newadded local_mail=yes|no to CMD_API_ADDITIONAL_DOMAINS
When the API call CMD_API_ADDITIONAL_DOMAINS is made (no arguments) each domain will now also include a local_mail=yes or local_mail=no result.
This is determined by the presence of the domain in the /etc/virtual/domains file.
newSkip difficult password check for database user restores
When the difficult password enforcement option is enabled, during database restores, if the user didn't exist, DA creates a temp random password which may or may not pass the difficult password check, and the user is attempted to be created normally. The crypted password is then set to overwrite the other password in a separate step.
If the temp password didn't pass the check, the db user doesn't get created, and the reset of the crypted password fails. The net effect is that for some users, they'll be missing after the restore.
The fix consist of a new flag to skip the difficult password check for restores, since that password is only very temporary and is never used.
newAbility to set a header in ticket message emails
Added the ability to add a HEADER token to the 2 template files:
eg (similar to the SUBJECT token):
|?HEADER=Content-Type: text/plain; charset=iso-8859-1|
This lets you insert a header into the email when DA sends out it's message notification. It would allow enable you to send html ticket notifications if you wanted.
newBETA: Multiple IPs per User & per domain (SKINS)
Please report issues here:
and do not email them to DirectAdmin support.
Ability to assign multiple IPs to a User, and the User can assign multiple IPs to a domain. This has multiple benefits:
Users can now host multiple SSL domains
Users can run both IPv4 and IPv6 IPs on one domain, at the same time.
There is no limit as to how many IPs, or of what type, that can be added to a domain.
Other notable changes with the system is that the IP counter (IP Manager) is changed to actually count the number of Users on an IP. Previously it was incrementing the counter for each domain the User had, which was contrary to the column. This also caused the counter to become inaccurate when Users were moved to different IPs, if that User had multiple domains.
The nightly tally now recount all IP usage numbers for the server and shared IPs. For free and owned IPs, if the count doesn't make sense (eg: 0 or more than 1 users on an owned IP, or more than 0 on a free IP), DA will log a note to the errortaskq.log mentioning the discrepancy.
The dns restore section of this feature is not yet finished. The current effect of this is that you may end up with the old "additional" IPs in the dns zone after the restore, as DA would assume they're custom values. The main IP would be correctly swapped and updated to the new value.
newExpand short-form of IPv6 IPs when adding to DA
If a short-form IPv6 IP is added to DA in:
Admin Level -> IP Manager
DA will expand it automatically to the full-form and add it to the system.
Sample short forms:
1:2:3::8 ::8 1:2:3:: 1:2::7:8 1:2:3::7-10
Note that the range feature will still work with the short-form expansion.
newAdded grep to the log viewer (SKINS)
Admin's can now filter log output with the grep command. This will filter the output to only show the lines that contain the word specified. An "Invert" checkbox is also available to show all lines where the specified word is not present.
Note that using grep on large files will slow down the output.
A blank textfield will not trigger grep. Any character in the textfiled will trigger the grep.
<tr><td class=list2 align=right>Grep</td><td class=list2><input type=text size=32 value="|GREPVAL|" name=grep> <input type=checkbox name=invert_grep value="yes" |INVERTCHECKED|>Invert <input type=checkbox name=ignore_case value="yes" |CASECHECKED|>Ignore Case</td>
newSystem Load checker
Every minute, this feature will check the system load to see if the 1 minute load average is greater than the value set in this option. The default is 10.0.
If the load is greater than 10 when the dataskq runs, an email will be sent to all Admins, at most once per day.
add that to your directadmin.conf with a different value to change it.
Setting check_load to 0 will disable the check.
There will no interface option for this for now, it's a simple directadmin.conf setting, enabled by default.
The check_load_minute option needs to be set to 1, 5 or 15.
This will be what DA is checking the specified load minute.
You'll only want to change this if you want a longer average of the high load to prevent short term spikes from being reported.
ONE - one minute load av FIVE - five minute load av FIFTEEN - fifteen minute load av LOAD - the chosen minute load average LIMIT - limit set in the directadmin.conf LANG - language set in the directadmin.conf (lang)
newAdded HttpOnly option for cookies
Included the HttpOnly option when setting cookies in the headers to help with PCI compliance.
newAdded %I to the bytes log format for more accurate logging
This change is in two parts.
The 2nd part requires action to make either do anything (unless it's a new install)
- The tally is now able to parse a bytes log with 2 numbers on a line:
it can still handle one item per line for those systems that do not do the 2nd part.
- The new main default LogFormat for "bytes" in the /etc/httpd/conf/httpd.conf will now be:
LogFormat "%O %I" bytes
This will allow for logging of incoming request bandwidth in addition to the outgoing bandwidth.
DA will not change your main httpd.conf for you.
If you want to log incoming bandwidth, you'd either need to manually edit it, or run the following custombuild command:
./build update ./build rewrite_confs
New installs after this update is released won't need to worry about it since this will be the default.
Post script for the Multi Server Setup API for saving a raw dns zone:
The only environmental variable passed is:
the actual data will have to be retrieved from the db file.
