[horde] Sessions consuming CPU

Andrew Morgan morgan at orst.edu
Mon Nov 14 22:52:08 UTC 2011 

On Tue, 15 Nov 2011, Simon Wilson wrote:

> ----- Message from Simon Wilson <simon at simonandkate.net> ---------
>  Date: Sat, 05 Nov 2011 13:52:03 +1000
>  From: Simon Wilson <simon at simonandkate.net>
> Subject: Re: [horde] Sessions consuming CPU
>    To: Michael M Slusarz <slusarz at horde.org>
>    Cc: horde at lists.horde.org
>
>
>>> Quoting Eric Jon Rostetter <eric.rostetter at physics.utexas.edu>:
>>> 
>>>> Quoting Michael M Slusarz <slusarz at horde.org>:
>>>> 
>>>>> This can be safely ignored.  Although, you should configure IMP NOT to 
>>>>> use TLS connections
>>>> 
>>>> Only if you can safely do so!  Assuming a private connection or both
>>>> services on the same host, yes. Assuming the network between the two
>>>> is relatively safe from sniffing, yes.  But if people have access to
>>>> the network between them, then no.
>>> 
>>> Yes, this is correct.  However, this doesn't mean much since, in most 
>>> situations, plaintext authentication won't be offered (as required by 
>>> default per the RFC), so there is no security issue.  Furthermore, TLS 
>>> connections should theoretically NEVER fail because they are required by 
>>> IMAP4rev1.
>>> 
>>> Further, I would guess a large percentage of users are running IMAP on the 
>>> same server they are using Horde on, so TLS would theoretically not be 
>>> needed in this situation (many IMAP servers will offer plaintext 
>>> authentication options on connections from localhost).
>>> 
>> 
>> IMAP is on a different server, I'd prefer to leave TLS on.
>> 
>> The error message may be able to be safely ignored - but it occurs at the 
>> point in time that the CPU usage hits the roof and stays there. So if 
>> ignorable, then it aoppears to be a symptom of whatever is happening that 
>> causes the issue.
>> 
>> I will follow up with the 'old cached javascript' and see if that helps.
>> 
>> Although the fact that it does it even with no connected PCs / clients 
>> seems strange to me.
>> 
>> The Horde web server was getting no HTTP requests at all throughout.
>> 
>> Given that deleting the session files fixed it, should I be doing that when 
>> I upgrade? Or how else do I force clients to clear cache when some of them 
>> are not under my immediate control?
>> 
>> Simon.
>> 
>
> OK, it did it again this morning just after 7am. No upgrades have been done, 
> and nothing admin was happening at that time.
>
> Started getting some segfaults in httpd, which are picked up automatically 
> resulting in a httpd restart and an email alert to me. Noted 100% CPU.
>
> Rebooted server, httpd continued at 100%.
>
> Checked sessions, and deleted them all. Restart httpd - remain at 0% until 
> after about 45 seconds my wife's iPhone generates a session file in 
> /var/lib/php/session. As soon as that appears, CPU usage hits 100%.
>
> I asked her to reboot her phone, and while she was doing so I deleted the old 
> session file. Upon her phone rebooting, CPU usage remains at usual < 5% 
> levels. Problem has now gone away for a while.
>
> No IMAP errors this time, so that was a wild goose apparently.
>
> Something in the iPhone session causing some issues? I have the session file 
> if it will help.

Do you have a cronjob for php5 in /etc/cron.d/?  On my Debian systems, 
there is a cron job that expires old sessions.

 	Andy

More information about the horde mailing list