Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mod_gridsite doesn't properly remove expired cookies #17

Open
ayllon opened this issue Jul 31, 2014 · 0 comments
Open

mod_gridsite doesn't properly remove expired cookies #17

ayllon opened this issue Jul 31, 2014 · 0 comments

Comments

@ayllon
Copy link
Contributor

ayllon commented Jul 31, 2014

Was reported to LCGDM, but it is not an issue on our side.

C&P from out ticket
https://its.cern.ch/jira/browse/LCGDM-1155

When using DAV + HTTPS to access files on DPM, a large amount of files get stashed under /var/www/sessions on the head node, with origin from mod_gridsite. These hold so called "passcode" files, which are essentially a cookie assigned to the pair [client, file_requested]. With this cookie, the client can present it via HTTP and download the file in bulk also via HTTP.
After some time, these folder holds more and more files since mod_gridsite doesn't properly remove expired cookies. This in turn easily exhausts the maximum inode capacity on the server, making the server inoperable.
Two possible mitigations:

  • Run a cron job which periodically deletes the files on this directory
  • Set the directive GridSiteRequirePasscode -> "OFF" (which according to the docs should be the default) - although this raises auth/authz issues
    -cron job / disable passcode

Cheers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant