I think this might solve the mysterious problems with

session garbage collection and timeouts not working.

Note: upgrading to this will KILL all current sessions, so
you will need to log back in.

admin/index.php

@@ -18,11 +18,11 @@
         die;
     }
 
+
 /// Check some PHP server settings
 
     $documentationlink = "please read the <A HREF=\"../doc/?frame=install.html&sub=webserver\">install documentation</A>";
 
-
     if (ini_get_bool('session.auto_start')) {
         error("The PHP server variable 'session.auto_start' should be Off - $documentationlink");
     }
@@ -36,15 +36,6 @@
     }
 
 
-
-/// Check that sessions are supported
-
-    if (!is_readable(ini_get('session.save_path')) and !ini_get_bool('safe_mode')) {
-        $sessionpath = ini_get('session.save_path');
-        notify("Warning: It appears your server does not support sessions (session.save_path = '$sessionpath')");
-    }
-
-
 /// Check that config.php has been edited
 
     if ($CFG->wwwroot == "http://example.com/moodle") {

lib/setup.php

@@ -101,6 +101,12 @@
         ini_set('session.gc_maxlifetime', $CFG->sessiontimeout);
     }
 
+/// Set custom session path
+    if (!file_exists("$CFG->dataroot/sessions")) {
+        make_upload_directory('sessions');
+    }
+    ini_set('session.save_path', "$CFG->dataroot/sessions");
+
 /// Set sessioncookie variable if it isn't already
     if (!isset($CFG->sessioncookie)) {
         $CFG->sessioncookie = '';