apnscp 3.1 released

apnscp (a/k/a "ApisCP") 3.1 has been released! Codenamed "Business as Usual", 3.1 shifts focus back from widescale adoption to innovation. This release covers several postponed items that were intended in 3.0, but required significant buildup of other areas to satisfactorily implement.

Upgrading

apnscp will upgrade as part of normal nightly updates (see UPGRADING.md). A manual upgrade may be initiated via upcp. upcp will always adhere to your upgrade policy, so ensure the policy is set to edge, major, or all. cpcmd config:get apnscp.update-policy will confirm the policy and cpcmd config:set apnscp.update-policy major will set the default update policy to include all patch and minor updates.

PHP-FPM

PHP-FPM is implemented as a socket-activated service in systemd. Socket activation only spawns a worker pool on page activity, which mitigates a Thundering herd problem in mass deployments. PHP-FPM has been tested exhaustively on 500+ account platforms with minimal impact of service on startup.

This implementation makes use of systemd's excellent dependency tracking to only start once MySQL and PostgreSQL further enhancing startup abilities of both database servers. Upon activation, PHP-FPM worker is chroot'd to the respective account either as an unprivileged system user or - as a cPanel behavior - the account user; however, this practice is highly discouraged. Documentation is covered in PHP-FPM.md.

TimescaleDB

Massive time-series data aggregation poses a significant challenge as platforms accumulate more data with age. Bandwidth data is binned every 3 minutes (controlled via [bandwidth] => resolution in config.ini). Over the span of 12 months with over 500 sites the number of records balloons to 87.6 million records; a lot to sum when looking at historical records. Worse yet record lookups become expensive with simple algorithms. For example, average case runtime to retrieve a record requires 27 steps (big O log2). We can do better by partitioning data into windows. Knowing that bandwidth cycles every month, data can be separated into smaller chunks, 30 day 7.3 million records per segment thus limiting the amount of searches required by 15%. These chunks are unified into a single virtual table called a hypertable thus ensuring transparent storage mechanism for time-series data.

Improved retrieval performance isn't the best feature, continuous aggregates ("cagg") are! A cagg works in the background, automatically, to summarize data from individual data points. Going back to the bandwidth example, if we know bandwidth updates every 5 minutes, TimescaleDB recalculates the total, storing in cache, every 5 minutes in revised totals.

Bandwidth lookups fly now! Prior to caggs, the previous bandwidth overage query took over 20 seconds to run; now it completes in 1/100th the time, 200 ms.

As part of 3.1, TimescaleDB will provide real-time reporting on account resource usage via cgroups allowing the panel to quickly revoke access on sites that exceed their 24-hour quotas (or 30-day). Windows are flexible and extensions simple to use. For example to get the bandwidth used by all domains yesterday, in 5 minute resolutions filling in omissions in data:

SELECT
	site_id,
	TIME_BUCKET_GAPFILL('5 minutes', ts) AS bucket, 
	SUM(in_bytes+out_bytes) AS sum 
FROM 
	bandwidth_log 
WHERE 
	ts >= NOW() - INTERVAL '1 day' AND ts < NOW() 
GROUP BY site_id, bucket 
ORDER BY site_id, bucket;

Bandwidth limits

Following Timescale implementation, bandwidth enforcement is active in 3.1. Thresholds may be configured in config.ini within [bandwidth] that control notification and suspension thresholds. Bandwidth may be optionally forgiven using the bandwidth:amnesty API method for appliance admin:

# Bandwidth is now forgiven for the domain, which ends on the bandwidth cycle day
cpcmd bandwidth:amnesty domain.com

ACME v2

apnscp now supports Let's Encrypt ACME v2 protocol. Upon upgrading to apnscp 3.1, an automated migration will update all v1 certificates, which begins its sunset November 1. Wildcard certificates are supported now supported as well. Provided apnscp has control over the DNS for the domain (see DNS.md), this challenge attempt is preferred extending the theoretically maximum number of SSL-protected domains to 50 (wildcard + base domain, 100 hostname limit in SNI). Let's Encrypt issuance is covered in SSL.md.

cPanel/apnscp imports

Restoring from both cPanel and apnscp backups are now supported in apnscp. cPanel restores cover all aspects except for PostgreSQL backups. apnscp restore support is in preview and will be further developed in 3.1. Backups are always strongly encouraged. A drop-in solution with Bacula exists as an addin for apnscp. See Migrations.md for additional information.

Bootstrapper addin facility

Addins are drop-in packages that alter the platform in a meaningful way. As with Bootstrapper, any package that alters system state must do so using Ansible to ensure platform durability. Unleashing a shell script with an assortment of fallible sed commands (that can't even be bothered to set -euo pipefail!) are so 1996. Running a couple commands that automate changes and only change what needs to be changed, plus give you a digest of these changes, that's now.

A few packages of varying complexity were released during 3.1 development to provide a framework for using the Addin system:

PowerDNS courtesy Lithium Hosting
Bacula
rspamd DQS

While not strictly enforced yet, we ask that third-party developers who release modules bundle these modules with plays so that an administrator may run the plays to heal the platform. If you have any questions with writing plays, stop by our developer chat!

Delegated whitelisting

Rampart provides generalized protection to all facets of platform: MySQL, IMAP, POP3, SMTP, SSH, panel access, HTTP, and so on. Any service accessible is guarded against brute-force attacks by Rampart, which results in some interesting scenarios with SOHO businesses. Delegated whitelisting allows account administrators to declare up to n IPv4/IPv6 addresses immune from brute-force deterrence.

When the address is in a delegated whitelist (Account > Whitelist), an address is immune from brute-force blocks. A user that logs into the panel with the blocked IP address is still presented with a popup explaining the service that triggered a block.

SSO subordinate domains

Bridging the gap between reseller and typical hosting accounts, apnscp now supports login to child domains by the parent. For the first domain, set the service parameter billing,invoice=IDENTIFIER. For each child domain parented to this domain, set billing,parent_invoice=IDENTIFIER. Child domains may not login to the parent unless transitioned into by the parent and only within the session transitioned from which the parent transitioned.

Domain transitioning is a simple process within the user card dropdown. If no known domains are on the same server as the parent, the domain is presented normally.

IMAP/POP3/SMTP SNI

IMAP, POP3, and SMTP now support SNI via implicit SSL. Any SSL certificate installed on an account is also available for use with email. Note that explicit (opportunistic SSL via "STARTTLS") does not support SNI. IMAPS (993), POP3S (995), and SMTPS (465) now utilize SNI via haproxy as an SSL terminator. Further work will explore using haproxy to terminate HTTPS traffic as well greatly simplifying the HTTP stack, providing a lightweight DoS sink, and providing zero downtime rolling restarts for all SSL certificates changes. haproxy may be enabled (or disabled) using the cp.bootstrapper Scope.

cpcmd scope:set cp.bootstrapper haproxy_enabled true
upcp -sb

IPv6 support

IPv6 support is here! All components are covered (via PR#1).

