Trying to run Moodle in safe mode

Trying to run Moodle in safe mode

by Dick Davies -
Number of replies: 24

I've noticed a few reports of problems with safe mode.

Mostly we seem to have sympathy - but no solutions. So I will attempt to define the problem and suggest solutions. (though I am not an expert in php/mySQL)

First - here is my description of the problem....

Part 1

I get the error message at the top of the admin screen:

Warning: SAFE MODE Restriction in effect. The script whose uid is 732 is not allowed to access /tmp owned by uid 0 in /usr/local/www/gospelcom/docs/rww/moodle/admin/index.php on line 16

Warning: It appears your server does not support sessions (session.save_path = '/tmp')

Now I suspect that this red comment isa faulty assumption by admin/index.php the folder tmp/ is not writable in safe mode, but sessions seem to be working. 

Part 2

Every new folder that is created by moodle has the "wrong" permissions - so the only solution I've found is to rename it, download the contents, then make a new one with owner me - then add group write permission, then upload the files.

I wonder if a way round this (because I guess safe mode servers will be common) is to make a whole load of blank folders (with .htaccess files in all) from the tar file - these will have the user permission so the group write permission can be added. (I keep my files in the moodle tree as ./uploads ).  This may prove to be irrelevant or just plain bad sense. Anyone ideas on this?

Another solution to safe mode could always be the use of blob fields instead of files & folders - can they hold files? (not sure I'm a mySQL beginner).

OR

Use one big folder with the correct permissions and do virtual subfolders using database tables.

It is a shame that those of us hosting on safemode servers cannot use moodle as it is right now. (I will also talk with my hosting org)

 

Average of ratings: -
In reply to Dick Davies

Safe mode and sessions

by Martin Dougiamas -
Sary ny Core developers Sary ny Documentation writers Sary ny Moodle HQ Sary ny Particularly helpful Moodlers Sary ny Plugin developers Sary ny Testers
Yes, you're right. The warning is wrong when used in safe mode - I'll get that fixed for the next release. In the meantime, you can delete that error message from admin/index.php.
Average of ratings: -
In reply to Dick Davies

Safe mode and files

by Martin Dougiamas -
Sary ny Core developers Sary ny Documentation writers Sary ny Moodle HQ Sary ny Particularly helpful Moodlers Sary ny Plugin developers Sary ny Testers
The next release of Moodle does some changing of permissions that should relieve this problem:

http://moodle.org/mod/forum/discuss.php?d=337&parent=2743

You might want to try a recent nightly version of Moodle (from the download page) and try putting this in your config.php:

$CFG->directorypermissions = 0777;
Average of ratings: -
In reply to Martin Dougiamas

Re: Safe mode and files

by Dick Davies -

I've been talking with Joel who is with our hosting org in the US. He has another suggestion to make regarding safe mode:

Another option that will require hacking at moodle is to create a Perl script that does your file/directory creation, and call it from PHP via virtual() or using curl. Since your Perl script would live in the cgi directory, it would run under suexec and be running with the proper permissions. Therefore, PHP would have no problem accessing the files it creates. I use this approach for a site I wrote where I need the PHP to create some cache files for data that is time-expensive to fetch. It works well, but a tad slowly. I'm not sure if the slowness is the fault of curl(), or the other stuff going on in perl.

That looks like a potentially viable option to me -  then I dont know any Perl!

Average of ratings: -
In reply to Dick Davies

Re: Safe mode and files

by dina ely -

I am running Moodle in safe mode mostly because my host only allows safe mode. They gave me instructions on how to run php in safemode, and everything seems to be working except switching pictures in profiles -and- uploading files in classrooms. That results in an error message similar to the session error message (which I always get but ignore as everything seems to work fine regardless).

I have tried it under both file handling options in the admin/settings.

It appears to be creating related directories (FYI I have a 'tmp-php' safe-mode folder in which it's supposed to put everything according to my web host...and it's creating directories in there) but not putting any files in.

Any thoughts?

Average of ratings: -
In reply to dina ely

Re: Safe mode and files

by dina ely -
I think I may have an idea how to tweak things on my side but first I need to know, does moodle have any one particular script that handles *all* file uploads (pics/files/whatever) that woul dbe done by teachers/users? If so, where is it located in the moodle directory tree? That info would be helpful smile
Average of ratings: -
In reply to Martin Dougiamas

Re: Safe mode and files

by Dick Davies -

Tried installing the latest nightly build

Added         $CFG->directorypermissions = 0777;

Unfortunately no joy on my system.

The folder is created correctly with 777 permissions -BUT php safe mode is more concerned (it would seem) with owner than with permissions. So it still refuses to read or open a folder with 777 permissions!! Paradoxically it does write into it.

The problem then is chown not chmod.  On my test system I am not allowed to chown a 777 folder - but I can delete it after renaming, moving file then moving into "my" version of the folder.

Average of ratings: -
In reply to Dick Davies

Re: Safe mode and files

by Martin Dougiamas -
Sary ny Core developers Sary ny Documentation writers Sary ny Moodle HQ Sary ny Particularly helpful Moodlers Sary ny Plugin developers Sary ny Testers
I think the only way around this is by changing the owner of the scripts to match the web server user ... that way they will match and keep safe mode happy. You'll need to change files/index.php and user/edit.php.
Average of ratings: -
In reply to Martin Dougiamas

Re: Safe mode and files

by dina ely -

I'm sorry to be such a dolt about this, but how do I change the user to the web server user in those two files? I don't see any obvious configuration area (except config.php) referenced in either script and I don't want to screw it up.

