ISPConfig 3 issueshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues2019-02-19T17:49:10Zhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5250Error in Debian version detection code2019-02-19T17:49:10ZTill BrehmError in Debian version detection codeAn Error in the Debian version detection code in ISPConfig leads to the problem that Debian 9.8 is detected as Debian 8. This issue will be fixed in 3.1.14 and there will be also a 3.1.13p1 release to patch the issue in current stable re...An Error in the Debian version detection code in ISPConfig leads to the problem that Debian 9.8 is detected as Debian 8. This issue will be fixed in 3.1.14 and there will be also a 3.1.13p1 release to patch the issue in current stable release.3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5331Disallow 0 as website harddisk quota value2019-07-05T10:16:12ZTill BrehmDisallow 0 as website harddisk quota valueDisallow 0 as website harddisk quota value as this is treated by the quota command as unlimited too while ISPConfig uses -1 as unlimited value.Disallow 0 as website harddisk quota value as this is treated by the quota command as unlimited too while ISPConfig uses -1 as unlimited value.3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5326LE Renewal issue on systems that use the relative symlink option for websites2019-06-26T13:48:15ZTill BrehmLE Renewal issue on systems that use the relative symlink option for websitesThere is an issue with LE renewals when the relative symlinks option is on under system > server config > web. This option is off by default and only needed on some specific chrooted apache configurations, not used in any standard ISPCon...There is an issue with LE renewals when the relative symlinks option is on under system > server config > web. This option is off by default and only needed on some specific chrooted apache configurations, not used in any standard ISPConfig setup, so very few users are affected by this.3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5313Extend custom php.ini check regex2019-07-03T10:02:49ZTill BrehmExtend custom php.ini check regexhttps://forum.howtoforge.de/threads/fehler-invalid_custom_php_ini_settings_txt.11654/#post-57922https://forum.howtoforge.de/threads/fehler-invalid_custom_php_ini_settings_txt.11654/#post-579223.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5293If an email is submitted via SMTPUTF8 it will bounce2019-07-03T10:31:34ZPatrick GatterdamIf an email is submitted via SMTPUTF8 it will bounce## short description
If a email is accepted via SMTPUTF8 and amavis via port 10026 is used the email is bounced.
I think this happens if the mail is being forwarded.
## correct behaviour
amavis should announce SMTPUTF8 on port 10026 cor...## short description
If a email is accepted via SMTPUTF8 and amavis via port 10026 is used the email is bounced.
I think this happens if the mail is being forwarded.
## correct behaviour
amavis should announce SMTPUTF8 on port 10026 correctly, port 10024 is not affected
## environment
Server OS: (debian)
Server OS version: (stretch)
ISPConfig version: (3.1.13p1)
## proposed fix
remove this line from install/tpl/amavisd_user_config.master
```
smtpd_discard_ehlo_keywords => ['8BITMIME'],
```
## references
http://www.postfix.org/SMTPUTF8_README.html
```
Introduced with Postfix version 3.0, this fully supports UTF-8 email addresses and UTF-8 message header values.
```
https://www.ijs.si/software/amavisd/release-notes.txt
```
A SMTP response to an EHLO command will now announce SMTPUTF8 capability by default.
```
## log entries
```
relay=127.0.0.1[127.0.0.1]:10026, delay=0.2, delays=0.15/0/0.05/0, dsn=5.6.7, status=bounced (SMTPUTF8 is required, but was not offered by host 127.0.0.1[127.0.0.1])
```3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5291Unable to initalize letsencrypt with subdomains2019-04-15T12:19:33ZRajko AlbrechtUnable to initalize letsencrypt with subdomains## short description
When setting up a site with auto subdomains enable of letsencrypt fails.
## environment
* Server OS: debian
* Server OS version: 9.8
* ISPConfig version: 3.1.13
* certbot: 0.33.1
* Apache/2.4.25 (Debian)
## Probl...## short description
When setting up a site with auto subdomains enable of letsencrypt fails.
## environment
* Server OS: debian
* Server OS version: 9.8
* ISPConfig version: 3.1.13
* certbot: 0.33.1
* Apache/2.4.25 (Debian)
## Problem behind
in `get_letsencrypt_certificate_paths` in `letsencrypt.inc.php` you try to read the related domains from renewal config files due reading the lines in section `[[webroot_map]]`
But sometimes (I don't know why) certbot does not write these lines into config file. So there is no certificate files given back to `request_certificates` and then letsencrypt is of course disabled.