NAT + hairpin network checks

apnscp now detects if your machine is on a private IP address and configures itself accordingly. Moreover, hairpinning is also detected when performing self-referential accessibility checks prior to SSL issuance.

PowerDNS support

As a contribution from Lithium Hosting, apnscp now includes support for PowerDNS. When migrating from a cPanel server that already uses PowerDNS, apnscp will work in tandem with the DNS cluster to change DNS.

cpcmd scope:set cp.bootstrapper powerdns_enabled true
upcp -sb software/powerdns
cpcmd scope:set dns.default-provider powerdns

Additional configuration will be necessary in auth.yaml if the same server is not hosting the DNS master. README.md as part of the PowerDNS distribution covers configuration in depth!

WHMCS compatibility

A few changes were introduced to improve compatibility with account tracking in WHMCS, including the separate WHMCS module provided by Lithium Hosting. Disallow username changes via [auth] => allow_username_change. Users may no longer change their username thus allowing WHMCS to operate correctly.

cpcmd scope:set cp.config auth allow_username_change false

cpcmd yaml/json output

cpcmd now supports a variety of output specifiers including Yaml and JSON:

cpcmd -o yaml admin:list-plans
cpcmd -o json admin:list-plans
cpcmd -o cli admin:list-plans
cpcmd -o var_dump admin:list-plans
# And for nostalgia...
cpcmd -o print admin:list-plans

IO + resource throttling

To set a 2 MB/s write throttle on all PHP-FPM tasks use blkio,writebw or throttle IOPS use the "iops" equivalent, blkio,writeiops:

EditDomain -c cgroup,writebw=2 domain.com
# Apply the min of blkio,writ.ebw/blkio,writeiops
# Both are equivalent assuming 4 KB blocks
EditDomain -c cgroup,writebw=2 -c blkio,writeiops=512 domain.com

Memory ceilings likewise may be set via cgroup,memory.

# Set ceiling of 512 MB for all processes
EditDomain -c cgroup,memory=512 domain.com

IO and CPU weighting may be set via ioweight and cpuweight respectively. ioweight requires usage of the CFQ/BFQ IO elevators.

# Default weight is 100
# Halve IO priority, double CPU priority
EditDomain -c cgroup,ioweight=50 -c cgroup,cpuweight=200 domain.com

IO throttles also affect tasks spawned from the terminal including Node, Ruby, and Python processes in addition to mail services (last mile delivery via Maildrop + Dovecot IMAP/POP3 access).

Web App blacklists

Disallow web apps for your site via [webapps] => blacklist. For example to disable all web apps but WordPress:

cpcmd scope:set cp.config webapps blacklist '*,!wordpress'

Security improvements

Following an excellent Rack911 audit, further adjustments have been introduced in 3.1 to reinforce the principle of least privilege:

mysql:export-pipe(), pgsql:export-pipe() drop permissions prior to export
Job runner drops permissions voluntarily unless a job requests to elevate. Certain tasks such as Bootstrapper that require elevation will continue to run without occupying a worker slot.
Process calls that drop via suid/sgid settings drop UID/GID in all components of the pipeline
Any process spawned with an effective UID will continue to retain this effective UID for successive spawns. Forked processes can optionally discard the privileged UID (normally "root") by setting the "suid" option prior to execution.
unshare() syscall is experimental. Spawning a session via SSH, crond, or login will create a new PID namespace. PID namespacing detaches the system process tree from the active session replacing it with a limited process tree. This deflects chroot breakage via /proc/1/root traversal.

IP-restricted access

Panel access may be restricted to an IP address or range of IPs via auth,iprestrict service setting. The default value is inherited from [auth] => ip_restriction_limit in config.ini. Access lists may be setup via Account > Settings > Security within the panel. Set to 0 to disable this server-wide except for the appliance administrator. Accounts that SSO ("Login As" feature) do not honor IP-restrictions.

Altering API sensitivity

API calls follow a consistent flow with the UI: only unhandled exceptions or fatal() macro calls terminate flow. Errors may be fatal at the API callee's discretion. Sensitivity may be adjusted in API calls by packaging an "Abort-On:" header that corresponds to the Error Reporter types. For example, if using the Util_API client:

$client = \Util_API::create_client(
    $key, 
    null, 
    null, 
    [
        'stream_context' => stream_context_create([
             'http' => [
                  'header' => 'Abort-On: info'
             ]
         ])
     ]
);

SOAP API calls will terminate whenever an info() macro is used. This works great with error() calls that may arise when adding a side. These would otherwise be encoded in SOAP headers that can be difficult to extract.

Feature renames

Scopes are now accessible via the scope module. In 3.0 Scopes resided in a confusing "config" module. apnscp Scope namespace has been shorted to "cp" as well.

# On 3.0:
cpcmd config:get apnscp.update-policy
# On 3.1:
cpcmd scope:get cp.update-policy

FLARE service

FLARE is a beacon service built to push out multiple, same-day updates in response to zero-day threats. All 3.1 servers participate in FLARE. A FLARE signal forces upcp, which respects the update policy of the server.

That's the major features for 3.1. Now onto 3.2 and beyond! Thank you for everyone for your feedback thus far. Feedback is what makes a product great, so hop by our Discord server if you haven't yet.