>>I think the only way around this is by changing the owner of the scripts to match the web server user ... that way they will match and keep safe mode happy. You'll need to change files/index.php and user/edit.php.<<

Average of ratings: -
In reply to dina ely

Re: Safe mode and files

by Dick Davies -

dina

Unfortunately this is a bit more complex - it relates to the actual files on the computer where your moodle is hosted. In this computer each file has associated with it some information about who "owns" it and what may be done to it by whom. The "owner" of the files will probably be your login name you use to ftp (launch) your pages. However the "owner" of files you upload, and folders moodle makes will be the "owner" that the WEBserver software runs as. Unfortunately this mismatch in "ownership" leads to the problems we are having.

On my site I am user "rww" but the webserver is user "httpd". In my case I should try to change the owner of the two php files to be "httpd"  - but in my case I'm not allowed to! I'm going to have to ask my hosting people to hack in andf change them - I'll report back...

 

Average of ratings: -
In reply to Dick Davies

Re: Safe mode and files

by dina ely -

Thanks. Unfortunately I have no hosting support so they will not do anything for me. The trade off of having cheap hosting, alas.

So I guess I can't run Moodle then, unless there is some way to disable file uploading? Though it's probably pretty essential to Moodle. sad

Average of ratings: -
In reply to dina ely

Re: Safe mode and files

by Martin Dougiamas -
Sary ny Core developers Sary ny Documentation writers Sary ny Moodle HQ Sary ny Particularly helpful Moodlers Sary ny Plugin developers Sary ny Testers
Moodle will run OK, you just won't be able to upload files. Any other PHP program will have the same file problems.

Note that you can still create resources on-line (in the database), or link to external resources. And people can have any image they want (as long as it's the default one smile )

If it's a problem for your site, then I strongly suggest you look for another host (there are thousands out there!).
Average of ratings: -
In reply to dina ely

Re: Safe mode and files

by Jay S -
I don't know what your budget is but ipowerweb.com offers 500MB, up to the minute PHP with safe mode off, and all the other bells and whistles one could possibly want including 3 MySQL databases for oly $95.40 a year. They keep their PHP up to date and have the latest GD Lib (2.0.1) installed as well as ImageMagick and Morgify. Hope this helps.
Average of ratings: -
In reply to Jay S

Re: Safe mode and files

by dina ely -

Budget is zip, zilch, nada. Otherwise I'd stick with Pair which is my host of preference. For this project I have no budget and so I used this particular host which has mysql, php4, lots of space, etc. for $10/year. Their uptime is also excellent. They just don't offer support. Which in 99.9% of cases is no big whoop.

Thanks for the input everyone. I might go back to the drawing board, so to speak. Moogle is a great script but I don't want features available that will cause errors. If there were a way to turn off the "edit picture" and "upload files" options so they wouldn't be available at all I'd be overjoyed. Since there isn't, it'd look messy to have them available but non-functional. Don't you think?

Average of ratings: -
In reply to dina ely

Re: Safe mode and files

by Dick Davies -

Well at last I am making progress!

I have found a way in safe mode php to make a folder which is usable - but it is a little flakey!What I've done is first of all make my uploads folder inside the moodle folder tree - then I have rewritten moodle/files/index.php so that the "mkdir" action calls /moodle/lib/moodlelib.php to make folders (to save doing work twice)

I've put some extra variables in config.php including a safe mode flag I've replaced the make_upload_directory() with code that uses ftp_mkdir()

The great thing about ftp is that when you log in to your own machine you can chose the username - provided you have the password - so folders are made with the correct ownership. Everything else (upload/delete) seems to work fine. The only problem is re-parenting all of the folder paths to adjust for the ftp home folder.

I'm wondering if it is worth putting such a switch in the released version config.php to enable the safe mode workaround.  Then the make_upload_directory() function could contain "normal" and "safe via ftp" code, the other change would be to moodle/files/index.php so that it calls make_upload_directory()

I'm happy to submit my code, but I'm not a developer so it probably needs a good seeing to.

 

Average of ratings: -
In reply to Dick Davies

Re: Safe mode and files

by Martin Dougiamas -
Sary ny Core developers Sary ny Documentation writers Sary ny Moodle HQ Sary ny Particularly helpful Moodlers Sary ny Plugin developers Sary ny Testers
Using FTP to make the directories! Now that's thinking outside the box! Well done!

As you've noticed the files/index.php script does everything itself - that's a hangover from an ancient time when I thought I'd release it as a standalone script. Much better that it uses the standard functions, yes.

I'll try and get this all into 1.0.9 - looks like it would help quite a few people.
Average of ratings: -
In reply to Martin Dougiamas

Re: Safe mode and files

by Dick Davies -

Oops

Just realised that moodle/user/lib.php also has a mkdir() so I've changed that too - attached.

Average of ratings: -
In reply to Dick Davies

Re: Safe mode and files

by Frank Riddick -

When I upload your files, now I get an error when attempt to access the Admin hyperlink.

Fatal error: Call to undefined function: ini_get_bool() in /home/virtual/site57/fst/var/www/html/educ/admin/index.php on line 26

I have at least traced it down to the file (/lib/moodlelib.php).  All three of the other files:

/config.php

/files/index.php

/user/lib.php

can be uploaded without producing the error.

Any ideas ?

 

Average of ratings: -
In reply to Frank Riddick

Re: Safe mode and files

by Dick Davies -

I've already apologised to Frank directly that I haven't got time to look into his problem - maybe he is using a different version.

Looking forward to 1.1

(No pressure!!!!)smiley.gif

Average of ratings: -
In reply to Jay S

Re: Safe mode and files

by Mauricio De la Orta -

Hello Jay,

  I am also hosting with ipowerweb.com, but I get lots of problems with file uploading, including access denied to every directory under the data direcotry, even through my FTP client.

Have you found any way to get around that, or is it just me having these errors smile ?

Thanks

Mauricio

Average of ratings: -