Version 1.62.1

Released: 2021-06-16 auto improved


Easier way to manually update DA without knowing the UID/LID:

/usr/local/directadmin/scripts/ auto

similarly, to get the latest pre-release binaries (channel=beta)

/usr/local/directadmin/scripts/ auto beta

If you need this new script before 1.62.1 has been released:

wget -O /usr/local/directadmin/scripts/

The script will now do all update procedures, including setting permissions and restarting directadmin.


As the bulk of the code of the dataskq binary is the same as the directadmin binary, and only a controller front portion being different, the dataskq will now be converted to a symlink during the ./directadmin p portion of the update (internally for automated updates) This should save you about 10M on disk. (update.tar.gz not hugely affected due to binary overlap)

don't reload php-fpm on other failed service restarts fixed

Relating to this fixopen in new window.

this change expands other uncaught cases where php-fpm was being reloaded after another service was down and could not be restarted.


systemd-cgtop: hang fixed

Report of systemd-cgtop hanging during it's 2nd output iteration on vps (could not duplicated on our end). Added the batch -b flag which is more appropriate for piping to stdout.


Database Restore sql: Login-As to use temp pass fixed

Previously, the restore/upload of an .sql file using the Database Manager would only work if the User was logged in with their password. This is because the password was taken for the session, on the assumption the DA pass and DB pass for that User matched. The issue was when the "login as" feature was used, the session did not have the User's password, so no access was granted to MySQL for that User (and we do not want to restore as da_admin/root)

Solution for the Login-As mode: Use a temporary random password for the User db account, restore the sql, then put the original crypt back when done.

DnsProvider: backup/restore fixed

The domain's dnsprovider file for LetsEncrypt wildcard remote dns requests was not backed up, nor restored.


Email local_part cannot start/end with dots fixed

We can have a period within the local_part of an email User, but not as the leading/trailing value.

For example these email addresses would not be allowed:

because there is a period character in an incorrect location.

RFC5322 T33600

SSL: certificate domain info not always caching fixed

  1. Improved caching for certificate domain information to reduce the number of openssl calls. There was already caching used in some cases, but not others. Those others will now use the cache IF the stat() on the file returns the same file as before. (stat info before/after must match) so the "cost" is only 1 extra stat, rather than a full openssl call + parse. (the stat should cache by the file system buffer, so cost is low)

  2. If, on the "SSL Certificates" page, the User selects anything other than the "Shared Server Cert" (now called "Best Match"), all *.ssl and *.ssl.next_retry files for this domain, and subdomains/pointers below it, will be cleared.

  3. Creation of subdomains and pointers will now check to ensure that the domain is on the "Shared Server Cert" ("Best Match") before creating a next_retry. Before, the only condition was that the domain had ssl=ON.

  4. Renaming a domain: If the old domain was using auto ssl, the new one needs to have a new request. If the old auto ssl cert was NOT using a wildcard, then all subdomains also need a new request, assuming they had certs present. The snidomains file needed to clear the old values. Upon new certs being successfully added by the system, the new values will be added to snidomains.

Enhanced: File Manager: Edit File:UTF-8 encoding: show file in UTF-8 fixed

When using the Enhanced skin, if the skin is set to use UTF-8, either with the lf_standard, or user.conf: encoding=UTF-8, DA will now pick up on that encoding, and properly html-encode the file's edit token in UTF-8 encoded special characters.

Relates to the same feature for Evolution documented hereopen in new window, but evolution is explicitly calling &utf8=yes in the request.


Reseller: Login-as: switch User logs out fixed

Admins logging in as Users are not affected. If a Reseller, who is directly logged in with their Reseller password, uses the "Login as" feature to one of their Users, then switches from that User account to some other User account, they'll get logged out.

Debug error message:

Post string: user=resuser2&json=yes&action=login
Dynamic(api=0, error=1):
        text='Cannot Execute Your Request'
        result='You don't have authority over that User'
Last Updated: 12/27/2021, 10:28:50 AM