Changelog

SEC: reset_path()- chown operates on referent rather than link (file)
NEW: initial support for creating apnscp sites from backups (Migration)
NEW: -m/--multi, stream multiple commands delimited by a semicolon (cpcmd)
NEW: BSCHECK, influence Bootstrapper singleton check (upcp)
NEW: storage logger (scripts)
NEW: bandwidth tracking/enforcement
NEW: Site Admin (docs)
NEW: defer()- late scoped destructor. Similar in usage to "defer" keyword in Go (helpers)
NEW: auth,maxrestrict - limit number of IP-based restrictions for a site (Opcenter)
NEW: IP restrictions (Auth)
NEW: "php-fpm" service for mass PHP-FPM management (templates)
NEW: listAll()- get all systemd services (System\GenericSystemdService)
NEW: apache.evasive-wordpress-filter- apply stringent brute-force rules to protected WordPress resources (Settings\Apache)
NEW: hairpin detection on self-referential URLs (HTTP)
NEW: SSL options (Settings)
NEW: wildcard Let's Encrypt SSL support (SSL Certificates)
NEW: [letsencrypt] => unify_registration controls whether all SSL certificates under a single admin or dispersed (config)
NEW: ssl.X scope (Admin\Settings)
NEW: apache,webuser may be account user (Service\Validators)
NEW: AAAA, ANY support (Net::Gethost)
NEW: stat()- interospection of /proc/$PID/stat (Opcenter\Process)
NEW: getProcessStatus()- get related process information (Util::Process)
NEW: JSON input argument source to cpcmd. Flexible parsing, undecorated arguments implicitly decoded as string (CLI)
NEW: PHP-FPM (docs)
NEW: PHP-FPM group control service, php-fpm-siteXX (templates)
NEW: killAs()- send signal as effective user id (Opcenter\Process)
NEW: PHP-FPM. Transition over with apache,jail=1 (Opcenter)
NEW: UNCHARGE option, removes cgroup treatment from query (DataStream)
NEW: ioweight, readiops, writeiops, readbw, writebw resource enforcement (plans)
NEW: get scheduler, block device from mount point (Opcenter\Filesystem)
NEW: dynamic systemd services (Opcenter\System)
NEW: --no-builtin option, disable PharData usage (Opcenter\Migration)
NEW: domain switching frontend (Layout)
NEW: [auth] => subordinate_site_sso permit hijacking logins when domain is parented (config.ini)
NEW: service version upgrades (Validators\Common)
NEW: "Abort-On" header, minimum error reporter class that will terminate flow. Sample values include fatal (default), error, warning, debug, deprecated (SOAP)
NEW: gethostbyaddr_t()- support IPv6 lookups (Net)
NEW: Whitelist app (Account > Whitelisting)
NEW: namespaced remediator. Addon domains are assigned to separate user accounts (Opcenter\Migration)
NEW: username, domain, database tuneables via [auth] => allow_xxx_change (config)
NEW: admin may manage DNS for all domains (DNS Manager)
NEW: --delete flag, remove backup on successful import (Opcenter\Migration)
NEW: addon domain filter (Nexus)
NEW: admin user search (Nexus)
NEW: Terminal themes
NEW: shellinabox themes (Terminal)
NEW: fs.tmp-mount configuration scope (Admin\Settings)
NEW: apache,subnum limit number of subdomains on an account (plans)
NEW: array_cardinal, filter and unique elements with optional callback comparison (helpers)
NEW: cPanel Migration
NEW: cPanel DNS import (Migration\Formats)
NEW: getOldServices() helper (AccountInfoTrait)
NEW: "hostname" matching (Dns\Record)
NEW: IPv6 support (Opcenter)
NEW: cPanel import facility (ImportSite)
NEW: index (page_template.tpl) uses Blade (views)
NEW: getspnam() syscall emulation (Opcenter\Auth)
NEW: SOAP hijack test (tests)
NEW: open callback. Occurs prior to proc_open() call. (Util_Process)
NEW: suid, sgid options. Set group/user ID if process privileged (Util_Process)
NEW: contextability support (Util_Process::Sudo)
NEW: fuser support (Opcenter\Filesystem)
NEW: AP-03 unit test (tests)
NEW: setuid on fork (Util_Process::Fork)
NEW: redact conflicting htaccess directives (Webapps)
NEW: mlist,max mailing list limit (Opcenter\Services)
NEW: billing,ctime service value. Date of account creation (Service\Validators)
NEW: [billing] => demo_invoice, all accounts tagged with this invoice are demos (config.ini)
NEW: remove()- mark application inaccessible to logged in user (Template\Engine)
NEW: always encrypt SSO password using [auth] => secret (UI)
NEW: first run placeholder (Nexus)
NEW: filter support (Nexus)
NEW: override specific blades with corresponding config/custom/apps//views/ (Page Container)
NEW: SquashValue interface, any service value will be implicitly converted to scalar prior to validation (Opcenter\Service)
NEW: [style] => gravatar, change or disable gravatar display (config.ini)
NEW: [webapps] => blacklist, set a list of disabled webapps (config.ini)
NEW: systemd abstraction (Opcenter/System)
NEW: rampart service. Controls management of delegated whitelists. Default controlled via [rampart] => delegated_whitelist (Opcenter\Service)
NEW: Laravel test (tests)
NEW: Ghost/Discourse unit tests (tests)
NEW: apache.evasive-static-bypass scope. Ignore evasive counter on static files (Admin\Settings)
NEW: [mysql] => concurrency_limit, [pgsql] => database_concurrency_limit. Set maximum database connections allowable by site admin (config.ini)
NEW: MariaDB yum plugin (Yum::Synchronizer)
NEW: system.sshd-pubkey-only scope, toggle login via pubkey only (Admin\Settings)
NEW: licensing tool (scripts/license.php)
NEW: protocol test (apnscpd)
NEW: support yaml, json, cli output formats via -o (cpcmd)
NEW: "config_get apnscp.bootstrapper role/name"- display merged role defaults (Opcenter\Admin)
NEW: initial support for creating apnscp sites from backups (Migration)
NEW: -m/--multi, stream multiple commands delimited by a semicolon (cpcmd)
NEW: BSCHECK, influence Bootstrapper singleton check (upcp)
NEW: storage logger (scripts)
NEW: bandwidth tracking/enforcement
NEW: Site Admin (docs)
NEW: defer()- late scoped destructor. Similar in usage to "defer" keyword in Go (helpers)
NEW: auth,maxrestrict - limit number of IP-based restrictions for a site (Opcenter)
NEW: IP restrictions (Auth)
NEW: "php-fpm" service for mass PHP-FPM management (templates)
NEW: listAll()- get all systemd services (System\GenericSystemdService)
NEW: apache.evasive-wordpress-filter- apply stringent brute-force rules to protected WordPress resources (Settings\Apache)
NEW: hairpin detection on self-referential URLs (HTTP)
NEW: SSL options (Settings)
NEW: wildcard Let's Encrypt SSL support (SSL Certificates)
NEW: [letsencrypt] => unify_registration controls whether all SSL certificates under a single admin or dispersed (config)