A possible stable solution would, instead of parsing the config file of letsencrypt you may use the output of `certbot-auto certificates -d <maindomain> -d <subdomain> -d <subdomain>` which results always in a _single_ output of associated files like
```
Certificate Name: example.com
Domains: example.com www.example.com
Expiry Date: xxxxx (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/example.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/example.com/privkey.pem
```
I think parsing such a small blob would be more stable then reading of config files.3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5288Wrong permissions of dkim cert folder on CentOS 72019-04-08T16:34:07ZTill BrehmWrong permissions of dkim cert folder on CentOS 7The wrong permissions cause this error:
Error in config file "/etc/amavisd/amavisd.conf": Error in config file "/etc/amavisd/60-dkim": Can't open PEM file /var/lib/amavis/dkimThe wrong permissions cause this error:
Error in config file "/etc/amavisd/amavisd.conf": Error in config file "/etc/amavisd/60-dkim": Can't open PEM file /var/lib/amavis/dkim3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5275DNS Wizard does not add new zone2019-03-20T17:46:41ZTill BrehmDNS Wizard does not add new zoneThis issue existed in GIT stable branch temporarily only, the code was not part of any released version.This issue existed in GIT stable branch temporarily only, the code was not part of any released version.3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5265IDN Domain issues in email domain form2019-03-05T15:34:03ZTill BrehmIDN Domain issues in email domain formThere are several problems with IDN domains in the mail domain form which cause paths to switch between idn domain and its ascii representation and also DKIM fails for IDN domains.There are several problems with IDN domains in the mail domain form which cause paths to switch between idn domain and its ascii representation and also DKIM fails for IDN domains.3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5262Nginx ssl directive deprecated warning in ispconfig.vhost file2019-03-04T18:28:12ZTill BrehmNginx ssl directive deprecated warning in ispconfig.vhost fileError message:
nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/sites-enabled/000-ispconfig.vhost:4Error message:
nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/sites-enabled/000-ispconfig.vhost:43.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5258Let's Encrypt Cert file: does not exist.2019-05-13T16:08:06ZBart DorlandtLet's Encrypt Cert file: does not exist.## short description
While trying to enable a website with a LE certificate, it goes through the process, which all looks fine, except for the part it says: "Let's Encrypt Cert file: does not exist." (with debug enabled).
Therefore not ...## short description
While trying to enable a website with a LE certificate, it goes through the process, which all looks fine, except for the part it says: "Let's Encrypt Cert file: does not exist." (with debug enabled).
Therefore not enabling SSL (with LE) on the website.
Even though the LE certs are created in the correct directory.
## correct behaviour
The letsencrypt log shows the process where the certificate has been received. It is expected that ispconfig uses that certificate to enable the website with SSL.
## environment
Server OS: Debian
Server OS version: 9.7, stretch
ISPConfig version: 3.1.13
## log entries
/var/log/ispconfig/ispconfig.log
```
27.02.2019-13:37 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
27.02.2019-13:37 - DEBUG - Found 1 changes, starting update process.
27.02.2019-13:37 - DEBUG - Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
27.02.2019-13:37 - DEBUG - Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
27.02.2019-13:37 - DEBUG - Verified domain zwart-licht.nl should be reachable for letsencrypt.
27.02.2019-13:37 - DEBUG - Verified domain www.zwart-licht.nl should be reachable for letsencrypt.
27.02.2019-13:37 - DEBUG - Create Let's Encrypt SSL Cert for: zwart-licht.nl
27.02.2019-13:37 - DEBUG - Let's Encrypt SSL Cert domains: --domains zwart-licht.nl --domains www.zwart-licht.nl
27.02.2019-13:37 - DEBUG - exec: /opt/eff.org/certbot/venv/bin/certbot certonly -n --text --agree-tos --expand --authenticator webroot --server https://acme-v02.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@zwart-licht.nl --domains zwart-licht.nl --domains www.zwart-licht.nl --webroot-path /usr/local/ispconfig/interface/acme
27.02.2019-13:37 - DEBUG - Let's Encrypt Cert file: does not exist.
27.02.2019-13:37 - DEBUG - Writing the vhost file: /etc/apache2/sites-available/zwart-licht.nl.vhost
27.02.2019-13:37 - DEBUG - Writing the PHP-FPM config file: /etc/php/7.0/fpm/pool.d/web22.conf
27.02.2019-13:37 - DEBUG - Calling function 'restartPHP_FPM' from module 'web_module'.
