/var/lib/php5# find . -print | xargs -0
.
./sess_3cf1404393d2ed9f2ca38c18fe74faba
./sess_f98b526208a668d407d4407a09006bd5
./sess_94a5a7dc98b985d170db93bb19c4dfd8
./sess_de29f9fbeb695de7df5fce6b69921ef0
./sess_29e1d26ecce86f3386595fe9ecff2b6a
./sess_a44fc67ea7aa7c39100e67cb1040199c
./sess_86849bfdedf6fd957ae873b455e936f6
./sess_a995ac4897a1db02e477384a8e3a1f05
./sess_e76aab3594fda5aa961be1e3d339bfed
./sess_090f28216167271d050078f31b41f6f1
./sess_92b65c8a5f82700dd9f6e6166ba98019

root at eris:/var/lib/php5#

However - This is a very full directory such as the one that completely
filled my disk yesterday:

root at eris:/var/lib/php5# find . -print | xargs -r -0
xargs: argument line too long
root at eris:/var/lib/php5# 

This results in the disk with /var on it filling and the system becoming
completely unusable - Which is why I ticked the security vulnerability
since effectively, this is a DOS, you may feel free to disagree.

So far my fix is one of:

1. Run the cron job more often so it doesn't fill the thing so much it can't be deleted (poor hack)
2. Remove the -0 option to xargs in /etc/cron.d/php5 - Since -0 is new to me and seems to have little documentation I am not sure what this will break.
3. Change the lifetime of the session files in /usr/lib/php5/maxlifetime

Only 2 is a good solution but I am still wondering why they used -0 and
if there is a valid reason for it.

** This could of course be a bug in xargs but it manifests in php5 and
since I don't have a clue what -0 is meant to do, I am not going
there...

Michael.

** Affects: php5 (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

-- 
Php cron job fails when there are a lot of session files in /var/lib/php5
https://bugs.launchpad.net/bugs/482720
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.

More information about the Ubuntu-server-bugs mailing list