NEW: ssl.X scope (Admin\Settings)
NEW: apache,webuser may be account user (Service\Validators)
NEW: AAAA, ANY support (Net::Gethost)
NEW: stat()- interospection of /proc/$PID/stat (Opcenter\Process)
NEW: getProcessStatus()- get related process information (Util::Process)
NEW: JSON input argument source to cpcmd. Flexible parsing, undecorated arguments implicitly decoded as string (CLI)
NEW: PHP-FPM (docs)
NEW: PHP-FPM group control service, php-fpm-siteXX (templates)
NEW: killAs()- send signal as effective user id (Opcenter\Process)
NEW: PHP-FPM. Transition over with apache,jail=1 (Opcenter)
NEW: UNCHARGE option, removes cgroup treatment from query (DataStream)
NEW: ioweight, readiops, writeiops, readbw, writebw resource enforcement (plans)
NEW: get scheduler, block device from mount point (Opcenter\Filesystem)
NEW: dynamic systemd services (Opcenter\System)
NEW: --no-builtin option, disable PharData usage (Opcenter\Migration)
NEW: domain switching frontend (Layout)
NEW: [auth] => subordinate_site_sso permit hijacking logins when domain is parented (config.ini)
NEW: service version upgrades (Validators\Common)
NEW: "Abort-On" header, minimum error reporter class that will terminate flow. Sample values include fatal (default), error, warning, debug, deprecated (SOAP)
NEW: gethostbyaddr_t()- support IPv6 lookups (Net)
NEW: Whitelist app (Account > Whitelisting)
NEW: namespaced remediator. Addon domains are assigned to separate user accounts (Opcenter\Migration)
NEW: username, domain, database tuneables via [auth] => allow_xxx_change (config)
NEW: admin may manage DNS for all domains (DNS Manager)
NEW: --delete flag, remove backup on successful import (Opcenter\Migration)
NEW: addon domain filter (Nexus)
NEW: admin user search (Nexus)
NEW: Terminal themes
NEW: shellinabox themes (Terminal)
NEW: fs.tmp-mount configuration scope (Admin\Settings)
NEW: apache,subnum limit number of subdomains on an account (plans)
NEW: array_cardinal, filter and unique elements with optional callback comparison (helpers)
NEW: cPanel Migration
NEW: cPanel DNS import (Migration\Formats)
NEW: getOldServices() helper (AccountInfoTrait)
NEW: "hostname" matching (Dns\Record)
NEW: IPv6 support (Opcenter)
NEW: cPanel import facility (ImportSite)
NEW: index (page_template.tpl) uses Blade (views)
NEW: getspnam() syscall emulation (Opcenter\Auth)
NEW: SOAP hijack test (tests)
NEW: open callback. Occurs prior to proc_open() call. (Util_Process)
NEW: suid, sgid options. Set group/user ID if process privileged (Util_Process)
NEW: contextability support (Util_Process::Sudo)
NEW: fuser support (Opcenter\Filesystem)
NEW: AP-03 unit test (tests)
NEW: setuid on fork (Util_Process::Fork)
NEW: redact conflicting htaccess directives (Webapps)
NEW: mlist,max mailing list limit (Opcenter\Services)
NEW: billing,ctime service value. Date of account creation (Service\Validators)
NEW: [billing] => demo_invoice, all accounts tagged with this invoice are demos (config.ini)
NEW: remove()- mark application inaccessible to logged in user (Template\Engine)
NEW: always encrypt SSO password using [auth] => secret (UI)
NEW: first run placeholder (Nexus)
NEW: filter support (Nexus)
NEW: override specific blades with corresponding config/custom/apps//views/ (Page Container)
NEW: SquashValue interface, any service value will be implicitly converted to scalar prior to validation (Opcenter\Service)
NEW: [style] => gravatar, change or disable gravatar display (config.ini)
NEW: [webapps] => blacklist, set a list of disabled webapps (config.ini)
NEW: systemd abstraction (Opcenter/System)
NEW: rampart service. Controls management of delegated whitelists. Default controlled via [rampart] => delegated_whitelist (Opcenter\Service)
NEW: Laravel test (tests)
NEW: Ghost/Discourse unit tests (tests)
NEW: apache.evasive-static-bypass scope. Ignore evasive counter on static files (Admin\Settings)
NEW: [mysql] => concurrency_limit, [pgsql] => database_concurrency_limit. Set maximum database connections allowable by site admin (config.ini)
NEW: MariaDB yum plugin (Yum::Synchronizer)
NEW: system.sshd-pubkey-only scope, toggle login via pubkey only (Admin\Settings)
NEW: licensing tool (scripts/license.php)
NEW: protocol test (apnscpd)
NEW: support yaml, json, cli output formats via -o (cpcmd)
NEW: "config_get apnscp.bootstrapper role/name"- display merged role defaults (Opcenter\Admin)
NEW: enabled() method (ftp, spamfilter)
NEW: amnest()- grant bandwidth amnesty for account (bandwidth)
NEW: support IPv6 whitelisting (rampart)
NEW: restrict_ip(), remove_ip_restriction(), get_ip_restrictions()- IP-based login restrictions (auth)
NEW: changes_pending()- account has unsynchronized domain changes (aliases)
NEW: bootstrap()- attempt to request wildcard certificates for all domains on an account (letsencrypt)
NEW: support wildcard certificates, verify ip/strict renewals part of preferences (letsencrypt)
NEW: collect()- query restrictor usage, filter collection matching service values (admin)
NEW: blkio controller (cgroup)
NEW: hijack() supports SSO into subordinate accounts (site)
NEW: max_delegations()- maximum number of whitelists available to site (rampart)
NEW: collect(), generate collection of accounts (admin)
NEW: set_privileges() - allow wildcard privileges to be applied (mysql)
NEW: IPv6 support (email, dns)
NEW: enabled() - mailing list service enabled (majordomo)
NEW: hijack()- gated authentication. Account hijacks are localized to the authentication gate in which they occur. hijack() adds an additional parameter to specify the gate the hijack should occur in (admin)
NEW: get_service_info()- get all parameters belonging to a service (admin)
NEW: enabled()- account is privileged to use rampart delisting feature (rampart)
NEW: plan methods (admin)
NEW: read_map()- get mappings/ contents (admin)
NEW: get_jail_entries()- get fail2ban entries (rampart)
NEW: banned_services()- list Rampart services for which given IP is banned (rampart)
NEW: whitelist delegation (rampart)
NEW: whitelist(), blacklist()- permanent blacklist/whitelist management (rampart)
NEW: active()- monitoring active (argos)
NEW: haproxy ssl support (email)
NEW: PowerDNS support
NEW: add aggregate views (apnscp/initialize-db)
NEW: whitelist6, blacklist6 IPv6 whitelist support (network/setup-firewall)
NEW: TimescaleDB (apnscp/initialize-db)
NEW: postfix_smarthost_tls controls encryption level (mail/configure-postfix)