27.02.2019-13:37 - DEBUG - Restarting php-fpm: systemctl reload php7.0-fpm.service
27.02.2019-13:37 - DEBUG - Apache status is: running
27.02.2019-13:37 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
27.02.2019-13:37 - DEBUG - Restarting httpd: systemctl restart apache2.service
27.02.2019-13:37 - DEBUG - Apache restart return value is: 0
27.02.2019-13:37 - DEBUG - Apache online status after restart is: running
27.02.2019-13:37 - DEBUG - Processed datalog_id 1344
27.02.2019-13:37 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
```
/var/log/letsencrypt/letsencrypt.log
```
2019-02-27 13:37:12,844:DEBUG:certbot.storage:Archive directory /etc/letsencrypt/archive/zwart-licht.nl and live directory /etc/letsencrypt/live/zwart-licht.nl created.
2019-02-27 13:37:12,844:DEBUG:certbot.storage:Writing certificate to /etc/letsencrypt/live/zwart-licht.nl/cert.pem.
2019-02-27 13:37:12,845:DEBUG:certbot.storage:Writing private key to /etc/letsencrypt/live/zwart-licht.nl/privkey.pem.
2019-02-27 13:37:12,845:DEBUG:certbot.storage:Writing chain to /etc/letsencrypt/live/zwart-licht.nl/chain.pem.
2019-02-27 13:37:12,845:DEBUG:certbot.storage:Writing full chain to /etc/letsencrypt/live/zwart-licht.nl/fullchain.pem.
2019-02-27 13:37:12,845:DEBUG:certbot.storage:Writing README to /etc/letsencrypt/live/zwart-licht.nl/README.
2019-02-27 13:37:12,959:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer <certbot.cli._Default object at 0x7f846dcbc4d0>
2019-02-27 13:37:13,086:DEBUG:certbot.cli:Var webroot_path=/usr/local/ispconfig/interface/acme (set by user).
2019-02-27 13:37:13,086:DEBUG:certbot.cli:Var webroot_map=set(['webroot_path']) (set by user).
2019-02-27 13:37:13,362:DEBUG:certbot.cli:Var server=https://acme-v02.api.letsencrypt.org/directory (set by user).
2019-02-27 13:37:14,026:DEBUG:certbot.cli:Var webroot_path=/usr/local/ispconfig/interface/acme (set by user).
2019-02-27 13:37:14,145:DEBUG:certbot.cli:Var rsa_key_size=4096 (set by user).
2019-02-27 13:37:14,779:DEBUG:certbot.cli:Var authenticator=webroot (set by user).
2019-02-27 13:37:14,875:DEBUG:certbot.cli:Var server=https://acme-v02.api.letsencrypt.org/directory (set by user).
2019-02-27 13:37:14,875:DEBUG:certbot.cli:Var account=set(['server']) (set by user).
2019-02-27 13:37:15,780:DEBUG:certbot.storage:Writing new config /etc/letsencrypt/renewal/zwart-licht.nl.conf.
2019-02-27 13:37:15,781:DEBUG:certbot.reporter:Reporting to user: Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/zwart-licht.nl/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/zwart-licht.nl/privkey.pem
```
CLI information
```
# pwd
/etc/letsencrypt/live/zwart-licht.nl
# ll
total 4,0K
lrwxrwxrwx 1 root root 38 feb 27 13:37 cert.pem -> ../../archive/zwart-licht.nl/cert1.pem
lrwxrwxrwx 1 root root 39 feb 27 13:37 chain.pem -> ../../archive/zwart-licht.nl/chain1.pem
lrwxrwxrwx 1 root root 43 feb 27 13:37 fullchain.pem -> ../../archive/zwart-licht.nl/fullchain1.pem
lrwxrwxrwx 1 root root 41 feb 27 13:37 privkey.pem -> ../../archive/zwart-licht.nl/privkey1.pem
-rw-r--r-- 1 root root 692 feb 27 13:37 README
# pwd
/etc/letsencrypt/renewal
# cat zwart-licht.nl.conf
# renew_before_expiry = 30 days
version = 0.31.0
archive_dir = /etc/letsencrypt/archive/zwart-licht.nl
cert = /etc/letsencrypt/live/zwart-licht.nl/cert.pem
privkey = /etc/letsencrypt/live/zwart-licht.nl/privkey.pem
chain = /etc/letsencrypt/live/zwart-licht.nl/chain.pem
fullchain = /etc/letsencrypt/live/zwart-licht.nl/fullchain.pem
# Options used in the renewal process
[renewalparams]
account = ***
server = https://acme-v02.api.letsencrypt.org/directory
authenticator = webroot
rsa_key_size = 4096
webroot_path = /usr/local/ispconfig/interface/acme,
[[webroot_map]]
```3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5254Cronjob locking not working properly2020-09-08T12:51:04ZThomas Hellert.heller@timmehosting.deCronjob locking not working properly## short description
If a cronjob (e.g. website backups) is taking a really long time, it gets started again even though it is still running.
