DirectAdmin v1.641 has been released

@webcraft If you're worried about hot fixes in the current channel, you can always switch to the stable channel.
Stable is kind of ... not good (tried to think of a more politically correct word to use than stupid).

Stable doesn't get security updates, which kind of nullifies the point of being called "stable." A better term would be "the version before current." Although, last I checked - stable was 1.63.8 - so it's still a few releases behind.

Best advice I've found is to just not use an auto-update, just do a daily check to see if a new version is available. When a new version is released, find the requisite thread here on the forums and discover what issues are still present and when they all get ironed out. Usually takes a week or two.
 
I tried again and it works, without me doing anything (no fix or reinstall). Maybe also a cache-related issue....?
naybe your server with autoudate: "If we get a report that something does not work as expected we release a hot-fix which get auto-installed to affected servers within hours (we can control hot-fix deploy rate separately from major version upgrade)."
 
@Pzz, if you have auto-updates enabled hot-fix got auto-installed quickly after we released it. There was really an issue in Evolution causing it to freeze with Ooops message when custom CSS URL where configured in the Evolution customizations. Thank you for confirming the issue on the forum so promplty.

The upgrade in how Evolution handles customizations will allow us to save custom CSS modifications directly in the Evolution UI instead of requiring custom CSS file to be uploaded to a 3rd party server. But this will be in next release. Right now we just moved all the existing customizations functionality to new engine. Next release will start utilizing it capabilities :).
 
Quick clarification regarding the changes in DNS management. There are two changes in this release:
  • Reseller access to user DNS settings after login-as which makes sure that after login-as from reseller to user the DNS controls would be visible even if user have no access to DNS and user signing in directly would not see DNS controls.
  • Reseller DNS Administration page - new page similar to admin DNS which shows all the records in the zone. It means resellers can now see all the zones of the users they have. They could use this to make DNS changes to user zones without using login-as feature at all.
We would like to deprecate and remove Reseller access to user DNS settings after login-as in the next release. As both additions solves the same issue - allowing reseller help his user when user have not access to DNS management. We want to get rid of login-as exception because creates unexpected behaviour - reseller using login-as sees more pages then the user would normally see. And the new reseller DNS management page allows doing anything reseller would to after login-as.

We made Reseller access to user DNS settings after login-as just because it used to work like that before. But making Reseller DNS Administration page made it kind of obsolete 😁. Having them both gives users some time to adjust to the new workflow.
 
Last edited:
We would like to deprecate and remove Reseller access to user DNS settings after login-as in the next release.
I can understand that you want to remove this in the next release. But I would like to vote against it. Because still a lot of us still use the Enhanced skin, which is supported by DA. And it seems as this Reseller DNS Administration page is only made for Evo skin.
So this would mean that resellers would be more forced to use Evo, which is not the correct way to go.

Unexpected behaviour - reseller using login-as sees more pages then the user would normally see.
Like which more pages? I never seen more than the user as far as I'm aware of.

Next to that, the MX page where you can set the external mail provider like Office365 or Gmail is not present at this moment either on Admin level DNS administration page.
So when helping the user, also in this case admin and reseller need to login as the user and fix the MX page, which also required DNS administration permissions. This would be gone again (like is the case now in Evo) when removing DNS permissions.

So I think you might be missing some things here and removal should not be done so soon.
 
These changes only affect Evolution skin! DNS control after login-as was working in Enhanced all the time and will continue to work even after we dropped it from Evolution.

Yes we are aware of the MX page which is not present on reseller level, but we expected resellers will be capable of just editing MX records directly and separate MX management page were not necessary 😁.

Do you think resellers needs separate MX page? I would much rather create new page for resellers to manage user MX settings without login-as than to grant extra permissions after login-as.

What I had in mind with unexpected behaviour was the fact that after reseller->user login-as DA behaves differently than it would if user just signed in directly. Removal of Reseller access to user DNS settings after login-as would remove this unexpected behaviour, I am not aware of any more such differences after login-as. Well except CMD_LOGOUT 😁 which returns you to original account rather than logout completely.
 
Never knew this. @sparek how would I identify if a new release contained a security update?

You just have to read the changelog or find the thread on these forums that talk about any new DirectAdmin release.

Of note:


This was when 1.63.5 was released that fixed a lot of security issues, but if you were on stable you were left stuck with 1.63.3 which did not get the security fixes. (There's a lot of other discussion about this in that thread)

This is what soured me on using stable - seemed to have missed the point that it was meaning to cover.