NEW: PostgreSQL v12 support (packages/install)
NEW: experimental PostgreSQL 12 support (packages/install)
NEW: FLARE service (apnscp/install-services)
NEW: per-version build flag support (php/build-from-source)
NEW: account filter bridge (common)
NEW: add PHP-FPM configuration (apnscp/php-filesystem-template)
NEW: bind systemd runtime directory (apnscp/bootstrap)
NEW: apnscp/filesystem-checks (bootstrap)
NEW: ccache support (system/compiler)
NEW: compiler defaults (system/compiler)
NEW: pigz (packages/install)
NEW: add ImportDomain to bin path (migrations)
NEW: PID namespacing (system/pam)
NEW: support modules, library installation (addin)
NEW: periodically prune/vacuum fail2ban database (fail2ban/configure-jails)
NEW: set /etc/pip.conf (software/pyenv)
NEW: callback plugin, actionable_classic. Terse actionable type without "included:" markup (plugins)
NEW: php_install_ioncube- include ionCube support in system PHP release (php/install)
NEW: toggle pubkey-only authentication via sshd_pubkey_only (system/sshd)
NEW: custom kernel usage (system/kernel)
NEW: haproxy SNI mail termination
NEW: postfix_smarthost_tls controls encryption level (mail/configure-postfix)
NEW: experimental PostgreSQL 12 support (packages/install)
NEW: FLARE service (apnscp/install-services)
NEW: pigz (packages/install)
NEW: toggle pubkey-only authentication via sshd_pubkey_only (system/sshd)
NEW: add ImportDomain to bin path (migrations)
NEW: support modules, library installation (addin)
NEW: periodically prune/vacuum fail2ban database (fail2ban/configure-jails)
NEW: set /etc/pip.conf (software/pyenv)
NEW: callback plugin, actionable_classic. Terse actionable type without "included:" markup (plugins)
NEW: php_install_ioncube- include ionCube support in system PHP release (php/install)
FIX: authorized_functions()- use short-hand notation (afi)
FIX: scaffold afi instance to satisfy modules that have API dependencies on init, such as with Web Apps (apnscpd)
FIX: nonblocking socket drains too quickly on large payloads (apnscpd)
FIX: SPF record update elicits argument type error on $parameter (Transfer)
FIX: incorrect namespace encountered when calling allApps() within the context of webapp module (Webapps)
FIX: key always checked irrespective account-specific provider setting (Service\Validators)
FIX: parse webdav accounts (Formats\Cpanel)
FIX: lower UID account admins ignored (storagelog)
FIX: APNSCP_ROOT fails detection when invoked via /usr/local/sbin symlink (build)
FIX: invert platform downgrade logic (CLI\Transfer)
FIX: set authentication context on recycled backend worker during IP check (Auth)
FIX: polyfill()- named arguments fail polyfill (apnscpFunctionInterceptor)
FIX: unhandled exceptions formatted incorrectly as singular array (ajax)
FIX: traceroute fails when crontab,permit=0 (Traceroute)
FIX: polyfill()- array_values() discards index assignment (apnscpFunctionInterceptor)
FIX: repair of corrupted AOF asserts ownership under incorrect uid (Cache::Mproxy)
FIX: type referenxce (Net\WSDL)
FIX: module reference (Util::Completion)
FIX: importing from tarball omits relocating secondary user mail (Cpanel\Pathmap)
FIX: set migration TTL (change_dns)
FIX: unlimited quotas fail to process database backups (backup_dbs)
FIX: allow suspended sites to migrate (Formats\Cpanel)
FIX: blocking worker ID selection fails to return if datastream abruptly hangs up (apnscpd)
FIX: backtrace tokens repeat backtrace string (Error Reporter)
FIX: incorrect parameter invocation in UUID check (Transfer)
FIX: kill() missing path separator (Filesystem\Fuser)
FIX: PID corruption on abrupt shutdown - "Error retrieving pid file" (Http\Apnscp)
FIX: always convert path to absolute (Filesystem\Fuser)
FIX: remove unprintable characters from backtrace (Error Reporter)
FIX: cyclic dependency between httpd/fpm/mariadb (templates)
FIX: closure serialization (Lararia\Jobs)
FIX: apache.php-version- version comparison type (Settings\Apache)
FIX: update bandwidth threshold (Validators\Bandwidth)
FIX: workaround for leaky file descriptors on site removal on 3.10 kernels with ext4 and nested bind mounts. umount call fails to free all descriptors contrary to /proc indication. Relocate the bad directory to an orphanage that gets purged on boot (Opcenter\Filesystem)
FIX: PHP-FPM configuration always populated (Service\Validators)
FIX: debug parameters (Letsencrypt\AcmeDispatcher)
FIX: fopen() operates on file or URL (Cache\Mproxy)
FIX: Redis socket availability check impracticable (Cache\Mproxy)
FIX: domain redireciton regex (Letsencrypt\Solvers)
FIX: unset (null) dns provider performs provider lookup (Service\Validators)
FIX: strict typing (Settings\Apnscp)
FIX: PHP-FPM service halts on boot with error "...deleted to break ordering cycle starting with sockets.target/start" (templates)
FIX: key type default (Settings)
FIX: deprecation warning on email_get_records (SSL Certificates, DNS Manager)
FIX: user change always fires on account edit if webuser is not "apache" (Opcenter\Provisioning)NEW: hairpin detection on self-referential URLs (
FIX: mail transport never added, incorrect API usage. Update dns:owned-zone to dns:zone-exists (Formats\Cpanel)
FIX: soft fail if dnszones/ missing (Formats\Cpanel)
FIX: pgpass population when pgsql,enabled=1 (Service\Validators)
FIX: priority implementation (Util::Process)
FIX: depopulation may traverse paths converted to symlinks during service depopulation (FilesystemPopulatorTrait)
FIX: request()- strict check filters from installed certificate, which does not exist on initial SSL provisioning (letsencrypt)
FIX: match case where cPanel formats SHELL without quotes (Cpanel\Pathmap)
FIX: elevator parsing logic (Filesystem)
FIX: bfq existence check (Opcenter\System)
FIX: DNS management fails on primary domain (DNS Manager)
FIX: infinite recursion on systemd implementation check (Opcenter\System)
FIX: XSS in gecos (Manage Users)
FIX: --no-builtin option applied to wrong clause (Migration\Formats)
FIX: squelch parsing errors during prop inquiry (File Manager)
FIX: leading numeric IPv6 quad parsed as key (Net\Firewall)
FIX: bounds check prior to quoted check (Opcenter\Map)
FIX: build_ini()- return empty arrays as [] instead of '' (Util_Conf)
FIX: array_dot()- nested empty arrays fail to collapse (helpers)
FIX: reapply reverted commit (Opcenter\Migration)
FIX: unlock within late registered shutdown function never called to cleanup intermediate directory (Migration\Locker)