## correct behaviour
Cronjobs should be locked according to `running` status in `sys_cron`.
...## short description
If a cronjob (e.g. website backups) is taking a really long time, it gets started again even though it is still running.
## correct behaviour
Cronjobs should be locked according to `running` status in `sys_cron`.
## proposed fix
Is caused by `cronjob::run()` which will reset `running` status through `onCompleted()` after the first failed attempt. Will supply MR.
## environment
Server OS: debian
Server OS version: buster
ISPConfig version: 3.1.0.03.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5248ISPConfig user login database record not created on percona DB2019-07-03T14:49:01ZTill BrehmISPConfig user login database record not created on percona DBhttps://www.howtoforge.com/community/threads/created-client-doesnt-have-user-login.81343/https://www.howtoforge.com/community/threads/created-client-doesnt-have-user-login.81343/3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5242Problems Configuration Enable PageSpeed and HTTP2 with NGINX2019-02-26T13:39:51ZFlorian SchaalProblems Configuration Enable PageSpeed and HTTP2 with NGINXhttps://www.howtoforge.com/community/threads/problems-configuration-enable-pagespeed-and-http2-with-nginx-ispconfig-3-1-13.81276/#post-385004https://www.howtoforge.com/community/threads/problems-configuration-enable-pagespeed-and-http2-with-nginx-ispconfig-3-1-13.81276/#post-3850043.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5219Run getmail only on master when server is a mirror2019-03-05T17:03:53ZTill BrehmRun getmail only on master when server is a mirrorhttps://www.howtoforge.com/community/threads/getmail-catch-emails-duplicate-on-servers-in-cluster.81076/https://www.howtoforge.com/community/threads/getmail-catch-emails-duplicate-on-servers-in-cluster.81076/3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5214relayhost without authentication (easy fix)2023-06-05T06:59:21ZGhost Userrelayhost without authentication (easy fix)## short description
Setting up a relayhost without username/password results in "smtp_sasl_auth_enable = yes", which means it is trying to authenticate to the relayhost, but cannot (nothing to authenticate with), hence a SASL authentica...## short description
Setting up a relayhost without username/password results in "smtp_sasl_auth_enable = yes", which means it is trying to authenticate to the relayhost, but cannot (nothing to authenticate with), hence a SASL authentication failure error from the relayhost.
## correct behaviour
No relayhost credentials provided shouldn't cause authentication to be tried.
## environment
Server OS: Debian
Server OS version: stretch (9.6)
ISPConfig version: 3.1.13
## proposed fix
When the username field is empty, do not flip the smtp_sasl_auth_enable setting, but leave it instead to its default of "smtp_sasl_auth_enable = no".3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5168Mail server settings can generate invalid main.cf2018-12-04T17:58:52ZJan PechekMail server settings can generate invalid main.cf## short description
System > Server Configuration -> Mail settings allow me leave "Message Size Limit" unconfigured when i specify"Mailbox Size Limit". This lead to misconfigured Postfix main.cf:
`fatal: main.cf configuration error: ma...## short description
System > Server Configuration -> Mail settings allow me leave "Message Size Limit" unconfigured when i specify"Mailbox Size Limit". This lead to misconfigured Postfix main.cf:
`fatal: main.cf configuration error: mailbox_size_limit is smaller than message_size_limit`
This also can have other consequences, for example Mailman cannot deliver emails to local transport:
`to=<conf@localhost>, orig_to=<Conf@lists.domain.com>, relay=none, delay=414887, delays=414887/0.08/0/0.03, dsn=4.3.0, status=deferred (mail transport unavailable)`
## correct behaviour
ISPConfig should check if mailbox_size_limit isn't lower than message_size_limit and should notify user.
