ISPConfig 3.0.5.4 Patch 2 is available for download. This is a patch release for ISPConfig 3.0.5.4 that fixes some issues that were found in the last version. http://www.ispconfig.org/blog/1/entry-132-ispconfig-3054p1-authenticated-local-root-vulnerability/ CERT Tracking ID: VRF#HYB1YX6V See changelog link below for a list of all changes that are included in this release. ----------------------------------------------------- - Download ----------------------------------------------------- The software can be downloaded here: http://prdownloads.sourceforge.net/ispconfig/ISPConfig-3.0.5.4p2.tar.gz ------------------------------------ - Changelog ------------------------------------ http://bugtracker.ispconfig.org/index.php?do=index&tasks=&project=3&due=80&status[]= -------------------------------------- - Known Issues: -------------------------------------- Please take a look at the bugtracker: http://bugtracker.ispconfig.org -------------------------------------- - BUG Reporting -------------------------------------- Please report bugs to the ISPConfig bugtracking system: http://bugtracker.ispconfig.org ---------------------------------------- - Supported Linux Distributions ---------------------------------------- - Debian Etch (4.0) - Wheezy (7.0) and Debian testing - Ubuntu 7.10 - 14.04 - OpenSuSE 11 - 13.1 - CentOS 5.2 - 6.5 - Fedora 9 - 15 ----------------------------------------- - Installation ----------------------------------------- The installation instructions for ISPConfig can be found here: http://www.ispconfig.org/ispconfig-3/documentation/ or in the text files (named INSTALL_*.txt) which are inside the docs folder of the .tar.gz file. ------------------------------------------ - Update ------------------------------------------ To update existing ISPConfig 3 installations, run this command on the shell: ispconfig_update.sh Select "stable" as the update resource. The script will check if an updated version of ISPConfig 3 is available and then download the tar.gz and start the setup script. A "reconfigure services" is not required for this patch update. Detailed instructions for making a backup before you update can be found here: http://www.faqforge.com/linux/controlpanels/ispconfig3/how-to-update-ispconfig-3/ If the ISPConfig version on your server does not have this script yet, follow the manual update instructions below. ------------------------------------------- - Manual update instructions ------------------------------------------- Code: cd /tmp wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz tar xvfz ISPConfig-3-stable.tar.gz cd ispconfig3_install/install php -q update.php
Till, Upgraded, thanks, all is fine. One minor suggestion since my patch did not make it in the code. In file php_fpm_pool.conf.master in header append -<tmpl_var name='domain'> , like this: Code: [<tmpl_var name='fpm_pool'>-<tmpl_var name='domain'>] so when you list processes you can identify to which domain the running process belongs to. For example the name of the php process wouldb be php-fpm: pool web450-domain.com instead of php-fpm: pool web450 this will save time for us admins.
I see you added rate limiting in Postfix since I got this error message Code: postconf: warning: /etc/postfix/main.cf: multiple entries for "smtpd_client_message_rate_limit" I had this before in main.cf Code: # # RATE LIMITS # smtpd_error_sleep_time = 1s smtpd_soft_error_limit = 10 smtpd_hard_error_limit = 20 smtpd_client_connection_count_limit = 10 smtpd_client_connection_rate_limit = 60 smtpd_client_message_rate_limit = 100 # # #
Till, Any good reason why following entries in file apache_ispconfig.conf.master are not ? I am asking because I have two different ISPConfig installations on the same server and every time I update one of them there is a Code: (98)Address already in use: make_sock: could not bind to address error.
I found a few issues. - update.php ignores custom changed in /usr/local/ispconfig/server/conf-custom/apache_ispconfig.conf.master and default config for /etc/apache2/sites-available/ispconfig.conf is generated - I had manually changed Listen 443 to Listen IP:443 in /etc/apache2/ports.conf but when update.php added a second Listen 443 which generated following error Code: (98)Address already in use: make_sock: could not bind to address [::]:443
I nocited that NginX ISPConfig installations by default still create .htaccess files in web directory for new sites. Do not see a reason for this?