FIX: ensure o is defined in call_app (apnscp.js)
FIX: UI adjustments: inline editing, row reference (DNS Manager)
FIX: var typo (Opcenter\Apnscp)
FIX: tooltip fails to display when title unset (Tip Engine)
FIX: RewriteEngine "on" is case insensitive (Personalities)
FIX: *env usage for setting global interpreter (Package Manager)
FIX: custom times elicit warning defaulting to site ID modulus in time spec (Task Scheduler)
FIX: resize (Terminal)
FIX: user home prefix does not upgrade on account migration/username change (Formats\Cpanel)
FIX: PharData supports star format. tar uses POSIX.2001 format. Attempt in-situ extraction with PharData falling back to temporary extraction as necessary (Opcenter\Migration)
FIX: unlimited DISKBLOCKLIMIT value treated as integer (Formats\Cpanel)
FIX: pull subdomain location from userdata/ (Opcenter\Migration)
FIX: workaround for large cPanel backups (Migrations\Formats)
FIX: left-trim key (Opcenter\CliParser)
FIX: grants created that duplicate primary user (Cpanel\Pathmap)
FIX: import (Formats\Cpanel)
FIX: grant application (Formats\Cpanel)
FIX: aliases built from addon + subdomains instead of parked (Formats\Cpanel)
FIX: cron spool (Formats\Cpanel)
FIX: incorrect var reference results in autogenerated prefix (Format\Cpanel)
FIX: accounts without email generate exception (Formats\Cpanel)
FIX: getApplicationFromId() returns Template_Object_Link object (Summary)
FIX: ImportDomain invocaiton (docs)
FIX: backups with non-system generated names (backup-M.D.YYYY) fail consistency check (Formats\Cpanel)
FIX: parameter list prematurely closed in race check (Util_Process::Schedule)
FIX: undefined variable, $url (Mail Routing)
FIX: warning on attempting to read non-existent domain map (Module\Support)
FIX: edit always applies complex arguments (Nexus)
FIX: namespace import (Cpanel\Pathmap)
FIX: mail service disablement depopulates only primary domain (Service\Validators)
FIX: undefined index warnings for disabled services (Manage Users)
FIX: dns,enabled=1 fails to provision addon domain DNS (Validators\Dns)
FIX: exceptions throw within mute() or silence() lock state (Error Reporter)
FIX: IPv6 parsed as array (Opcenter\CliParser)
FIX: fst root privileges (Opcenter\Provisioning)
FIX: removing empty provider key emits false warning (Settings\Dns)
FIX: mail.enabled order results in early termination of Bootstrapper task (Opcenter\Settings)
FIX: numerical arrays discard parent key (config)
FIX: symlink attack in database export (Transfer)
FIX: AP-06 security fix. backup_dbs.php does not evaluate the state of file prior to processing backup. An attacker can use a symlink attack to gain ownership of sensitive files (backup_dbs.php)
FIX: exec() ignores options (Util_Process)
FIX: CSR generation, form check bound multiple times (SSL Certificates)
FIX: move DNS removal to service validation depopulate() method. delete hooks are called prior to service validator depopulate() methods. Any DNS depopulation baked into a SV will fail otherwise (Service\Validators)
FIX: apnscp.bootstrapper dereferences deferenced array (Admin\Settings)
FIX: typos (Opcenter\Service)
FIX: include chain in unified certificate (Crypto\Ssl)
FIX: domains without proper DNS records for webmail fail to redirect when SSO disabled (Webmail)
FIX: Analytics bounding (Dashboard)
FIX: validate CSRF on password reset requests that may unintentionally leak the victim's IP (Login)
FIX: typo (Opcenter\Account)
FIX: doubly including an anonymous function by reference can elicit a segfault for spawned workers in certain setups. This condition is encountered when Util\Completion\Stub builds the IDE helper on boot, including config.php again. Use storage/constants.php for building this file as a work around (Util\Completion)
FIX: elevate request to backend on demand for root password. Resolves broken truncate, empty operations as well as export_pipe_real (Opcenter\Database)
FIX: panel_brand under [core] (Nexus)
FIX: consistency change, getVersionLock() may return false when version lock is 'none' but also return null if the default version lock is 'none'. 'none' is commensurate to null and false disused. In the event 'verlock' option is unset, then module default applies, which may default to null when version lock is 'none' (Support\Webapps)
FIX: ignore parsing closing array delimited ("]") as array if imbalanced (Opcenter\CliParser)
FIX: always set TTL on cache items. volatile-lru eviction policy requires a TTL to be set to evict items (Cache)
FIX: gracefully handle edge case where Apache map missing (Opcenter\Http)
FIX: Majordomo appears if mlist disabled. Issue #17 (Template)
FIX: WSDL reinitialization reinitialization check ignores modules/ mtime (apnscpd)
FIX: coerce spamfilter,provider=DEFAULT to system default (Service\Validators)
FIX: tests resume too quickly after license unit test. Wait for apnscp reactivation (tests)
FIX: delete()- deprecation warning (Cache)
FIX: apache.cachetype superclass declaration compatibility (Settings\Apache)
FIX: license utility backup, return code (scripts)
FIX: ensure admin context in rampart test (tests)
FIX: bitrot (API Keys)
FIX: failed()- trim trailing newline from check (Opcenter\Http)
FIX: prevent removal of admin whitelist rules if site duplicates admin (Net\Firewall)
FIX: return type check on non-existent module (afi)
FIX: iptables lock contention (Net\Firewall)
FIX: toggling service state forces recheck on MySQL, PostgreSQL database prefix/admin (Service\Validators)
FIX: row formatting (Vacation Responder)
FIX: missing class (Support\Webapps)
FIX: always populate HOSTNAME. Running queue:work from CLI doesn't populate this causing any dependent code to fail. (apnscpcore)
FIX: undefined property access (SPF Wizard)
FIX: ignore actionless jails (Net\Fail2ban)
FIX: parse Ansible 2.8 task summary (Jobs\Report)
FIX: pyenv version selection typo (Package Manager)
FIX: union operator overwrites 0-th alias (DNS Manager)
FIX: housekeeper remains active in debug (apnscpd)
FIX: type check (scripts/license)
FIX: license issuance of expired panel license (Opcenter\License)
FIX: error() must always return false (Error Reporter)
FIX: importConfig() imports current + new configuration into scope (Util_Account)
FIX: cancellation check (Change Billing)
FIX: Bootstrapper report timespec (Lararia\Jobs)
FIX: overzealous ad-blocking policies block gauges (Dashboard)
FIX: apache.block10 class inheritance (Admin\Settings)
