Reviewing my file directories for permissions I noticed a tmp directory above the root directory of Suitecrm. The sess_ files are located here with permission of 600. I confirmed the files write when a login is performed. I checked the config file and the sess_dir setting is ’ ’ or blank. What is weird is my Suitecrm root is /home/crm/public_html and this session directory is /home/crm/tmp.
I don’t understand how the sessions are stored above my Suitecrm root and why they have a file permission of 600.
Yes, that is the answer for the directory location. Interesting, the directory was full of old login sessions. It appears that whatever is creating the session is unable to delete the old ones. The old ones should be removed when you logout. I suspect this may be one of the reported login/logout issue problem sources.
Permissions as 600 is standard for that directory to ensure only the owner can read or write that bit of security-critical information.
The owner should be the web server process (like www-data on Ubuntu, but may vary), and you might need to tweak the SetUID, SetGID and Sticky bits on the parent directory if you get trouble with the new files getting created in there.
Mine looks like this:
$ sudo ls -al /var/lib/php/
total 0
drwxr-xr-x 1 root root 4096 Apr 23 2018 .
drwxr-xr-x 1 root root 4096 May 21 2020 ..
drwxr-xr-x 1 root root 4096 Dec 23 2019 modules
drwx-wx-wt 1 root root 4096 May 10 19:39 sessions
And then file inside it look like this
-rw------- 1 www-data www-data 55944 May 17 2022 sess_u1aqmhaqqdhe2uakd55bpfo640