There may be implications with Custom Session Directory #877 as that exacerbates the problem, but system concerned is unusable and it is not possible to test this..

Issue

session files are not adequately managed. This can result in huge numbers of session files accumulating on the server e.g:

ls -al session_dir | wc

after 6 months use gave:

483419 4350764 41090483

which is over half a million session files. Attempting to remove them:

rm sess_*

bash: /bin/rm: Argument list too long

as by this point the damage had been done as bash relies on temporary files in order to do this, and as no spare inodes were available, the removal process failed. You can do each one individually.....but you can't keep up with the creation rate!

Expected Behavior

SuiteCRM AND the server it is on should not be brought to a halt! SuiteCRM can actually disable everything on the server.

Actual Behavior

All of the inodes on the mounted drive are used up preventing the writing of any data to the drive, preventing any application that needs to write to that drive from functioning correctly. Signs of this happening are:

pje@archimedes:~$ df -h
Filesystem Size Used Avail Use% Mounted on
udev 4.0G 8.0K 4.0G 1% /dev
tmpfs 802M 244K 802M 1% /run
/dev/xvda2 99G 37G 57G 39% /
none 4.0K 0 4.0K 0% /sys/fs/cgroup
none 5.0M 0 5.0M 0% /run/lock
none 4.0G 0 4.0G 0% /run/shm
none 100M 0 100M 0% /run/user
/dev/xvda1 232M 82M 138M 38% /boot
pje@archimedes:~$ echo 1 > test.txt
-bash: test.txt: No space left on device

(i.e. you can't write to a drive that clearly has sufficient space on it)

In order to identify that you are affected by this issue, you can:
df -i
and you can find the offending directories with:
find / -xdev -size +100k -type d

Possible Fix

Add to the cron process that a command to housekeep the session folder on a regular basis. There are probably better ways within the framework to carry out housekeeping on the sessions directory.

I have introduced a cron task to delete all of the session files at 1am as a temporary measure.

Steps to Reproduce

1. Have a suiteCRM installation with a custom folder for session files.
2. Wait 6 months for all of the session files to accumulate and use up all of the inodes on the storage device. Information above gives an understanding of the end result and points to the severity of the problem.

Context

Server failure

Probably a medium->high issue as it not only brings down the suiteCRM instance but also the rest of the server.

There is also the failure that has occurred not being immediately obvious due to the logging needing to be improved on the operating system itself:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1665833

Your Environment

• SuiteCRM Version used:
  Multiple versions of suiteCRM on the system, which started as 7.7.5, and have now all been updated to 7.7.8 and 7.7.9
• Browser name and version (e.g. Chrome Version 51.0.2704.63 (64-bit)):
• Environment name and version (e.g. MySQL, PHP 7):
  mySQL/PHP - not important can't create temporary file: No space left on device when trying to diagnose anything!
• Operating System and version (e.g Ubuntu 16.04):
  Ubuntu 14.04