FIX: apache.cachetype method superclass declaration (Admin\Settings)
FIX: environment vars parsed as cron jobs (Regex)
FIX: refactoring (Letsencrypt)
FIX: namespace import (Opcenter\Crypto)
FIX: mail.smart-host, handling empty credentials (Opcenter\Admin)
FIX: renameUser()- validate username (Opcenter\Database)
FIX: authorized_functions()- use short-hand notation (afi)
FIX: scaffold afi instance to satisfy modules that have API dependencies on init, such as with Web Apps (apnscpd)
FIX: nonblocking socket drains too quickly on large payloads (apnscpd)
FIX: SPF record update elicits argument type error on $parameter (Transfer)
FIX: incorrect namespace encountered when calling allApps() within the context of webapp module (Webapps)
FIX: key always checked irrespective account-specific provider setting (Service\Validators)
FIX: parse webdav accounts (Formats\Cpanel)
FIX: lower UID account admins ignored (storagelog)
FIX: APNSCP_ROOT fails detection when invoked via /usr/local/sbin symlink (build)
FIX: invert platform downgrade logic (CLI\Transfer)
FIX: set authentication context on recycled backend worker during IP check (Auth)
FIX: polyfill()- named arguments fail polyfill (apnscpFunctionInterceptor)
FIX: unhandled exceptions formatted incorrectly as singular array (ajax)
FIX: traceroute fails when crontab,permit=0 (Traceroute)
FIX: polyfill()- array_values() discards index assignment (apnscpFunctionInterceptor)
FIX: repair of corrupted AOF asserts ownership under incorrect uid (Cache::Mproxy)
FIX: type referenxce (Net\WSDL)
FIX: module reference (Util::Completion)
FIX: importing from tarball omits relocating secondary user mail (Cpanel\Pathmap)
FIX: set migration TTL (change_dns)
FIX: unlimited quotas fail to process database backups (backup_dbs)
FIX: allow suspended sites to migrate (Formats\Cpanel)
FIX: blocking worker ID selection fails to return if datastream abruptly hangs up (apnscpd)
FIX: backtrace tokens repeat backtrace string (Error Reporter)
FIX: incorrect parameter invocation in UUID check (Transfer)
FIX: kill() missing path separator (Filesystem\Fuser)
FIX: PID corruption on abrupt shutdown - "Error retrieving pid file" (Http\Apnscp)
FIX: always convert path to absolute (Filesystem\Fuser)
FIX: remove unprintable characters from backtrace (Error Reporter)
FIX: cyclic dependency between httpd/fpm/mariadb (templates)
FIX: closure serialization (Lararia\Jobs)
FIX: apache.php-version- version comparison type (Settings\Apache)
FIX: update bandwidth threshold (Validators\Bandwidth)
FIX: workaround for leaky file descriptors on site removal on 3.10 kernels with ext4 and nested bind mounts. umount call fails to free all descriptors contrary to /proc indication. Relocate the bad directory to an orphanage that gets purged on boot (Opcenter\Filesystem)
FIX: PHP-FPM configuration always populated (Service\Validators)
FIX: debug parameters (Letsencrypt\AcmeDispatcher)
FIX: fopen() operates on file or URL (Cache\Mproxy)
FIX: Redis socket availability check impracticable (Cache\Mproxy)
FIX: domain redireciton regex (Letsencrypt\Solvers)
FIX: unset (null) dns provider performs provider lookup (Service\Validators)
FIX: strict typing (Settings\Apnscp)
FIX: PHP-FPM service halts on boot with error "...deleted to break ordering cycle starting with sockets.target/start" (templates)
FIX: key type default (Settings)
FIX: deprecation warning on email_get_records (SSL Certificates, DNS Manager)
FIX: user change always fires on account edit if webuser is not "apache" (Opcenter\Provisioning)NEW: hairpin detection on self-referential URLs (
FIX: mail transport never added, incorrect API usage. Update dns:owned-zone to dns:zone-exists (Formats\Cpanel)
FIX: soft fail if dnszones/ missing (Formats\Cpanel)
FIX: pgpass population when pgsql,enabled=1 (Service\Validators)
FIX: priority implementation (Util::Process)
FIX: depopulation may traverse paths converted to symlinks during service depopulation (FilesystemPopulatorTrait)
FIX: request()- strict check filters from installed certificate, which does not exist on initial SSL provisioning (letsencrypt)
FIX: match case where cPanel formats SHELL without quotes (Cpanel\Pathmap)
FIX: elevator parsing logic (Filesystem)
FIX: bfq existence check (Opcenter\System)
FIX: DNS management fails on primary domain (DNS Manager)
FIX: infinite recursion on systemd implementation check (Opcenter\System)
FIX: XSS in gecos (Manage Users)
FIX: --no-builtin option applied to wrong clause (Migration\Formats)
FIX: squelch parsing errors during prop inquiry (File Manager)
FIX: leading numeric IPv6 quad parsed as key (Net\Firewall)
FIX: bounds check prior to quoted check (Opcenter\Map)
FIX: build_ini()- return empty arrays as [] instead of '' (Util_Conf)
FIX: array_dot()- nested empty arrays fail to collapse (helpers)
FIX: reapply reverted commit (Opcenter\Migration)
FIX: unlock within late registered shutdown function never called to cleanup intermediate directory (Migration\Locker)
FIX: ensure o is defined in call_app (apnscp.js)
FIX: UI adjustments: inline editing, row reference (DNS Manager)
FIX: var typo (Opcenter\Apnscp)
FIX: tooltip fails to display when title unset (Tip Engine)
FIX: RewriteEngine "on" is case insensitive (Personalities)
FIX: *env usage for setting global interpreter (Package Manager)
FIX: custom times elicit warning defaulting to site ID modulus in time spec (Task Scheduler)
FIX: resize (Terminal)
FIX: user home prefix does not upgrade on account migration/username change (Formats\Cpanel)
FIX: PharData supports star format. tar uses POSIX.2001 format. Attempt in-situ extraction with PharData falling back to temporary extraction as necessary (Opcenter\Migration)
FIX: unlimited DISKBLOCKLIMIT value treated as integer (Formats\Cpanel)
FIX: pull subdomain location from userdata/ (Opcenter\Migration)
FIX: workaround for large cPanel backups (Migrations\Formats)
FIX: left-trim key (Opcenter\CliParser)
FIX: grants created that duplicate primary user (Cpanel\Pathmap)
FIX: import (Formats\Cpanel)
FIX: grant application (Formats\Cpanel)
FIX: aliases built from addon + subdomains instead of parked (Formats\Cpanel)
FIX: cron spool (Formats\Cpanel)
FIX: incorrect var reference results in autogenerated prefix (Format\Cpanel)
FIX: accounts without email generate exception (Formats\Cpanel)
FIX: getApplicationFromId() returns Template_Object_Link object (Summary)
FIX: ImportDomain invocaiton (docs)
FIX: backups with non-system generated names (backup-M.D.YYYY) fail consistency check (Formats\Cpanel)
