views:

54

answers:

2

Have been pulling out my hair trying to find out why my sessions are being terminated/killed/destroyed at 30 minutes. Well it looks like Debian based systems have a special cron running that ignores all php.ini and apache configurations and kills any idle session at 30 minutes.

The cron path: /etc/cron.d/php5

Inside the cron:

# /etc/cron.d/php5: crontab fragment for php5
#  This purges session files older than X, where X is defined in seconds
#  as the largest value of session.gc_maxlifetime from all your php.ini
#  files, or 24 minutes if not defined.  See /usr/lib/php5/maxlifetime

# Look for and purge old sessions every 30 minutes
09,39 *     * * *     root   [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm

I'm not bad at configuring and setting up hosts but I'm no sysAdmin. Could someone please help me override/edit/change/reconfigure this so I can set the value longer? I think 3 hours would be nice but I would like to understand the changes so if someone higher up wants to make the session time shorter/longer I con document how to configure the change.

Thanks to any insight help on this

EDIT: Adding /usr/lib/php5/maxlifetime code

#!/bin/sh -e

max=1440

for ini in /etc/php5/*/php.ini; do
        cur=$(sed -n -e 's/^[[:space:]]*session.gc_maxlifetime[[:space:]]*=[[:space:]]*\([0-9]\+\).*$/\1/p' $ini 2>/dev/null || true);
        [ -z "$cur" ] && cur=0
        [ "$cur" -gt "$max" ] && max=$cur
done

echo $(($max/60))

exit 0

so it looks to be searching all the php.ini files, finds the greatest value, compares it to 1440 (which is 24 minutes).

Here are the php.ini files

/etc/php5/apache2/php.ini
session.gc_maxlifetime = 1440 

/etc/php5/cgi/php.ini
session.gc_maxlifetime = 1440

/etc/php5/cli/php.ini
session.gc_maxlifetime = 1440

but why does my script session get killed at 30 minutes and not 24 minutes?

EDIT #2: CRON running every 30 minutes is why the session looks to be killed at 30 minute intervals. But it could also be 24 to 54 minutes, FYI

Also looking over the code in: /usr/lib/php5/maxlifetime it's taking the highest value and during my testing I was trying to lower the threshold to speed up the condition.

Looks like I just need to increase one on the php.ini files to over one hour test test.

+1  A: 

Edit the file /usr/lib/php5/maxlifetime

The value should be in seconds. This file will actually also check your php.ini so I don't know why it wasn't working for you.

Emil Vikström
That's what I thought as well but that file searches the php.ini files (all of them) and finds the greatest value in second (which is 1440 or 24 minutes). But my session doesn't timeout till 30 minutes and I can't figure out why
Phill Pafford
The cron job is only run every 30 minutes, so in fact your session can be valid for 24 to 54 minutes.
al
crap, just had a DUH moment. Thanks I think this will help me in setting a longer session.
Phill Pafford
+1  A: 

This is a question for serverfault.com.

However, change session.gc_maxlifetime in /etc/php5/apache2/php.ini or - if you don't have an apache2 one - one of the other /etc/php5/*/php.ini files. The script /usr/lib/php5/maxlifetime will then use the maximum for that setting found in any of those files.

Editing maxlifetime won't help or at least only until the php5-common package is updated again.

al
understandable about serverfault.com but I also think this is relevant because I have set the php.ini file as well as trying to set the value within php itself and it still kills the session at 30 minutes, even when everything is configured to 1440 seconds or 24 minutes
Phill Pafford