Have been pulling out my hair trying to find out why my sessions are being terminated/killed/destroyed at 30 minutes. Well it looks like Debian based systems have a special cron running that ignores all php.ini and apache configurations and kills any idle session at 30 minutes.

The cron path: /etc/cron.d/php5

Inside the cron:

# /etc/cron.d/php5: crontab fragment for php5
#  This purges session files older than X, where X is defined in seconds
#  as the largest value of session.gc_maxlifetime from all your php.ini
#  files, or 24 minutes if not defined.  See /usr/lib/php5/maxlifetime

# Look for and purge old sessions every 30 minutes
09,39 *     * * *     root   [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm

I'm not bad at configuring and setting up hosts but I'm no sysAdmin. Could someone please help me override/edit/change/reconfigure this so I can set the value longer? I think 3 hours would be nice but I would like to understand the changes so if someone higher up wants to make the session time shorter/longer I con document how to configure the change.

Thanks to any insight help on this

EDIT: Adding /usr/lib/php5/maxlifetime code

#!/bin/sh -e

max=1440

for ini in /etc/php5/*/php.ini; do
        cur=$(sed -n -e 's/^[[:space:]]*session.gc_maxlifetime[[:space:]]*=[[:space:]]*\([0-9]\+\).*$/\1/p' $ini 2>/dev/null || true);
        [ -z "$cur" ] && cur=0
        [ "$cur" -gt "$max" ] && max=$cur
done

echo $(($max/60))

exit 0

so it looks to be searching all the php.ini files, finds the greatest value, compares it to 1440 (which is 24 minutes).

Here are the php.ini files

/etc/php5/apache2/php.ini
session.gc_maxlifetime = 1440 

/etc/php5/cgi/php.ini
session.gc_maxlifetime = 1440

/etc/php5/cli/php.ini
session.gc_maxlifetime = 1440

but why does my script session get killed at 30 minutes and not 24 minutes?

EDIT #2: CRON running every 30 minutes is why the session looks to be killed at 30 minute intervals. But it could also be 24 to 54 minutes, FYI

Also looking over the code in: /usr/lib/php5/maxlifetime it's taking the highest value and during my testing I was trying to lower the threshold to speed up the condition.

Looks like I just need to increase one on the php.ini files to over one hour test test.

Edit the file /usr/lib/php5/maxlifetime

The value should be in seconds. This file will actually also check your php.ini so I don't know why it wasn't working for you.

This is a question for serverfault.com.

However, change session.gc_maxlifetime in /etc/php5/apache2/php.ini or - if you don't have an apache2 one - one of the other /etc/php5/*/php.ini files. The script /usr/lib/php5/maxlifetime will then use the maximum for that setting found in any of those files.

Editing maxlifetime won't help or at least only until the php5-common package is updated again.

You can provide your own session path session.save_path OR use a different handler altogether session.save_handler

You'll however need to provide appropriate mechanism for managing unwanted session files.

Found this in my php.ini

; NOTE: If you are using the subdirectory option for storing session files
;       (see session.save_path above), then garbage collection does *not*
;       happen automatically.  You will need to do your own garbage
;       collection through a shell script, cron entry, or some other method.
;       For example, the following script would is the equivalent of
;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
;          cd /path/to/sessions; find -cmin +24 | xargs rm

I recently ran into this problem where unwanted session files were accumulating because I was using PHP and mod_fcgid with a custom session.save_path for each virtualhost.

If you came here because your cron is throwing errors every 30 Minutes (at 09 and 39) you may have simmilar errors in your syslog and/or mailbox:

[ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm
PHP Fatal error: Directive 'allow_call_time_pass_reference' is no longer available in PHP in Unknown on line 0

The reason for this maybe that you upgraded your Debian to Wheezy and you have old entrys in your /etc/php5/apache2/php.ini.

I had to comment out the following lines and the errors vanished.

• allow_call_time_pass_reference
• register_long_arrays

Im writing this because this is one of the top google results if you search for the error-messages and it may affect many users/admins who maintained thier debian-installations for more than one release.

PS: This helped me very much: http://vernontbludgeon.com/blog/archives/2013/10/debian-php-session-garbage-collection-maxlifetime-fails-when-php.ini-has-obsolete-directives.html

It's right there in your php5 cronjob fragment:

Look for and purge old sessions every 30 minutes

It doesn't matter the script purges 24 minute old sessions, if the script isn't executed more than every 30 minutes :)

Use below cron to delete unused sessions.

39 20     * * *     root   [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -depth -mindepth 1 -maxdepth 1 -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -r -0 rm