DirectAdmin 1.686

fln

fln

Administrator
Staff member
Joined
Aug 30, 2021
Messages
1,230
We are happy to announce the release of DirectAdmin 1.686.

A full release change log is here:

DirectAdmin 1.686


The update should be automatically available for all installations subscribed to the current release channel.

We appreciate all the feedback on forums and issues reported in the ticketing system.

Thanks!
 
Richard G said:
Can we find somewhere which changes are made? CSF changelog from DA?
Click to expand...
The project change log is bundled in the source package:

Code: 
# tar xOf /usr/local/directadmin/custombuild/cache/csf-15.02.tar.gz csf/changelog.txt | less

or just:

Code: 
# less /etc/csf/changelog.txt
 
Last edited:
I installed CSF manually, but thought I'd enable it in CB and update, but my ipset is in /usr/sbin/ (Debian)
Code: 
Restarting CSF...
open3: exec of /sbin/ipset flush failed: No such file or directory at /usr/sbin/csf line 5663.
attempt 1/3 failed

Now it's totally broken, even running the original install.sh

I executed the ln -s /usr/sbin/ipset /sbin/ipset..... Now fine obviously.
 
Last edited:
@LawsHosting, there are not changes regarding ipset in the latest CSF releases. And DirectAdmin does not touch or manage this part of CSF configuration. Most likely your custom installation had problems already, but they were revealed by the upgrade to the latest CSF.

I would guess you are running an old Debian system where `usrmerge` package was never installed. More details: https://wiki.debian.org/UsrMerge

This is a major change in the top level directory layout that all major Linux distributions have performed quite some time ago. The Fedora systems (RHEL upstream) have migrated to merged /usr with Fedora 17 on 13 years ago.

Debian followed a more cautions and slower path:
  • It was optional in Debian 10 (released 7 years ago).
  • It was automatically installed for fresh Debian 11 installs (released 5 years ago), but it was not auto installed when upgrading from older Debian.
  • It is mandatory and always installed on Debian 12 (released 2 years), forced installed on upgrade if missing.
Path to the ipset tool can be configured in CSF configuration field IPSET. I would strongly advice against making symlinks on the system root, this can cause problems during usrmerge migration. A better way forward would be updating the path in the /etc/csf/csf.conf and migrating your system to the usrmerge mode.
 
@JosKlever the DirectAdmin change log does not include changes for the 3rd party software. Each 3rd party software has its own way of tracking changes. The CSF is us using a simple changelog.txt file that is bundled together with the software.
 
@fln I understand it's not included in the DA changelog and I wasn't asking for that. But you mentioned the changelog that we need to extract from the package after installing the update. I'm asking for a publicly available location (a website, github repo etc.) where we can read it before installing the update. I don't know where this release is coming from now the original site was closed. (btw: https://docs.directadmin.com/operation-system-level/securing/csf.html still contains links to the old server)
 
JosKlever said:
@fln I understand it's not included in the DA changelog and I wasn't asking for that. But you mentioned the changelog that we need to extract from the package after installing the update. I'm asking for a publicly available location (a website, github repo etc.) where we can read it before installing the update. I don't know where this release is coming from now the original site was closed. (btw: https://docs.directadmin.com/operation-system-level/securing/csf.html still contains links to the old server)
Click to expand...
The original GitHub repo for CSF is here:
github.com

GitHub - waytotheweb/scripts: Scripts for Way to the Web Limited Products

Scripts for Way to the Web Limited Products. Contribute to waytotheweb/scripts development by creating an account on GitHub.
github.com github.com

The DirectAdmin release files seem to be here:

With the latest CSF tar being:

Shouldn't be too hard to see what's been added/removed 😁
 
@DrWizzle Thanks for the attempt, but on the GitHub repo is no 15.02 version available, so it's not the right repo. I'm not looking for the download but for a direct link to a changelog. I've got a list of links to changelogs of all kinds of software. It should be directly available on a public site, not only hidden in a release archive file.
 
