Bug #93878
Updated by Sybille Peters over 3 years ago
While the locking API makes it possible to configure and extend the locking with alternatives (e.g. Redis), this is not possible for locking used in the session files. This uses flock() directly, which may fail on NFS bases storages (see #72074). It is not possible to override this. If this is not known, this can be a problem. My recommendation / workaround is to symlink specific directories to local storage. However, this is currently not documented well and may create problems if you for example symlink the entire directories (including the assets) and use multiple servers. In addition to this, if flock() fails for the session file, you get a misleading error message: <pre> 'Session file not writable. Please check permission on ' . $this->sessionPath . ' and its subdirectories.', 1424355157 </pre> h2. Source code typo3/sysext/install/Classes/Service/Session/FileSessionHandler.php: <pre><code class="php"> public function read($id) { $sessionFile = $this->getSessionFile($id); $content = ''; if (file_exists($sessionFile)) { if ($fd = fopen($sessionFile, 'rb')) { $lockres = flock($fd, LOCK_SH); </code></pre> <pre><code class="php"> public function write($id, $sessionData) { $sessionFile = $this->getSessionFile($id); $result = false; $changePermissions = !@is_file($sessionFile); if ($fd = fopen($sessionFile, 'cb')) { if (flock($fd, LOCK_EX)) { </code></pre> https://github.com/TYPO3/TYPO3.CMS/blob/571a5e8a98f94c9cab31905274ae257001dc31a7/typo3/sysext/install/Classes/Service/Session/FileSessionHandler.php#L153 h2. Conclusion Any (or all) of the following might be helpful: * -use use locking API in session as well and not flock() directly- Not possible because used in install tool - should not depend on locking api directly * add a check if flock is supported on system to environment check, see also https://review.typo3.org/c/Packages/TYPO3.CMS/+/45154/3/typo3/sysext/core/Classes/Locking/FileLockStrategy.php * improve documentation * improve error message