I’m assuming someone is sending a call to the server that is somehow fooling it to constantly write to the drive. I just can’t sort out how.
Only 80/443 are open. everything else is denied from the server’s firewall and the firewall in front of it.
The only other thing I can think of is that the app ran as root so it could access 80/443. I’m already updating it so it’s run by a normal user on a different port and have NGINX proxy it.
What’s in the files? If they’re plain text, do the contents help identify what the files are? If they’re binary, try checking the first few bytes for a “magic number” to see what might be creating them.
I’ve narrowed this down. It’s the strangest thing!
For some reason, when I have crontab launch this webapp at reboot, that is what is causing the app to fill up the hard drive!
If I run the app myself, it works flawless. If I have crontab run it, I watch iotop and it’s just filling the drive!
Anyone ever run into this?
The only thing I can think of is that the app captures control-C, so if I crontrol-C out of it, it does a bit of clean up first.
I honestly, have no ideas.
I’ve replicated it on 2 machines.
The “annoying” part is that I can’t remember the command to see the temp files. Because if I just do an ls or a find du, the files aren’t visible… It was a special command I found somewhere that let me find them.
Which way do you suggest in Ubuntu 20.04? I only did it this way because after googling, it seemed the the most recommended way other than redeveloping the app as a service.