[solved] Sessions don't work

Discussion in 'Install/Configuration' started by 04nunhucks, Dec 3, 2010.

  1. 04nunhucks

    04nunhucks Well-Known Member

    Hello, I'm having issues with Sessions.

    My current setup is Litespeed on a cPanel server, Apache is not active.

    Basically, when someone tries to login, the PHP form authenticates them, and then the person ends up in a redirection loop, between logged in and out states.

    I can only stop the loop by deleting the relevant session file from the /tmp directory, which has permission 0600.

    The system works as intended with Apache.

    Any ideas?
    Last edited by a moderator: Dec 3, 2010
  2. NiteWave

    NiteWave Administrator

    this looks interesting - delete a session file and resolve the issue.

    redirection loop - it may be an rewrite rule issue. can you enable the rewrite log level to 9 and see what the loop is.
  3. 04nunhucks

    04nunhucks Well-Known Member

    How do I enable the rewrite log level?

    This is in the log:

    2010-12-02 22:18:21.804 NOTICE [] [STDERR] PHP Warning: Unknown: open(/home/rsweb/tmp/sessions/sess_96462014ed0ae341f8c9dce8283e0b97, O_RDWR) failed: Permission denied (13) in Unknown on line 0
    2010-12-02 22:18:21.804 NOTICE [] [STDERR] PHP Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/home/rsweb/tmp/sessions) in Unknown on line 0

    The session file permissions keeps getting reset to 0600
    Last edited: Dec 3, 2010
  4. NiteWave

    NiteWave Administrator

    good log info. can you try:
    #chmod -R 777 /home/rsweb/tmp/sessions
  5. 04nunhucks

    04nunhucks Well-Known Member

    Tried, still looping, nothing in log. The session file has permission: 0600
  6. NiteWave

    NiteWave Administrator

    ok.let's gather more detail info first:
    #ls -ald /home/rsweb/tmp/sessions/sess_96462014ed0ae341f8c9dce8283e0b97
    #ls -ald /home/rsweb
    #ls -ald /home/rsweb/tmp
    #ls -ald /home/rsweb/tmp/sessions
  7. 04nunhucks

    04nunhucks Well-Known Member

    [root@core ~]#ls -ald /home/rsweb/tmp/sessions/sess_9915c051a0956ce80f14800f30950244
    -rw------- 1 nobody nobody 0 Dec 2 22:32 /home/rsweb/tmp/sessions/sess_9915c051a0956ce80f14800f30950244

    [root@core ~]#ls -ald /home/rsweb
    drwx--x--x 11 rsweb rsweb 4096 Dec 2 18:15 /home/rsweb

    [root@core ~]#ls -ald /home/rsweb/tmp
    drwxr-xr-x 8 rsweb rsweb 4096 Dec 2 20:17 /home/rsweb/tmp

    [root@core ~]#ls -ald /home/rsweb/tmp/sessions
    drwxrwxrwx 2 root root 4096 Dec 2 22:32 /home/rsweb/tmp/sessions

    I created the sessions folder myself. Looks like it retained root permissions :/

    [root@core tmp]#chown -R rsweb.rsweb sessions
    [root@core tmp]#ls -ald /home/rsweb/tmp/sessions
    drwxrwxrwx 2 rsweb rsweb 4096 Dec 2 22:32 /home/rsweb/tmp/sessions

    And nope. Although, since I've changed the session.save_path, deleting the session file doesn't stop the redirection.
    After removing the session.save_path definition, and allowing it back to /tmp, it seems to be working as normal.
    Last edited: Dec 3, 2010

Share This Page