The main reason for it's existence is because dns_write_post.sh doesn't get triggered for dns clustering saves. This would be the only script to use to know that an clustered write has happened.
newNumerous internal language pack additions
Added the files:
as well as numerous additions of missing values to the bottom of other existing files.
fixedmyslqdump: use --create-options instead of soon to be depreciated --all
Changing mysqldump calls to use --create-options instead of -all.
The --all option will be depreciated soon.
fixedwrong hex port for smtp send in outlook reg file
When clients use the "Outlook Settings: download" option, it will give them a reg file with:
which is port 588, which is incorrect. The value should be:
this has been updated in:
fixedTicket system not wrapping text
A few versions ago, spaces were replaced with the characters to allow for text padding if it was desired. However, if a long piece of text created with spaces, but no return was used, this will cause the browser to view the text as one long word, thus no wrapping is done. This change is to count the number of repeated spaces and only use the code if there are 2 or more repeated spaces.
fixedcatch-all account dropdown to use onChange instead of onClick
Changed the dropdown list on the catch-all page to use onChange instead of onClick for correctness. Added "account ..." as the first value with value "", as the selection now much be changed in order to fill the text field to it's left.
fixedCREATOR token was blank for virtual_host*.conf templates
The CREATOR token used in the virtual_host*.conf templates was blank.
This was due to the fact that creator= does not exist in the domains/domain.com.conf, which was a false assumption. The fix was to read in the creator= value from the user.conf, and add it to the config file, but only internally, when writing the httpd.conf files. It's only virtually in the domain.com.conf files during the httpd.conf write, and wont' be written to disk in the config.
fixedCheck for 1024 bit key when creating 2048 bit csr (SKINS)
When creating a certificate request (csr), previously, if a key existed DA would reuse it as to not break the existing key. However, if the old key was 1024 and the certificate request was for 2048 bits, the old 1024 key would still be used.
This fix checks the old key for it's bit size. If it's a mismatch to the request, the old key is backed up to:
/home/user/backup-domain.com-2048-bit.key (if they go back to 1024)
The new bit-size key will be installed.
Since the new key no longer matches the old certificate, DA will swap the User to use the shared server certificate until they get the new value back. Note that the User can restore his old key/cert pair by copying the contents of the above backup key into the ssl window along with the old certificate that is present there...
However, the User must copy/backup the new cert that is in the ssl window or else it will be lost and the newly requested certificate will be invalid.
|*if NOTICE!=""| <tr><td class=listwrap><b>|NOTICE|</b></td></tr> |*endif|
in the table, just below the first listtitle line.
THis is what notifies the User that their key has been changed.
fixedcannot create zip with secure_access_group: Error with chdir(/home/user) : Permission denied
When secure_access_group is enabled, this error will show up a zip is being created:
Error with chdir(/home/user) : Permission denied
The cause is that the process was running as nobody as the time of the chdir, which was blocked with the 710 access level when secure_access_group is being used.
The solution was to up the process to run as the user for the chdir such that is was allowed to be run.
fixedLimit subdomain length to 63 characters
Subdomain values longer than 63 characters will generate:
loading master file /var/named/domain.com.db: label too long
fixedDifficult password checking blank password when 'existing user' used for db creation
The difficult password checking tool is being used on an empty/blank password when 'existing user' option is used for db creation. Fix was to not check the password when using an existing db user.
Workaround, disable the difficult password enforcement option in the directadmin.conf file.
fixedREALUSER token incorrect when domain suspended
The REALUSER token is set to maintain the actual owner of the account. The USER token is update to that of his creator upon suspension so that the path ownership matches with change of document root to that of the owner. The bug was that the subdomains and ssl virtualhost were set to that of the admin, instead of maintaining the real username. The original domain's VH write was correct, but all subsequent VH writes for subdomains and ssl VH's were not. Fix was to adjust how tokens are filled into the container class so that the container is not modified when passed to the other writes.
fixedCMD_CHANGE_FTP_PASSWORD to check for custom @ format
CMD_CHANGE_FTP_PASSWORD to change password for ftp accounts with custom format other than @ (eg: user_domain.com) fails with:
"You must provide a valid ftp address, oldpassword, password1 and
Add correct checking code to include custom ftp format option.
fixedtask.queue check for domains in domains.list file
For User accounts with very large lists of domains, there have been rare reports of domains missing from the domains.list file after file creation. No definite cause could be found. We suspect possible file caching and delayed writes by the OS, but cannot confirm this. The only solution we could find to resolve this issue for these rare cases was to add a task.queue check to go through all domains owned by the User, as listed in /etc/virtual/domainowners, then check each of those values in /usr/local/directadmin/data/users/username/domains/domain.com.conf, to ensure they're domains, and not domain pointers. With that new list, compare to the domains.list file. If the number of values in the domains.list is lower than the new list created, add those new items to the domains list file.
Note that this is not automatically run by DA. If you wish to use this check (which is for rare cases), create:
and put in the code:
#!/bin/sh echo "action=confirm&type=domains.list&user=$username" >> /usr/local/directadmin/data/task.queue exit 0;
and chmod the script to 755.
As you may have suspected, you can also manually run that echo command to add the check to the task.queue for any given user you wish to check.