Version 1.36.0

Released: 2010-07-05

added local_mail=yes|no to CMD_API_ADDITIONAL_DOMAINS new

When the API call CMD_API_ADDITIONAL_DOMAINS is made (no arguments) each domain will now also include a local_mail=yes or local_mail=no result.

This is determined by the presence of the domain in the /etc/virtual/domains file.

Skip difficult password check for database user restores new

When the difficult password enforcement option is enabled, during database restores, if the user didn't exist, DA creates a temp random password which may or may not pass the difficult password check, and the user is attempted to be created normally. The crypted password is then set to overwrite the other password in a separate step.

If the temp password didn't pass the check, the db user doesn't get created, and the reset of the crypted password fails. The net effect is that for some users, they'll be missing after the restore.

The fix consist of a new flag to skip the difficult password check for restores, since that password is only very temporary and is never used.

Ability to set a header in ticket message emails new

Added the ability to add a HEADER token to the 2 template files:

message_user.txt

message_tech.txt

eg (similar to the SUBJECT token):

|?HEADER=Content-Type: text/plain; charset=iso-8859-1|

This lets you insert a header into the email when DA sends out it's message notification. It would allow enable you to send html ticket notifications if you wanted.

BETA: Multiple IPs per User & per domain (SKINS) new

Please report issues here:

https://forum.directadmin.com/showthread.php?t=36712

and do not email them to DirectAdmin support.

Ability to assign multiple IPs to a User, and the User can assign multiple IPs to a domain. This has multiple benefits:

  1. Users can now host multiple SSL domains

  2. Users can run both IPv4 and IPv6 IPs on one domain, at the same time.

There is no limit as to how many IPs, or of what type, that can be added to a domain.

Other notable changes with the system is that the IP counter (IP Manager) is changed to actually count the number of Users on an IP. Previously it was incrementing the counter for each domain the User had, which was contrary to the column. This also caused the counter to become inaccurate when Users were moved to different IPs, if that User had multiple domains.

The nightly tally now recount all IP usage numbers for the server and shared IPs. For free and owned IPs, if the count doesn't make sense (eg: 0 or more than 1 users on an owned IP, or more than 0 on a free IP), DA will log a note to the errortaskq.log mentioning the discrepancy.

The dns restore section of this feature is not yet finished. The current effect of this is that you may end up with the old "additional" IPs in the dns zone after the restore, as DA would assume they're custom values. The main IP would be correctly swapped and updated to the new value.

SKINS:

reseller/modify_user.html

user/modify_domain.html

Expand short-form of IPv6 IPs when adding to DA new

If a short-form IPv6 IP is added to DA in:

Admin Level -> IP Manager

DA will expand it automatically to the full-form and add it to the system.

Sample short forms:

1:2:3::8
::8
1:2:3::
1:2::7:8
1:2:3::7-10

Note that the range feature will still work with the short-form expansion.

Added grep to the log viewer (SKINS) new

Admin's can now filter log output with the grep command. This will filter the output to only show the lines that contain the word specified. An "Invert" checkbox is also available to show all lines where the specified word is not present.

Note that using grep on large files will slow down the output.

A blank textfield will not trigger grep. Any character in the textfiled will trigger the grep.

SKINS:

admin/log_viewer.html

<tr><td class=list2 align=right>Grep</td><td class=list2><input type=text size=32 value="|GREPVAL|" name=grep> <input type=checkbox name=invert_grep value="yes" |INVERTCHECKED|>Invert &nbsp;<input type=checkbox name=ignore_case value="yes" |CASECHECKED|>Ignore Case</td>

System Load checker new

Every minute, this feature will check the system load to see if the 1 minute load average is greater than the value set in this option. The default is 10.0.

If the load is greater than 10 when the dataskq runs, an email will be sent to all Admins, at most once per day.

Internal default:

check_load=10.0
check_load_minute=1

add that to your directadmin.conf with a different value to change it.

Setting check_load to 0 will disable the check.

There will no interface option for this for now, it's a simple directadmin.conf setting, enabled by default.

The check_load_minute option needs to be set to 1, 5 or 15.

This will be what DA is checking the specified load minute.

You'll only want to change this if you want a longer average of the high load to prevent short term spikes from being reported.

Template message:

data/templates/load_check_message.txt

Available tokens:

ONE - one minute load av
FIVE - five minute load av
FIFTEEN - fifteen minute load av
LOAD - the chosen minute load average
LIMIT - limit set in the directadmin.conf
LANG - language set in the directadmin.conf (lang)

Added HttpOnly option for cookies new

Included the HttpOnly option when setting cookies in the headers to help with PCI compliance.

Added %I to the bytes log format for more accurate logging new

This change is in two parts.

The 2nd part requires action to make either do anything (unless it's a new install)

  1. The tally is now able to parse a bytes log with 2 numbers on a line:

/var/log/httpd/domains/domain.com.bytes

eg:

123 456

it can still handle one item per line for those systems that do not do the 2nd part.

  1. The new main default LogFormat for "bytes" in the /etc/httpd/conf/httpd.conf will now be:
LogFormat "%O %I" bytes

This will allow for logging of incoming request bandwidth in addition to the outgoing bandwidth.

DA will not change your main httpd.conf for you.

If you want to log incoming bandwidth, you'd either need to manually edit it, or run the following custombuild command:

./build update
./build rewrite_confs

New installs after this update is released won't need to worry about it since this will be the default.

dns_raw_save_post.sh new

Post script for the Multi Server Setup API for saving a raw dns zone:

CMD_API_DNS_ADMIN

when: action=rawsave&domain=domain.com

/usr/local/directadmin/scripts/custom/dns_raw_save_post.sh

The only environmental variable passed is:

domain=domain.com

the actual data will have to be retrieved from the db file.

