i-MSCP – neues Maintenance Release 1.3.0

Die Entwickler des Open Source Server Panels, i-MSCP, haben nach fast 6 Monaten Entwicklung, die neue Minor Version 1.3.0 veröffentlicht. Als neue Long Time Support (LTS) Version wird sie vom Meintenance Team zukünftig gewartet.

i-MSCP Rlease Notes Version 1.3.0

BACKEND

• Added: (before|after)AddIps events
• Added: (before|after)MountLogsFolder and (before|after)UnmountLogsFolder events
• Added: Caller info for __DIE__ and __WARN__ signal handlers
• Added: Debug info for loading of listener files (Event::Manager)
• Added: Fallback method for sysvinit scripts that don’t provide status command (iMSCP::Provider::Service::Sysvinit)
• Added: `fixpermissions‘ option for the iMSCP::Dir::make() method
• Added: iMSCP::Database::mysql::useDatabase() method – Allow to select database on which we want operate on
• Added: iMSCP::DbTasksProcessor – Allows to process db tasks without spawning new process
• Added: imscp master system user (homedir is /var/local/imscp)
• Added: imscp-mountall script – Mount file systems by reading entries from i-MSCP fstab-like file
• Added: iMSCP::Mount library – Library for mounting/unmounting file systems
• Added: iMSCP::OpenSSL::getCertificateExpiryTime() method – Allow to get SSL certificate expiry time (UNIX timestamp)
• Added: onBoot event in iMSCP::Bootstrapper (triggered at end of bootstrapping process)
• Added: Servers::mta::postfix::postconf method() – Allows editing of Postfix main.cf parameters
• Added: Support for PHP 7.0 (httpd servers implementations)
• Added: Support for prime256v1 (ECDSA) keys (iMSCP::OpenSSL)
• Added: Support for systemd socket units (systemd init provider)
• Enhancement: Allow passing command through arrayref (iMSCP::Execute::execute, iMSCP::Execute::executeNoWait)
• Fixed: composer.phar must not be run with root user privileges (it is now run with i-MSCP system master user)
• Fixed: Could not disable custom DNS resource records; DNS resource records are always re-enabled on domain change
• Fixed: Database handle is destroyed when calling fork(), leading to unexpected failure (iMSCP::Database::mysql)
• Fixed: eth0 is hardcoded in i-MSCP network interface provider
• Fixed: Ignore user-specific options if any ~/.my.cnf file when running mysqldump (iMSCP::Database::mysql::dumpdb)
• Fixed: iMSCP::SystemUser::addSystemUser must allow empty value for user comment field
• Fixed: Mails sent from Backend could be rejected if sender email domain is hosted externally
• Fixed: Make sure that the `root‘ user HOME directory environment variable is defined
• Fixed: Many inconsistencies in iMSCP::Getopt
• Fixed: Upstart jobs not always enabled (iMSCP::Provider::Service::Debian::Upstart)
• Improvement: Allow registering same listener on many events at once (Event::Manager)
• Introduced: HSTS (HTTP Strict Transport Security) feature
• Removed: (before|adter)DispatchRequest events
• Removed: cache data directory (/var/cache/imscp directory)
• Removed: imscp-httpd-logs-mngr script (Apache2 logs dirctories are now mounted via the iMSCP::Mount library)
• Removed: installConfFile() method from httpd server packages
• Rewritten: iMSCP::Mail library
• Rewritten: iMSCP::SetRights library (usage of built-in functions to avoid call of system chown/chmod commands)
• Rewritten: Postfix Server implementation (Servers::mta::postfix)

CONFIG

• Added: php configuration directory (directory which holds all PHP template and configuration parameters)
• Added: `DISTRO_ID‘, `DISTRO_CODENAME‘ and `DISTRO_RELEASE‘ parameters in imscp.conf file
• Added: `IMSCP_USER‘ parameter (name of i-MSCP master system user)
• Added: `IPV6_SUPPORT‘ parameter (tells whether or not IPv6 support is enabled for the server)
• Added: `MAX_INSTANCES‘, `MAX_CLIENT_PER_HOST‘ and `FTPD_CONF_DIR‘ parameters in proftpd/proftpd.data file
• Added: `MOUNT_CUSTOMER_LOGS‘ parameter in apache/apache.data file (allows to disable logs bind mounts)
• Changed: Increased default limits for ProFTPD/VsFTPd
• Changed: Moved DirectoryIndex directive in vhosts (Apache2)
• Depreciated: `CACHE_DATA_DIR‘ parameter
• Fixed: Allow access to `.well-known‘ folder in any case if exists (Apache2)
• Moved: Nginx configuration directory to frontend configuration directory
• Removed: Redundant `MYSQL_PREFIX_TYPE‘ parameter
• Removed: `VARIABLE_DATA_DIR‘ parameter
• Removed: i-MSCP intermediate working files, including working directory (Postfix)
• Removed: i-MSCP intermediate working files, including working directory (Apache)
• Removed: fcgi configuration directory (merged into php configuration directory)
• Removed: php-fpm configuration directory (merged into php configuration directory)

CONTRIB

• Added: 10_bind9_rrl listener file (Listener implementing RRL (Response-Rate-Limiting))
• Added: PhpMyAdmin/10_phpmyadmin_conffile.pl listener file (Allows to override default configuration template file)
• Updated: All listener files for i-MSCP 1.3.x Serie

DAEMON

• Added: notify() function allowing to notify parent process when daemon has been fully initialized
• Added: Added help for command line options
• Bumped: Version to 1.3.0
• Fixed: Ensures that the daemon process is re-parented to init/PID 1 (double fork())
• Fixed: Exits from the parent process only after daemon full initialization
• Fixed: Possible buffer overflow
• Fixed: Segfault when client issue bad `helo` command
• Merged: signal handlers

DATABASE

• Added: SPF type to the list of allowed DNS resource records
• Changed: `domain_dns.domain_dns‘ and `domain_dns.domain_text‘ column types from varchar to text
• Changed: i-MSCP now uses its own SQL user (master SQL user). See errata file for more details.
• Updated: `domain_id‘ index on `domain_dns‘ table; added index length for `domain_dns‘ and `domain_text‘ columns

DISTRIBUTIONS

• Fixed: libpam-mysql package – undefined symbol: make_scrambled_password (bugs affecting all distributions)
• Fixed: libpam-mysql package – possible segfault (bugs affecting all distributions)

FRONTEND

• Added: Datatable for domains, subdomains, domain aliases and DNS resource records (client level)
• Added: Datatable for the file system information table (admin level)
• Added: iMSCP\Crypt library
• Added: iMSCP\Net class – Allows to get list of network devices and IP addresses (stdlib)
• Added: \iMSCP\Json\LazyDecoder class for lazy-decoding of JSON data
• Added: Exclamation icon
• Added: MX DNS resource record type (client level)
• Added: `onParseTemplate‘ event (event triggered when a template is parsed)
• Added: `onSendMail‘ event (event triggered each time a mail is sent)
• Added: SPF DNS resource record type (validated as a TXT record) (client level)
• Added: Support for .phtml template files (stdlib)
• Added: torul() function for escaping a string for the URI or parameter contexts (stdlib)
• Changed: DNS resource record are no longer created automatically (client level – See errata for more details)
• Changed: exec() PHP function is no longer disabled for the control panel (master php.ini file)
• Changed: The `type‘ field cannot longer be changed when editing a DNS resource record (client level)
• Changed: Support for nested MySQL transactions is now emulated using named transaction savepoints (stdlib)
• Fixed: Bruteforce feature still acts even when disabled (lostpassword.php)
• Fixed: Could not add DKIM/DMARC DNS resource records (client level)
• Fixed: Could not retrieve network devices list under Debian Stretch (testing) – Related to #IP-1525 (admin level)
• Fixed: Customer must be allowed to set custom TTL value for any DNS resource record (client level)
• Fixed: Customer must be allowed to set `name‘ field of any DNS resource record (client level)
• Fixed: Customer PHP permissions not saved when editing customer account (regression fix)
• Fixed: Could not remove database; There is no such grant defined for user… (stdlib)
• Fixed: Could not set URL redirect when adding domain alias; Bad request error page (client level)
• Fixed: Email template inconsistencies
• Fixed: IDNs are shown in IDNA form in several places
• Fixed: iMSCP_Update_Database::addIndex() doesn’t allows to set index length (stdlib)
• Fixed: Lostpasword feature is broken
• Fixed: Mails sent from FrontEnd could be rejected if sender email domain is hosted externally
• Fixed: Privileges on database that contains wildcards are not removed when SQL user is assigned to many databases
• Fixed: Reseller PHP permissions not saved when editing reseller account (regression fix)
• Fixed: Uncaught ReferenceError: `ajaxStop‘ is not defined (admin level)
• Fixed: Wrong behavior with exception handler when database connection is not available (stdlib)
• Fixed: Wrong value for `LOG_LEVEL‘ configuration parameter
• Introduced: HSTS (HTTP Strict Transport Security) feature
• Removed: User deletion confirmation pages (admin and reseller levels)
• Removed: iMSCP_NetworkCard class; replaced by iMSCP\Net class (stdlib)
• Rewritten: FTP chooser interface to avoid usage of iframe and allows fine-grained filtering (client level)
• Rewritten: Protected area interface (client level)