JosKlever said:
@DrWizzle Thanks for the attempt, but on the GitHub repo is no 15.02 version available, so it's not the right repo. I'm not looking for the download but for a direct link to a changelog. I've got a list of links to changelogs of all kinds of software. It should be directly available on a public site, not only hidden in a release archive file.
Click to expand...
No problems. Sorry it couldn't help. I was just thinking along the lines of the original 15.00 was on waytotheweb's repo, so if you compared the latest 15.02 to that, you'd have a changelog of sorts (code wise).

Going back up to @fln 's post, and viewing the changelog for CSF in this release, if that's what you're after before you commit to this upgrade, all that is in the file that's of any use for this release is: (Taken from my updated server yesterday)
Bash: 
ChangeLog:

15.02 - Revert to TESTING=1 in the default config

15.01 - Update LFD faied login detection to be compatible with Dovecot 2.4

        Update default csf configuration for DirectAdmin installations

        Update csf.c wrapper to be compatible with modern gcc

15.00 - Changed license to GPLv3

14.24 - Fixed regression bug in v14.23 "Modified UI HTTP header checks to be
        case agnostic"

14.23 - Modified Apache regexes to detect "remote" or "client" as the IP trigger
        Mdified UI HTTP header checks to be case agnostic
        
        Sanitise CC list strings

14.22 - Removed session IP match check from DA login

        Added example spamassassin temp file regex to csf.fignore for
        new installations

14.21 - Modified IP lookup to strip some missed quotes

        Added exe:/usr/bin/dbus-broker-launch and exe:/usr/bin/dbus-broker to
        csf.pignore for new installations
        
        Added check to ensure that only PUBLIC IP addresses are used when
        loading IPv4 CC zone files
        
        Fixed issue when converting embedded IPv4 addresses in IPv6 connections

14.20 - Modified MaxMind URLs to use https

        Fixed DOCTYPE print order for integrated UI login

        Added "Require all granted" to Messenger v3 .htaccess generation

        Normalise source IP during connection tracking for IPv6 comparisons

        Fixed regression for some IMAP logon failure detections

14.19 - Switch to using iptables-nft if it exists in /usr/sbin/iptables-nft

        Added IO::Handle::clearerr() call before reading data from a log file
 
JosKlever said:
@DrWizzle That's still not a link and I hope you understand that I don't want to come here to ask for a changelog for every future update.
Click to expand...
Gotcha. I'm really sorry for the confusion. Yes, a link to the file would be really beneficial and really helpful. I see where you're coming from 100% now. Once again, sorry for getting confused here! 😊
 
fln said:
the DirectAdmin change log does not include changes for the 3rd party software.
Click to expand...
Correct, but I can understand @JosKlever as it's not really kind of 3rd party anymore since DA is going to maintain it and to updates themselves seperately from other git cloners. So kind of took development over for DA this way.
A link would be easier, I do agree to that, but if it can be seen with a little bit of extra work by unpacking a file, it's fine by me too.
 
@JosKlever. I completely understand you request. However, before the CSF was discontinued it used to perform auto-updates all by itself. The script sources were not published in the github repo. So the standard way of checking the change-log was just checking the change-log file you have locally.

I have updated my original post on checking the change-log with:

Code: 
# less /etc/csf/changelog.txt

So we are trying not to make any big changes. Just keep it running. The CSF code is opensource so we always publish all our changes publicly. At the moment sources are being published in a tarball form. If there would be a need for collaboration we would open up a public repo where others could submit pull-requests. With a repo the change-log could be easier to check. At the moment it is always visible in our published tarball.
 
@fln I understand how it was before, but that's not always how it should be in the future, so that's the reason of my request.Hopefully it will be published in a public repo someday, because then it would be easy indeed. Thanks for now!
 
  • Like
Reactions: fln
You shouldn't be so spoiled. You should be glad that DirectAdmin still supports csf through their own repo. Besides, they don't maintain csf and only make a few adjustments. If you look at the bottom of the csf UI, you still see an old signature and incorrect date with a link to the configserver website.
 
exlhost said:
You shouldn't be so spoiled. You should be glad that DirectAdmin still supports csf through their own repo. Besides, they don't maintain csf and only make a few adjustments. If you look at the bottom of the csf UI, you still see an old signature and incorrect date with a link to the configserver website.
Click to expand...
But I thought they pull the source from the official github repo, then do "their magic" to tweak just for DA.
 
You must log in or register to reply here.
Back
Top