Personally, for me, I prefer to keep a system as stable as possible and avoid having to deal with changes with updates. We run production servers, with customers that pay us. We also customize a lot of stuff on our servers. So there is an investment in time and resources of having to rearrange those customizations every time a new control panel version is released. And most of our users couldn't care less if the text and icons are shiny.

The problem with all of these "hotfixes" is that we may spend hours and other resources making sure the recent update didn't break any of our customizations. Then a new hotfix is released so we have to repeat that. Then another hotfix, repeat... hotfix, repeat... So we just wait a week or so for the "current" channel to stabilize and then update.

It's things like this that really give me pause as to where DirectAdmin stands in the hierarchy of control panels. To me, it still has the feel of being a control panel for web hosting hobbyists and not so much web hosting consumer oriented. If you have one server hosting your own website or a few friends websites - or I suppose even a small web hosting consumer product, then this may not be as big of a deal. If you stay tuned into this forum and can afford to constantly be making tweaks, then the hotfixes and unstable product releases probably don't affect you as much. But if you are running an actual business where tech resources are spread out over many, multiple servers and other systems, then time spent dealing with these changes in DirectAdmin can be costly.

This is not a knock against DirectAdmin or anything. It's certainly an overall solid product. And there's a transparency factor that in some ways makes it easier to customize. Before the other control panel fiasco, I do think DirectAdmin was more of a hobbyists control panel. Then there was an influx of people coming over from that other control panel and the DirectAdmin developers have had to shift from being hobbyist oriented to more consumer oriented and they just haven't gotten all of that ironed out yet.

I don't know what or if there is a real solution to this. The same issue plagues that other control panel as well. Too few people really stress test the beta or pre-production release of the products. Maybe DirectAdmin should consider splitting the product into a hobbyist-grade and a consumer-grade product. With hobbyist-grade getting rapid releases and where those users are constantly finding issues before it gets released into the consume-grade product. Kind of like what RedHat did with Fedora vs. RedHat Enterprise, when they dropped the free RedHat distribution. Fedora was free, but was basically an arm to test systems before they got put into the licensed RedHat Enterprise. (Not sure if this still holds true now since IBM bought RedHat and Fedora, RHEL, and CentOS all fit under one umbrella now)
 
These changes only affect Evolution skin! DNS control after login-as was working in Enhanced all the time and will continue to work even after we dropped it from Evolution.
No it didn't! Now this is the exact problem I'm talking about and because I encountered the issue I reported. Because this causes an issue.
You can test for yourself it's easy to reproduce.
Use a reseller using Enhanced skin, now login via the reseller as user which uses Evo skin. You will see that you can't use the DNS manager due to lack of permission. Which is the reason I reported this issue and this reseller dns management was made.

Yes we are aware of the MX page which is not present on reseller level, but we expected resellers will be capable of just editing MX records directly and separate MX management page were not necessary 😁.
I don't find this a laughing matter. Because this was just an easy task. Enter the MX page and enter Office 365 (for example) and all DNS records would be put in to place by DA automatically.
So we need to go do this all manually again? I'm certainly not amused.

I never encountered odd or different behaviour behaviour when loggin in as the user as far as I remember.
which returns you to original account rather than logout completely.
Which would be working as designed. If you login as reseller, and then as user, why should you be logged out completely? Maybe you have other work as reseller so the reseller login should still be active. So this is a good thing. Works also this way in cPanel by the way.
 
Use a reseller using Enhanced skin, now login via the reseller as user which uses Evo skin.
That is exactly what I had in mind saying it only affects Evolution. If user (not reseller) uses Enhanced skin it will continue seeing DNS management option in Enhanced after this backwards compatibility mode is dropped from Evolution.
I don't find this a laughing matter. Because this was just an easy task.
I am sorry for bad emoji selection. I meant it not as laughing at someone, but rather as grinning fully aware that I am stating something controversial.

This issue of using login-as to do something that user is not allowed to do is conceptually wrong. I understand it was done that way in the past as a workaround (to avoid giving resellers access over user DNS settings and just abusing the existing page on user level). It is wrong by design because login-as functionality is intended to perform actions on behalf of the user. So if user is not allowed to control hist DNS settings it means using login-as functionality should not lift this restriction. If we start abusing login-as feature for bypassing access controls we will open a big can of worms (which is partly open already, but we are working on closing it). For example if user is not allowed to use GIT feature, should reseller after login-as be able to control user GIT repositories? What if user is not allowed SSL access? These are not practical questions but just illustration that the whole concept is wrong. Of course DNS is special in this case because without it nothing would work - it is not like you can opt-out of using DNS.