The main reason for it's existence is because dns_write_post.sh doesn't get triggered for dns clustering saves. This would be the only script to use to know that an clustered write has happened.

Numerous internal language pack additions new

Added the files:

internal/ftp.txt

internal/ip.txt

internal/mimetypes.txt

internal/system.txt

as well as numerous additions of missing values to the bottom of other existing files.

myslqdump: use --create-options instead of soon to be depreciated --all fixed

Changing mysqldump calls to use --create-options instead of -all.

The --all option will be depreciated soon.

wrong hex port for smtp send in outlook reg file fixed

When clients use the "Outlook Settings: download" option, it will give them a reg file with:

"SMTP Port"=dword:0000024c

which is port 588, which is incorrect. The value should be:

"SMTP Port"=dword:0000024b

this has been updated in:

/usr/local/directadmin/data/templates/outlook_setup.reg

Ticket system not wrapping text fixed

A few versions ago, spaces were replaced with the   characters to allow for text padding if it was desired. However, if a long piece of text created with spaces, but no return was used, this will cause the browser to view the text as one long word, thus no wrapping is done. This change is to count the number of repeated spaces and only use the   code if there are 2 or more repeated spaces.

catch-all account dropdown to use onChange instead of onClick fixed

Changed the dropdown list on the catch-all page to use onChange instead of onClick for correctness. Added "account ..." as the first value with value "", as the selection now much be changed in order to fill the text field to it's left.

CREATOR token was blank for virtual_host*.conf templates fixed

The CREATOR token used in the virtual_host*.conf templates was blank.

This was due to the fact that creator= does not exist in the domains/domain.com.conf, which was a false assumption. The fix was to read in the creator= value from the user.conf, and add it to the config file, but only internally, when writing the httpd.conf files. It's only virtually in the domain.com.conf files during the httpd.conf write, and wont' be written to disk in the config.

Check for 1024 bit key when creating 2048 bit csr (SKINS) fixed

When creating a certificate request (csr), previously, if a key existed DA would reuse it as to not break the existing key. However, if the old key was 1024 and the certificate request was for 2048 bits, the old 1024 key would still be used.

This fix checks the old key for it's bit size. If it's a mismatch to the request, the old key is backed up to:

/home/user/backup-domain.com-1024-bit.key

or

/home/user/backup-domain.com-2048-bit.key (if they go back to 1024)

The new bit-size key will be installed.

Since the new key no longer matches the old certificate, DA will swap the User to use the shared server certificate until they get the new value back. Note that the User can restore his old key/cert pair by copying the contents of the above backup key into the ssl window along with the old certificate that is present there...

However, the User must copy/backup the new cert that is in the ssl window or else it will be lost and the newly requested certificate will be invalid.

SKINS:

user/ssl_request.html

add:

|*if NOTICE!=""|
<tr><td class=listwrap><b>|NOTICE|</b></td></tr>
|*endif|

in the table, just below the first listtitle line.

THis is what notifies the User that their key has been changed.

cannot create zip with secure_access_group: Error with chdir(/home/user) : Permission denied fixed

When secure_access_group is enabled, this error will show up a zip is being created:

Error with chdir(/home/user) : Permission denied

The cause is that the process was running as nobody as the time of the chdir, which was blocked with the 710 access level when secure_access_group is being used.

The solution was to up the process to run as the user for the chdir such that is was allowed to be run.

Limit subdomain length to 63 characters fixed

Subdomain values longer than 63 characters will generate:

loading master file /var/named/domain.com.db: label too long

Difficult password checking blank password when 'existing user' used for db creation fixed

The difficult password checking tool is being used on an empty/blank password when 'existing user' option is used for db creation. Fix was to not check the password when using an existing db user.

Workaround, disable the difficult password enforcement option in the directadmin.conf file.

REALUSER token incorrect when domain suspended fixed

The REALUSER token is set to maintain the actual owner of the account. The USER token is update to that of his creator upon suspension so that the path ownership matches with change of document root to that of the owner. The bug was that the subdomains and ssl virtualhost were set to that of the admin, instead of maintaining the real username. The original domain's VH write was correct, but all subsequent VH writes for subdomains and ssl VH's were not. Fix was to adjust how tokens are filled into the container class so that the container is not modified when passed to the other writes.

CMD_CHANGE_FTP_PASSWORD to check for custom @ format fixed

CMD_CHANGE_FTP_PASSWORD to change password for ftp accounts with custom format other than @ (eg: user_domain.com) fails with:

"You must provide a valid ftp address, oldpassword, password1 and

password2"

Add correct checking code to include custom ftp format option.

task.queue check for domains in domains.list file fixed

For User accounts with very large lists of domains, there have been rare reports of domains missing from the domains.list file after file creation. No definite cause could be found. We suspect possible file caching and delayed writes by the OS, but cannot confirm this. The only solution we could find to resolve this issue for these rare cases was to add a task.queue check to go through all domains owned by the User, as listed in /etc/virtual/domainowners, then check each of those values in /usr/local/directadmin/data/users/username/domains/domain.com.conf, to ensure they're domains, and not domain pointers. With that new list, compare to the domains.list file. If the number of values in the domains.list is lower than the new list created, add those new items to the domains list file.

Note that this is not automatically run by DA. If you wish to use this check (which is for rare cases), create:

/usr/local/directadmin/scripts/custom/domain_create_post.sh

and put in the code:

#!/bin/sh
echo "action=confirm&type=domains.list&user=$username" >> /usr/local/directadmin/data/task.queue
exit 0;

and chmod the script to 755.

As you may have suspected, you can also manually run that echo command to add the check to the task.queue for any given user you wish to check.

Last Updated: