ISPConfig 3 issueshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues2017-08-10T20:10:43Zhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3383md5sum: /usr/local/ispconfig/server/temp/.ispconfig_lock: No such file or dir...2017-08-10T20:10:43ZDaniel Iancumd5sum: /usr/local/ispconfig/server/temp/.ispconfig_lock: No such file or directory, 3.0.5.4p4Hello,
Updating the slave servers to the new version (3.0.5.4p4), on one of them, after chosing to "Reconfigure Permissions in master database" and "Reconfigure Services", right after the mysql server restart, after "Checking for tabl...Hello,
Updating the slave servers to the new version (3.0.5.4p4), on one of them, after chosing to "Reconfigure Permissions in master database" and "Reconfigure Services", right after the mysql server restart, after "Checking for tables which need an upgrade, are corrupt or were not closed cleanly..", I get this error message:
md5sum: /usr/local/ispconfig/server/temp/.ispconfig_lock: No such file or directory
After it, "Update finished." is the final line.3.1https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3382Bug with PHP-FPM configuration since 3.0.5.4 Patch 42017-08-10T20:10:43ZMaxime RouastBug with PHP-FPM configuration since 3.0.5.4 Patch 4Since the introduction of the Patch 4 I have noticed that when creating a website using "PHP-FPM" in the Domain tab and" Use Socket For PHP-FPM" in the Options tab the automatically generated Apache vhost file contains the wrong informat...Since the introduction of the Patch 4 I have noticed that when creating a website using "PHP-FPM" in the Domain tab and" Use Socket For PHP-FPM" in the Options tab the automatically generated Apache vhost file contains the wrong information:
it is wrongly configured to use the host to connect (-host 127.0.0.1:****) to the PHP-FPM "FastCgiExternalServer" directive.
Instead it should be using the socket to connect (using the directive -socket /var/lib/php5-fpm/web**.sock) on the "FastCgiExternalServer" line.
This misconfiguration of the Apache vhost file results in HTTP 500 errors because Apache could not connect to the PHP server.
This problem did not happen with Patch 3 but only since Patch 4.
Changing the directive by hand back to host it should be (using the directive -socket /var/lib/php5-fpm/web**.sock instead of -host 127.0.0.1:****) and restarting Apache2 and PHP-FPM resolves the problem.
OS: Ubuntu 14.04LTS3.0.5.4p5https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3379apps_instance_setting database storing details in plain text2017-08-10T20:10:43ZMatt Dinsdaleapps_instance_setting database storing details in plain textI was just browsing through the ispconfig database files and came across something rather disturbing. When a client has used the apps installer to setup wordpress, joomla or other available app the details are stored in plain text!! I ca...I was just browsing through the ispconfig database files and came across something rather disturbing. When a client has used the apps installer to setup wordpress, joomla or other available app the details are stored in plain text!! I can read usernames and passwords without even thinking about cracking! (not that i would want to anyway)
I see this as somewhat a bit of a security vulnerability especially if the database were to become compromised, can it be set so that it at least gets run through md5 before being stored3.0.5.4p4https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3377openvz container wont boot after new mounts added to fstab2017-08-10T20:10:43ZDavid Temesopenvz container wont boot after new mounts added to fstabUbuntu 12.04.5 LTS (Precise Pangolin)) ISPConfig 3.0.5.4p3
This machine running inside a vz container in a proxmox environment wont boot after the additions to the fstab done by ispconfig. Deleting or commenting the new mounts the mac...Ubuntu 12.04.5 LTS (Precise Pangolin)) ISPConfig 3.0.5.4p3
This machine running inside a vz container in a proxmox environment wont boot after the additions to the fstab done by ispconfig. Deleting or commenting the new mounts the machine boots just fine.3.0.5.4p4https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3371Server stops at boot with _netdev mount option in fstab on a Ubuntu 12.04 server2017-08-10T20:10:43ZTill BrehmServer stops at boot with _netdev mount option in fstab on a Ubuntu 12.04 serverhttps://www.howtoforge.de/forum/threads/system-bootet-nicht-fstab-fehler.8492/#post-42440https://www.howtoforge.de/forum/threads/system-bootet-nicht-fstab-fehler.8492/#post-42440https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3370SSH passwords with special chars not working on first try2017-08-10T20:10:43ZFalko Timmef.timme@timmehosting.deSSH passwords with special chars not working on first tryWhen you create an SSH user with speciual chars in the password, login does not work. If you edit the user and set the same password again in ISPConfig, then logins work.When you create an SSH user with speciual chars in the password, login does not work. If you edit the user and set the same password again in ISPConfig, then logins work.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3368Interface SSL keys should be owned by root2017-08-10T20:10:43ZJulianInterface SSL keys should be owned by rootthe folder /usr/local/ispconfig/interface/ssl/ should not have a SETGID-BIT set.
because of this the ssl key for the ispconfig interface is owned by ispconfig:ispconfig (should be root:root). www-data is a member of the group ispconfi...the folder /usr/local/ispconfig/interface/ssl/ should not have a SETGID-BIT set.
because of this the ssl key for the ispconfig interface is owned by ispconfig:ispconfig (should be root:root). www-data is a member of the group ispconfig which could lead to a security problem.3.0.5.4p4https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3367htaccess deny/allow overruled by default config in vhost2017-08-10T20:10:43ZBart Dorlandthtaccess deny/allow overruled by default config in vhostHi,
the default config generated in the vhost config has the below on both directories (physical and symlink):
AllowOverride All
Order allow,deny
Allow from all
If I wish to use the following configuration in the hta...Hi,
the default config generated in the vhost config has the below on both directories (physical and symlink):
AllowOverride All
Order allow,deny
Allow from all
If I wish to use the following configuration in the htaccess, it wouldn't work because this has already been parsed.
order deny,allow
deny from all
allow from 92.111.222.233
thanks in advance.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3366Zend php configuration seen as invalid settings2017-08-10T20:10:43ZBart DorlandtZend php configuration seen as invalid settingsIn the previous version i had the following added to the 'Custom php.ini settings'. In the latest version this gives an error.
----
[Zend]
zend_extension="/etc/apache2/Zend/lib/ioncube_loader_lin_5.4.so"
----
Giving the followin...In the previous version i had the following added to the 'Custom php.ini settings'. In the latest version this gives an error.
----
[Zend]
zend_extension="/etc/apache2/Zend/lib/ioncube_loader_lin_5.4.so"
----
Giving the following error:
----
ERROR
Invalid php.ini settings
----https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3365sites_database_add doesn't set the sys_groupid parameter2017-08-10T20:10:43ZMaurus Caflischsites_database_add doesn't set the sys_groupid parameterThe Remote-API-Function sites_database_add doesn't set the sys_groupid.
Issue 1: Databases created over the API for a Client can't be deleted recursively with the Client.
Issue 2: Remote Function client_get_by_username din't work fo...The Remote-API-Function sites_database_add doesn't set the sys_groupid.
Issue 1: Databases created over the API for a Client can't be deleted recursively with the Client.
Issue 2: Remote Function client_get_by_username din't work for Databases created over the API.
Because of no entry in the database.tform.php there is no workaround to set it over the submitted parameters.
In the remoting.lib.php is a call $app->sites_database_plugin->processDatabaseInsert($this); who seems to do something about sys_groupid, but all the code in the sites_database_plugin.php is commented out.3.0.5.4p4Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3363Admin re-login after change admin password fails2017-08-10T20:10:43ZMaurus CaflischAdmin re-login after change admin password failsIn the same browser-session:
- Login as admin
- Change the admin password
- Go to client-module
- Log in as different user over the 'Log in as'-Button
- Log out the user
- Choose the 're-login as admin'-button
The relogin-proce...In the same browser-session:
- Login as admin
- Change the admin password
- Go to client-module
- Log in as different user over the 'Log in as'-Button
- Log out the user
- Choose the 're-login as admin'-button
The relogin-process will fail. Also the login with the changed credentials will fail after the unsuccessful relogin.
The only way is to completely logout the user and login as admin again.3.0.5.4p4Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3361Can't update Joomla on ISPConfig2017-08-10T20:10:43ZDenis MakarovCan't update Joomla on ISPConfigHi! I'm installed Joomla 3.3.3 on ISPConfig and want to update it to 3.3.4. But when I'm trying to update, I have error: ERROR:
AJAX Loading Error: Internal Server Error
In logs:
tail ~/log/error.log
Mon Sep 29 14:49:50.175528 ...Hi! I'm installed Joomla 3.3.3 on ISPConfig and want to update it to 3.3.4. But when I'm trying to update, I have error: ERROR:
AJAX Loading Error: Internal Server Error
In logs:
tail ~/log/error.log
Mon Sep 29 14:49:50.175528 2014] [fcgid:warn] [pid 19778] (104)Connection reset by peer: [client 89.169.143.161:42771] mod_fcgid: error reading data from FastCGI server, referer: https://sageit.ru/administrator/index.php?option=com_joomlaupdate&task=update.install
[Mon Sep 29 14:49:50.175593 2014] [core:error] [pid 19778] [client 89.169.143.161:42771] End of script output before headers: restore.php, referer: https://sageit.ru/administrator/index.php?option=com_joomlaupdate&task=update.install
If I install Joomla on LAMP without ISPConfig - Joomla updates correct.
Please, fix this problem.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3359Installer fails to create smtpd.cert2017-08-10T20:10:43ZJonathan SloanInstaller fails to create smtpd.certHey guys,
Just wanted to say that the software is awesome. But with the patch being installed on a fresh centos box it appears that the smtpd.cert for dovecot is not created, which causes the service to fail to start/restart.Hey guys,
Just wanted to say that the software is awesome. But with the patch being installed on a fresh centos box it appears that the smtpd.cert for dovecot is not created, which causes the service to fail to start/restart.3.0.5.4p4https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3358chattr breaks web reconfiguration on NFS shares even if protection is disabled2017-08-10T20:10:43ZChristoph Keplerchattr breaks web reconfiguration on NFS shares even if protection is disabledI get the error in /var/log/ispconfig/cron.log
chattr: Unpassender IOCTL (I/O-Control) für das Gerät beim Lesens der Flags in /var/www/clients/client1/web14
Which translates to "Inappropriate ioctl for device While reading flags on...I get the error in /var/log/ispconfig/cron.log
chattr: Unpassender IOCTL (I/O-Control) für das Gerät beim Lesens der Flags in /var/www/clients/client1/web14
Which translates to "Inappropriate ioctl for device While reading flags on".
The reason is, that the web root are mounted as NFS share. NFS doesn't support chattr.
As I read in http://www.howtoforge.com/forums/archive/index.php/t-64205.html, this security feature seems to be new in ISPConfig 3.0.5.4
I also read, that I can disable this feature in Server -> Web -> Permissions. But this error occures even, if the option is disabled:
[web]
security_level=10
set_folder_permissions_on_update=n
web_folder_protection=n
What can I do?https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3355New gtld - regex issue while defining alias emaildomains2017-08-10T20:10:43ZSebastian StelmasikNew gtld - regex issue while defining alias emaildomainsHi.
while trying to assign an alias emaildomain for an customer I found an issue in the reqex checking domain name validity (length):
./ispconfig/interface/web/mail/form/mail_aliasdomain.tform.php:89
'regex' => '/^\@[\w\.\-]{2,64...Hi.
while trying to assign an alias emaildomain for an customer I found an issue in the reqex checking domain name validity (length):
./ispconfig/interface/web/mail/form/mail_aliasdomain.tform.php:89
'regex' => '/^\@[\w\.\-]{2,64}\.[a-zA-Z0-9\-]{2,10}$/',
The domain of my customer had 11 chars .photography, so I change it to:
'regex' => '/^\@[\w\.\-]{2,64}\.[a-zA-Z0-9\-]{2,20}$/',
I don't know the length limits for the new tlds, but 10 chars is def. not enough. You should check that and extend it in future releases.
Best regards,
Sebastian Stelmasik3.0.5.4p4https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3353Application install error2017-08-10T20:10:43ZNickApplication install errordyt[ I try to install a some aaps oh a hosting account, have an error in a log:
PHP Warning: mysql_connect(): Access denied for user 'c287aps1'@'localhost' (using password: YES) in /var/www/clients/client287/web499/web/install_script...dyt[ I try to install a some aaps oh a hosting account, have an error in a log:
PHP Warning: mysql_connect(): Access denied for user 'c287aps1'@'localhost' (using password: YES) in /var/www/clients/client287/web499/web/install_scripts/db-util.php on line 66
Unable to connect to DB: Access denied for user 'c287aps1'@'localhost' (using password: YES)
as I see, install application script can't add a database or dbuser, because all application files unzipper properly.
at "wordpress" variant wp-config.php can't be created too (may be because db/dbuser can't properly configured)
(svn version)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3350Limit-tamplate no function2017-08-10T20:10:43ZAndres MejiaLimit-tamplate no functionWhen create limit-template and assing to client, this limit not set. if configuration a template with 61440MB (60GB) the The hard disk limit found unlimited.When create limit-template and assing to client, this limit not set. if configuration a template with 61440MB (60GB) the The hard disk limit found unlimited.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3462database quota page content is websites2017-08-10T20:10:42ZNickdatabase quota page content is websitesI think, that in page where url text is "database quota" I see database list with database sizes, but not websites listI think, that in page where url text is "database quota" I see database list with database sizes, but not websites list3.1Florian SchaalFlorian Schaalhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3458new web interface layout for a 1366x768 fails2017-08-10T20:10:42ZNicknew web interface layout for a 1366x768 failsI have a notebook with 1366x768 and see, that columns and lines at client list and database list are crawl on each other, so content not readable anyway, when I zoom in/out page - content proportionally changed.I have a notebook with 1366x768 and see, that columns and lines at client list and database list are crawl on each other, so content not readable anyway, when I zoom in/out page - content proportionally changed.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/3456no database restore with password containing special characters2017-08-10T20:10:42Zjayno database restore with password containing special charactersif you have special characters (like *) in your mysql root password it don't work to restore database.
The problem is here :
./server/plugins-available/backup_plugin.inc.php [line 120] :
```
$command = "gunzip --stdout ".escapeshel...if you have special characters (like *) in your mysql root password it don't work to restore database.
The problem is here :
./server/plugins-available/backup_plugin.inc.php [line 120] :
```
$command = "gunzip --stdout ".escapeshellarg($backup_dir.'/'.$backup['filename'])." | mysql -h '".escapeshellcmd($clientdb_host)."' -u '".escapeshellcmd($clientdb_user)."' -p'".escapeshellcmd($clientdb_password)."' '".$db_name."'";
```
with the use of escapeshellcmd wich change my#pass$word to my\#pass\*word
It seems that you have change it in [line 1268] :
/usr/local/ispconfig/server/cron_daily.php:
```
$command = "mysqldump -h ".escapeshellarg($clientdb_host)." -u ".escapeshellarg($clientdb_user)." -p".escapeshellarg($clientdb_password)." -c --add-drop-table --create-options --quick --result-file='".$db_backup_dir.'/'.$db_backup_file."' '".$db_name."'";
```
with the use of escapeshellarg and not escapeshellcmd.
(we saw that you have change this line from line 1267 commented and with the escapeshellcmd)
So work for me with :
./server/plugins-available/backup_plugin.inc.php:
```
$command = "gunzip --stdout ".escapeshellarg($backup_dir.'/'.$backup['filename'])." | mysql -h '".escapeshellcmd($clientdb_host)."' -u '".escapeshellcmd($clientdb_user)."' -p".escapeshellarg($clientdb_password)." '".$db_name."'";
```
may be doing the same for the 2 others escapeshellcmd in this file, allmost there are no other escapeshellcmd in the others file of this project ...
Thank you for this project. (using it for years)3.1