But this raises a legitimate question why would you prevent user from managing his DNS settings? This issue only affect the clients where DNS control is not allowed for them. Without going into a long debate lets assume there are valid cases where you would like to do that. But if you do that it falls on the reseller to manage users DNS for him. That is why we need to give reseller to the tools to do this rather than leave backdoors in DA security system.

I see two ways out of this situation:
  • Always allow users to access MX settings page, DNS control off in user config would still disable DNS control page (adding and removing arbitrary records).
  • Create a special page for reseller to control user MX settings without login-as.
I would really like to better understand the practical use cases of restricting DNS control for users. This would shed some insight on how to approach this further. However I am a little bit worried this might turn out a long discussion that would completely hijack this thread dedicated to new release. @Richard G should we jump to a private conversation or separate thread?
 
If user (not reseller) uses Enhanced skin it will continue seeing DNS management option in Enhanced after this backwards compatibility mode is dropped from Evolution.
Yes, but the problem is that it doesn't work the other way around, with reseller using enhanced and user is using Evo.

@Richard G should we jump to a private conversation or separate thread?
I like both of your solutions given out of the situation, but I will start a private conversation with you, and then we can see if a seperate thread could be interesting for others to join or not.
 
After this update we started to have problems with the customization of the menu (Customize Evolution Skin area). The interface indicates that the changes were saved, but it is possible to notice that it was not saved when reloading the page. The "Layout" menu also started to display a blank screen, and it only started working again after we reset the customizations and lost everything!

We are concerned, with each new update new bugs are introduced, indicating development and testing failures. It is possible to notice this lack of checking even in simple details, such as typos (for example, in Customize Evolution Skin > Menu - "Customize your men"). Improvements and new features are extremely welcome, but the control panel is the heart of the hosting environment and requires better testing.

Documentation is also weak, sometimes unclear or incomplete. In a recent update, resellers lost access to DNS administration, generating a high volume of support requests.

I believe that as bug reports from old customers with perpetual licenses are no longer welcome and are now ignored, DirectAdmin should invest in more testing and review capabilities of their own, avoiding releasing "stable" updates that look like beta test.

It's great to see DirectAdmin evolving, but it would also be nice to be more careful to avoid bugs.
 
hi @unihostbrasil, quick followup.

Thanks for reporting the issue. You have not lost all the customizations please revert to previous version (v1.640) with command da update 8c3f499aab9e9b51feb3e1fcb07de4138c858f67. And all the customizations will be back (even if you cleared them).

The latest version converts customizations to the new engine by converting /usr/local/directadmin/data/users/{username}/skin_customizations/evolution/config.json into multiple config files:
  • files/colors-v1.json
  • files/date-formats-v1.json
  • files/menu-v1.json
  • files/options-v1.json
Old config file are left untouched and when you revert to the old version it will continue using the old customizations file.

If you would open a support ticket we would ask a copy of your /usr/local/directadmin/data/users/{username}/skin_customizations/evolution/config.json file to check why automatic migration to new engine failed. This would allow us to fix the issue quickly. My hunch is that this will involve some rarely used combination of customizations and affects only a small fraction of installations.

Once we release and update with improved customizations conversion doing rm -rf /usr/local/directadmin/data/users/*/skin_customizations/evolution/files will force Evolution to try and migrate old config.json file to the new format again.

Regarding the DNS control, this release resolves the issue.
 
We have collected some minor fixes and pushed a hot-fix update for 1.641 release. Changes:
  • Fixed typo in menu customization title Customize your men -> Customize your menu, thanks @unihostbrasil
  • A fix for menu customizations not always being saved, report in tickets
  • Style improvement for Evolution customizations in dark mode
  • Login keys UI improvement as mentioned by @realcryptonight
  • Included a new fix Restore of LetsEncrypt creation_time prevents renewal that was actually sitting in queue for 1.642 release
 
One more update. We finally were able to reproduce the issue @unihostbrasil mentioned about Evolution Skin Customizations Layouts page being blank 🕺. Root cause triggering such situation turned out to be customizations saved with a very old version of Evolutions (which had less configuration options available).

We fixed it now and pushed Evolution update.
 
Back
Top