1

WSO2 API Manager is saving hundreds of 'publisher' HTML files (every day) to directory "/root"

All of the files have names like: publisher.1 publisher.2 publisher.3 ... publisher.978 etc

How do I stop it from creating these files, or atleast how can I change the output directory for the files?

The contents of each file is HTML:

<!DOCTYPE html>
<html lang="en">
<head>
    <script>
        var requestURL = '/publisher';
        var ssoEnabled = 'false';
        var tenantDomain = 'null';
    </script>
    <title>API Publisher- Login</title>
    <meta charset="UTF-8">

...
...
...

    <script>
        var siteRoot = '/publisher/site/themes/wso2';
    </script>


    <script type="text/javascript" src="/publisher/site/themes/wso2/libs/jquery.cookie.js"></script>
    <script type="text/javascript" src="/publisher/site/themes/wso2/templates/utils/button-loader/jquery.buttonLoader.js"></script>


</body>
</html>

Looked in a bunch of config files, and in carbon management settings, but can't find anything that looks like it controls this.

Expect no html files to be saved at all to root directory.

4

1 回答 1

2

By going through the file content you have given, It seems, it's a rendered output of a publisher page.

Because the following script tag is coming from the base template in WSO2 API Manager publisher app.

    <script>
        var requestURL = '/publisher';
        var ssoEnabled = 'false';
        var tenantDomain = 'null';
    </script>

But there is no possibility to write the rendered HTML pages to /root/ directory or to anywhere else in the file system.

And also by default (In Unix systems), only root user has Read, Write permission to the /root/ directory. So unless you run a tool with root permission, It can't write files to the /root/ directory.

WSO2 API Manager does not need root permission to run nor it's recommended to start the server with superuser privileges.

So I think, this should have done by some external tool.

For example: If you have configured a health-check tool to GET a /publisher page and write the snapshot of the page to file system each time you perform the health check and if that is configured to write to /root/ directory this could have happened.

Can you check

  • Whether these files are created in equal time intervals
  • Who is the owner of these files (ls -lh)
  • And also check whether WSO2 API Manager is running with the same user who has created those files (ps -aux | grep wso2server).
于 2019-02-12T12:32:53.483 回答