[imp] The problem that won't die. (was: Very
alarming/strange login problems)
Eric Rostetter
eric.rostetter at physics.utexas.edu
Fri Feb 7 12:10:56 PST 2003
Quoting William Tucker <wtucker at mail.ucf.edu>:
> This is now happening to multiple users - it seems to be OK each time I start
> apache, then as time goes on, it occurs more and more often. I am grasping
> at straws now - perhaps I can use a different auth method? Instead of
> auth'ing through IMP? Right now the system is unusable, and I have had to
> pull it out of production.
Are your session files actually getting created with the longer, random
based names? And most importantly, are they getting deleted when they
should, rather than just hanging around on the disk?
> I am including my original message with all its relevant info. The only
> things that have changed are: gc_prob is now 25, trans_sid is 0, entropy
> source is /dev/urandom, and php grabs 32 bits from it.
Other than making sure the file names are getting more random, and are
deleted on time, the only other thing I can suggest is using even more
random bits. 32 *should* be sufficient, but in case the randomness isn't
enough or your load is two high, you could try 64. I wouldn't go any
higher than 64 though. If it isn't solved at 64, there is a big problem
somewhere else.
I say the above because I seem to remember someone else having this problem
need to set their randomness really high to solve it. I remember it because
I though "surely it doesn't need to be *that* high" when I read it. But
I can't locate the message right now...
> Thanks in advance.
> William Tucker
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Why get even? Get odd!
More information about the imp
mailing list