INSTALLER

• Added: –fix-permissions command line option. See errata file for more details.
• Added: (before|after)SetupRegisterPluginListeners events
• Added: Check for maximum supported PHP/Perl versions
• Added: Check to prevent downgrade attempts (when DB schema change is involved)
• Added: Conditional statement feature for install.xml files (copy_config items only)
• Added: Layer allowing to rebuild Debian/Ubuntu source packages using pbuilder after applying a set patches on them
• Added: `onBuildPackageList‘ event (Allows to override default distribution packages file)
• Fixed: `_‘ and `%‘ wildcards must be escaped in GRANT statements
• Fixed: Debug and verbose modes must be set early
• Fixed: Disable Dovecot systemd socket activation unit if any (not needed for Dovecot as configured by i-MSCP)
• Fixed: Don’t die on misconfigured server hostname. Just ask for a valid hostname instead
• Fixed: Invalid regexes for SQL user/password (Package::PhpMyAdmin::Installer)
• Fixed: libmariadbclient18 package not provided in Debian Stretch (testing) repository
• Fixed: /etc/mailname file not updated when reconfiguring system hostname
• Fixed: Ignore SIGNINT to prevent user aborting installer in wrong way
• Fixed: Master DNS zone is always deleted on i-MSCP update/reconfiguration (Package::FrontEnd::Installer)
• Fixed: MySQL server 5.6 no longer available for Ubuntu 16.04 (replaced by MySQL server 5.7)
• Fixed: Plugin setup listeners are no longer registered (regression fix)
• Fixed: SQL user and password not correctly escaped in imscp.cnf file (Servers::sqld::mysql::installer)
• Moved: Master administrator questions and setup routines into Package::FrontEnd::Installer
• Removed: Update notices (link to errata file is sufficient)
• Renamed: imscp-setup script to imscp-reconfigure

PACKAGES

• Added: Monsta FTP package
• Disabled: Pydio in case PHP >= 7.0.0 is detected
• Fixed: As of 2012-6-7, the md5 algorithm is „no longer considered safe“ (Package::FrontEnd::Installer)
• Fixed: `ERR_INCOMPLETE_CHUNKED_ENCODING‘ error due to wrong permissions on nginx fastcgi cache directory (FrontEnd)
• Fixed: Missing IP version check (Package::FrontEnd::Installer)
• Fixed: White page due to `net::ERR_INCOMPLETE_CHUNKED_ENCODING‘ errors (related to #IP-1530) (PhpMyAdmin)
• Updated: PhpMyAdmin version to 4.6.0 – Only for servers with PHP/MySQL >= 5.5 (Package::PhpMyAdmin::Installer)

PLUGINS

• Enhancement: Plugin backend packages can now be simple objects
• Fixed: Plugin configuration not synced when triggering plugin list update (when a plugin is in error state)
• Fixed: Plugin manager must load plugins by respecting their priority
• Fixed: The `change‘ action must be automatically triggered on plugin list update, even for plugins with error state
• Fixed: Wrong events triggered when a plugin is being locked/unlocked
• Updated: API version to 1.0.4