## environment
Server OS: Debian
Server OS version: Jessie
ISPConfig version: 3.1.113.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5167DKIM public key for subdomain not saved in dns2018-12-12T17:02:15ZJaapDKIM public key for subdomain not saved in dns## short description
DKIM public key is not published in dns when making a DKIM key for a subdomain
## correct behaviour
When creating a DKIM key from Email->Domain, the key should not only be stored for use by Amavis, but the public ke...## short description
DKIM public key is not published in dns when making a DKIM key for a subdomain
## correct behaviour
When creating a DKIM key from Email->Domain, the key should not only be stored for use by Amavis, but the public key should also be published in DNS. This works for normal domains, but not for subdomains.
## environment
Server OS: Debian
Server OS version: Wheezy
ISPConfig version: 3.1.13
## proposed fix
I don't know ISPConfig well enough to fix this myself :-(
## references
My post on howtoforge about this subject:
https://www.howtoforge.com/community/threads/dkim-public-key-for-subdomain-not-saved-in-dns.80434
## log entries
/var/log/ispconfig/ispconfig.log:
```
29.10.2018-17:07 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
29.10.2018-17:07 - DEBUG - Found 1 changes, starting update process.
29.10.2018-17:07 - DEBUG - Calling function 'soa_update' from plugin 'bind_plugin' raised by event 'dns_soa_update'.
29.10.2018-17:07 - DEBUG - Writing BIND domain file: /etc/bind/pri.domain.tld
29.10.2018-17:07 - DEBUG - Writing BIND named.conf.local file: /etc/bind/named.conf.local
29.10.2018-17:07 - DEBUG - Processed datalog_id 52547
29.10.2018-17:07 - DEBUG - Calling function 'restartBind' from module 'dns_module'.
29.10.2018-17:07 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
```3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5165PHP Syntax error in "install/dist/lib/opensuse.lib.php" on line 5102018-10-25T12:58:37ZAnthonyPHP Syntax error in "install/dist/lib/opensuse.lib.php" on line 510## short description
What is happening and what is wrong with that?
crash of the install script.
## correct behaviour
What should happen instead?
the script should finish its work
## environment
Server OS: OpenSuse
Server OS version: Lea...## short description
What is happening and what is wrong with that?
crash of the install script.
## correct behaviour
What should happen instead?
the script should finish its work
## environment
Server OS: OpenSuse
Server OS version: Leap 42.3
ISPConfig version: 3.1.13
_you can use `grep 'ISPC_APP_VERSION' /usr/local/ispconfig/server/lib/config.inc.php` to get it from the command line_
If it might be related to the problem
```
insert the output of `nginx -v` or `apachectl -v` here
```
```
insert the output of `php -v` here
```
## proposed fix
optional, of course.
if you want to post code snippets, please use
```
your code
```
replace :
$content = str_replace('{amavis_config_dir}', $conf['amavis']['config_dir']);
by :
$content = str_replace('{amavis_config_dir}', $conf['amavis']['config_dir'], $content);
in :
ispconfig3_install/install/dist/lib/opensuse.lib.php
on line : 510
## references
if you know of related bugs or feature requests, please reference them by using `#<bugnumber>`, e. g. #123
if you have done a merge request already, please reference it by using `!<mergenumber>`, e. g. !12
if you know of a forum post on howtoforge.com that deals with this topic, just add the link to the forum topic here
## screenshots
optional, of course.
Add screenshots of the problem by clicking "Attach a file" on the bottom right.
## log entries
```
apache / nginx error.log lines (if related)
```3.1.14https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5163Databases still exists on reseller delete2019-07-04T16:55:34ZWHODatabases still exists on reseller delete## short description
Reseller-Databases still exists in ISPConfig if a reseller will deleted. (Only assigned site will removed)
## correct behaviour
If a reseller is deleted the databases should removed too.
## environment
Server OS: (...## short description
Reseller-Databases still exists in ISPConfig if a reseller will deleted. (Only assigned site will removed)
## correct behaviour
If a reseller is deleted the databases should removed too.
## environment
Server OS: (debian)
Server OS version: (stretch)
ISPConfig version: (3.1.13 stable)
Server version: Apache/2.4.25 (Debian)
Server built: 2018-06-02T08:01:13
PHP 7.2.11-2+0~20181015120801.9+stretch~1.gbp8105e0 (cli) (built: Oct 15 2018 12:08:03) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.11-2+0~20181015120801.9+stretch~1.gbp8105e0, Copyright (c) 1999-2018, by Zend Technologies3.1.14