I have opensuse 11.4 in which I am trying to install Moodle 2.02 on my server. In the install.php it asks for where you want to place your moodle and moodledata directories, which in the default installation of Moodle in Opensuse is /srv/www/moodle and /srv/www/moodledata. It initially automatically fills in /srv/moodledata for the moodledata directory. When I change it to the default opensuse location it balks at the /srv/www/moodledata with “Dataroot location is not secure”. It won’t let me get past it. I have Moodle 1.99 running on opensuse 11.1 with those same directories. What can I do to get around this error message? Thanks for any direction you folks can give me.
Simple, don’t put dataroot on any directory that could be accessed via the webserver. In your case I could access the files in dataroot by going to http://your.machine.com/moodledata, bypassing Moodle. This is a security hole and Moodle has obviously got stricter about this.
Put it in for example, /srv/moodledata, or /var/lib/moodledata or somewhere that is not a webserver directory.
Thank you very much for your response, but if I do try to move it do /srv/moodledata, this is the error I get on the install.php of moodle:
Warning: file_exists(): open_basedir restriction in effect. File(/srv/moodledata) is not within the allowed path(s): (/srv/www/moodledata:/srv/www/moodle:/tmp:/etc/moodle) in /srv/www/moodle/install.php on line 312 Warning: is_writable(): open_basedir restriction in effect. File(/srv) is not within the allowed path(s): (/srv/www/moodledata:/srv/www/moodle:/tmp:/etc/moodle) in /srv/www/moodle/install.php on line 316
Moodle must have specified those directories so it must get that info from somewhere.
Also did you edit the dataroot in Moodle’s config.php? Maybe you’re still using the old value there.
Incidentally you should also ask on the Moodle forums, as this is not an openSUSE specific question and the people at the Moodle forum will have lots of experience with this issue.