Server setup Debian Wheezy (Apache2, BIND, Dovecot, ISPConfig 3) I have updated the server and now, we are unable to view any websites When I try to restart the apache2 server I get the following error Syntax error on line 6 of /etc/apache2/sites-enabled/000-ispconfig.vhost: Port must be specified Action 'configtest' failed. The Apache error log may have more information. failed! Below is the 000-ispconfig.vhost file ###################################################### # This virtual host contains the configuration # for the ISPConfig controlpanel ###################################################### Listen y NameVirtualHost *:y <VirtualHost _default_:y> ServerAdmin webmaster@localhost Update: I changed the above lines to Listen 8080 NameVirtualHost *:8080 <VirtualHost _default_:8080> Everything is working fine Cheers Scorp
The reason for the issue is that you entered "y" while the installer asked you for the port of the ispconfig vhost.
ISPConfig uses postconf -e to change values in main.cf. Strange that this produced duplicates on your system.
I opened tasks, for issues I mentioned, on the bugtracker. http://bugtracker.ispconfig.org/index.php?do=details&task_id=3598&project=3&order=id&sort=desc http://bugtracker.ispconfig.org/index.php?do=details&task_id=3599&project=3&order=id&sort=desc http://bugtracker.ispconfig.org/index.php?do=details&task_id=3600&project=3&order=id&sort=desc http://bugtracker.ispconfig.org/index.php?do=details&task_id=3601&project=3&order=id&sort=desc
I have issue after upgrade to latest version. I don't know if it's bug or expected behaviour. Before upgrade user was able to set "unlimited" mailbox size. After upgrade it's no longer possible if user has $client["limit_mailquota"] set.
Thats intended. What you could do before was a bug as it allowed to use your client as many space on your server as he wanted. Now the quota system workks correctly and prohbits a unlimited mailbox quota when the client has only limited space on your server.
Thank you for reporting the issues to the bugtracker! As a note to other users, the issues mentioned there are caused by a custom ispconfig setup, they will not occur on the setups that are described in the perfect server guides or ispconfig manual guide. The issue that affects standard setups is "FS#3601 - Stop creating .htaccess files for NginX sites" which is basically a cosmetic thing as this file is not needed for nginx but it does not harm as well. The problem "FS#3599 - update.php ignores custom /conf-custom/apache_ispconfig.conf.master" is not a bug, he just used the wrong path. Custom config files for the installer go into /usr/local/ispconfig/server/conf-custom/install/ and not /usr/local/ispconfig/server/conf-custom/
So... How can I get "unlimited inside clients limit" ? It's common question from my users as they have few accounts and want to share limit between these account. Another thing - mialbox edit dialogs are misleading if it's not possible to set unlimited now.
You can not have unlimited mailbox size within client limits as the lda's from courier and dovecot do not support that. The limit is always per mailbox and ispconfig has to check when the mailbox gets created or updated that the sum of all mailbox limits stays within the client limit. The mailbx dialog is fine as you still can have unlimited mailbox sizes, just go to the client settings and set mailbox quota to -1.
But users are confused with that information. Another thing - I have two fixes for ispconfig interface: http://www.blues.gda.pl/SOURCES/ispconfig-dashlets_round.patch http://www.blues.gda.pl/SOURCES/ispconfig-user_quota_stats_round.patch It removes not-smart 4 digit round on page. nbsp fixes also unwanted line breaks. Please, apply it.
Thank you for the patches. I will see if we can change the wording of the quota field depending on the client limits.
I'm not sure if it's right direction. These values are in few places and I think there should be general function that makes: units convertion, rounding, some formating. This is something I've made for time conversion, but can be easy used for KB/MB/GB: PHP: function sec2human($secs) { $secs = abs($secs); if ($secs >= 365*24*60*60) { return sprintf ('%.1f y', $secs/(365*24*60*60) ); } elseif ($secs >= 24*60*60) { return sprintf ('%.1f d', $secs/( 24*60*60) ); } elseif ($secs >= 60*60) { return sprintf ('%.1f h', $secs/( 60*60) ); } elseif ($secs >= 60) { return sprintf ('%.0f min', $secs/( 60) ); } else { return sprintf ('%.0f s', $secs); } }
Noticed awstats are not working after upgrade, getting 403 on all servers. Reason: .htaccess is unreadable by user?