SERVERS

• Added: i-MSCP own logrorate configuration file for ProFTPD (xferlog file don’t need to be rotated)
• Added: i-MSCP own sysvinit script for ProFTPD – solve #IP-1402
• Changed: HTTPD log directories are now bind-mounted as read-only files system
• Changed: setenvif module is now always required ((Httpd servers)
• Fixed: AH01265: attempt to invoke directory as script: /var/www/virtual/<domain.tld>/cgi-bin/
• Fixed: Bad regexp in getTraffic() method leading to unmatching of traffic data (VsFTPd)
• Fixed: Could not build local vsftpd package when gpg has been initialized; .changes file cannot be signed
• Fixed: Courier sysvinit script must not be copied when selected PO server is Dovecot
• Fixed: Disabled mod_tls_memcache.c module to avoid weird notice on restart (ProFTPD)
• Fixed: Do not fix user/group and mode when not required (Httpd server implementations)
• Fixed: Do not remove default DNS records that are not redefined (Servers::named::bind)
• Fixed: Enable support for UTF-8 file systems (VsFTPd)
• Fixed: Hide real server identity (ProFTPD)
• Fixed: Invalid version format (non-numeric data) when installing VsFTPd on Debian Stretch (testing)
• Fixed: IP addresses are added multiple time in Apache 00_nameserver.conf file (Httpd servers)
• Fixed: libmysqlclient18 package not available for Ubuntu 16.04
• Fixed: maillogconvert.pl must not be installed in /usr/sbin (moved to /usr/local/sbin)
• Fixed: maillogconvert.pl not removed on uninstallation
• Fixed: maillogconvert.pl path must not be hardcoded
• Fixed: ON|OFF strings not recognized as boolean value in imscp.cnf file (MySQL)
• Fixed: Postfix (>= 3.0) is showing many warnings about backwards-compatible settings (default setting chroot=y)
• Fixed: Postfix maps must not be world-readable (Postfix)
• Fixed: The SOA serial number must be incremented only once when a DNS zone is updated (Servers::named::bind)
• Fixed: Traffic accounting routines must not remove log files (ProFTPD/VsFTPd). Files are now truncated instead
• Fixed: Useless reload of VsFTPd when adding/removing an FTP user (privileges are given by session)
• Fixed: VsFTPd doesn’t reopen xferlog file automatically when the file has been removed, leading to traffic data loss
• Fixed: VsFTPD doesn’t support non-ascii characters in FTP usernames
• Fixed: When the –skip-distro-packages installer option is set, the vsftpd local package shouldn’t be rebuilt
• Removed: /var/log/proftpd/ftp_traff.log custom log. Traffic data are now pulled from /var/log/proftpd/xferlog

SERVICES

• Added: imscp_mountall service – Mount filesystems on server reboot

VENDOR

• Patched: phpseclib library (deprecated constructor method – PHP >= 7.0)
• Updated: phpseclib library to version 1.0.2

VLOGGER

• Fixed: Avoid SELECT queries while dump of traffic data
• Fixed: SQL statement must be prepared once per dump process
• Fixed: Wrong SQL user host (localhost instead of 127.0.0.1)

YOUTRACK

• IP-0931 Unexpected error on protected area creation
• IP-1231 Default SPF DNS resource records should be overrideable
• IP-1365 Check for IPv6 support when installing services
• IP-1395 Domain redirect feature – Missing URL path separator
• IP-1402 ProFTPD doesn’t restart properly – killed (signal 15) – Wheezy/Precise/Trusty
• IP-1410 Feature – Possibility to change redirection type
• IP-1509 Could not generate SSL certificate through the frontEnd – Invalide SSL certificate
• IP-1510 VsFTPd – Use of uninitialized value $tmpFile
• IP-1511 Use of uninitialized value $imscpOldConfig{„BASE_SERVER_VHOST“} on fresh install
• IP-1513 Autoreply – Do not autoreply to messages marked as SPAM
• IP-1514 Could not install i-MSCP on Ubuntu Trusty Thar in some contexts
• IP-1525 ifconfig output format has changed in latest versions
• IP-1527 Wrong syntax in the VsFTPd uninstaller, leading to an i-MSCP uninstallation failure
• IP-1530 Nginx – Failed to load resource: net::ERR_INCOMPLETE_CHUNKED_ENCODING
• IP-1533 i-MSCP is not compatible with servers on which IPv6 stack is disabled
• IP-1536 systemd – imscp_daemon service can fail to start/restart
• IP-1539 Default behaviour when adding a MySQL user is counter-intuitive
• IP-1549 RRL implementation for BIND/Named config
• IP-1555 Syntax error in imscp-disable-accounts script
• IP-1557 vsftpd – request failed due to PAM unable to dlopen(pam_mysql.so)…
• IP-1563 Default MX record not removed when adding external mailserver (domain type)
• IP-1564 Debian pam-mysql source package – Could not satisfy build dependencies
• IP-1565 Broken catch-all after deletion of a mailbox
• IP-1566 Exception thrown when requesting password for reseller with deleted admin
• IP-1567 „Unknown“ status in users overview
• IP-1572 Upstart Provider – Possible precedence issue with control flow operator
• IP-1573 On i-MSCP update, some disabled customer items are still processed which is unexpected

You can download this new version at:

• github.com/i-MSCP/imscp/releases/tag/1.3.0
• sourceforge.net/projects/i-mscp/

http://i-mscp.net/index.php/Thread/13457-i-MSCP-1-3-0-RELEASED/?s=f451341e317eb6bff3bf7efd1b35094b44cd7d3f