FIX: parameter list prematurely closed in race check (Util_Process::Schedule)
FIX: undefined variable, $url (Mail Routing)
FIX: warning on attempting to read non-existent domain map (Module\Support)
FIX: edit always applies complex arguments (Nexus)
FIX: namespace import (Cpanel\Pathmap)
FIX: mail service disablement depopulates only primary domain (Service\Validators)
FIX: undefined index warnings for disabled services (Manage Users)
FIX: dns,enabled=1 fails to provision addon domain DNS (Validators\Dns)
FIX: exceptions throw within mute() or silence() lock state (Error Reporter)
FIX: IPv6 parsed as array (Opcenter\CliParser)
FIX: fst root privileges (Opcenter\Provisioning)
FIX: removing empty provider key emits false warning (Settings\Dns)
FIX: mail.enabled order results in early termination of Bootstrapper task (Opcenter\Settings)
FIX: numerical arrays discard parent key (config)
FIX: symlink attack in database export (Transfer)
FIX: AP-06 security fix. backup_dbs.php does not evaluate the state of file prior to processing backup. An attacker can use a symlink attack to gain ownership of sensitive files (backup_dbs.php)
FIX: exec() ignores options (Util_Process)
FIX: CSR generation, form check bound multiple times (SSL Certificates)
FIX: move DNS removal to service validation depopulate() method. delete hooks are called prior to service validator depopulate() methods. Any DNS depopulation baked into a SV will fail otherwise (Service\Validators)
FIX: apnscp.bootstrapper dereferences deferenced array (Admin\Settings)
FIX: typos (Opcenter\Service)
FIX: include chain in unified certificate (Crypto\Ssl)
FIX: domains without proper DNS records for webmail fail to redirect when SSO disabled (Webmail)
FIX: Analytics bounding (Dashboard)
FIX: validate CSRF on password reset requests that may unintentionally leak the victim's IP (Login)
FIX: typo (Opcenter\Account)
FIX: doubly including an anonymous function by reference can elicit a segfault for spawned workers in certain setups. This condition is encountered when Util\Completion\Stub builds the IDE helper on boot, including config.php again. Use storage/constants.php for building this file as a work around (Util\Completion)
FIX: elevate request to backend on demand for root password. Resolves broken truncate, empty operations as well as export_pipe_real (Opcenter\Database)
FIX: panel_brand under [core] (Nexus)
FIX: consistency change, getVersionLock() may return false when version lock is 'none' but also return null if the default version lock is 'none'. 'none' is commensurate to null and false disused. In the event 'verlock' option is unset, then module default applies, which may default to null when version lock is 'none' (Support\Webapps)
FIX: ignore parsing closing array delimited ("]") as array if imbalanced (Opcenter\CliParser)
FIX: always set TTL on cache items. volatile-lru eviction policy requires a TTL to be set to evict items (Cache)
FIX: gracefully handle edge case where Apache map missing (Opcenter\Http)
FIX: Majordomo appears if mlist disabled. Issue #17 (Template)
FIX: WSDL reinitialization reinitialization check ignores modules/ mtime (apnscpd)
FIX: coerce spamfilter,provider=DEFAULT to system default (Service\Validators)
FIX: tests resume too quickly after license unit test. Wait for apnscp reactivation (tests)
FIX: delete()- deprecation warning (Cache)
FIX: apache.cachetype superclass declaration compatibility (Settings\Apache)
FIX: license utility backup, return code (scripts)
FIX: ensure admin context in rampart test (tests)
FIX: bitrot (API Keys)
FIX: failed()- trim trailing newline from check (Opcenter\Http)
FIX: prevent removal of admin whitelist rules if site duplicates admin (Net\Firewall)
FIX: return type check on non-existent module (afi)
FIX: iptables lock contention (Net\Firewall)
FIX: toggling service state forces recheck on MySQL, PostgreSQL database prefix/admin (Service\Validators)
FIX: row formatting (Vacation Responder)
FIX: missing class (Support\Webapps)
FIX: always populate HOSTNAME. Running queue:work from CLI doesn't populate this causing any dependent code to fail. (apnscpcore)
FIX: undefined property access (SPF Wizard)
FIX: ignore actionless jails (Net\Fail2ban)
FIX: parse Ansible 2.8 task summary (Jobs\Report)
FIX: pyenv version selection typo (Package Manager)
FIX: union operator overwrites 0-th alias (DNS Manager)
FIX: housekeeper remains active in debug (apnscpd)
FIX: type check (scripts/license)
FIX: license issuance of expired panel license (Opcenter\License)
FIX: error() must always return false (Error Reporter)
FIX: importConfig() imports current + new configuration into scope (Util_Account)
FIX: cancellation check (Change Billing)
FIX: Bootstrapper report timespec (Lararia\Jobs)
FIX: overzealous ad-blocking policies block gauges (Dashboard)
FIX: apache.block10 class inheritance (Admin\Settings)
FIX: apache.cachetype method superclass declaration (Admin\Settings)
FIX: environment vars parsed as cron jobs (Regex)
FIX: refactoring (Letsencrypt)
FIX: namespace import (Opcenter\Crypto)
FIX: mail.smart-host, handling empty credentials (Opcenter\Admin)
FIX: renameUser()- validate username (Opcenter\Database)
FIX: exists()- property reference (letsencrypt)
FIX: edit_user()- password length error message (pgsql)
FIX: bootstrap() force IP check, defer strict to account (letsencrypt)
FIX: set_permissions()- index check warning in short-hand permissions (mysql)
FIX: contextability support (letsencrypt)
FIX: squashed ownership $user assignment assigns from id (aliases)
FIX: assert same-owner permissions on upgrade/. WordPress may attempt an in-place upgrade if permissions allow creating wp-content/upgrade as a temporary storage. When Fortification is applied, the rest of the upgrade fails leaving upgrade/ behind, which prevents further updates by the docroot owner (wordpress)
FIX: add_subdomain()- permission mode on placeholder (web)
FIX: default population (cgroup)
FIX: double-fire Apache::activate on v7.5+ platforms (web)
FIX: cgroup dependency ordering (modules)
FIX: owned_zone() fails check on domain name change (dns)
FIX: get_zone_data()- TTL data type (dns)
FIX: variadic argument forwarding (config)
FIX: min fortification pathing (laravel)
FIX: get_by_date()- multiple typecheck fixes (bandwidth)
FIX: remove_subdomain()- IP collection data type (web)
FIX: delete_job()- trim $min (crontab)
FIX: get_privileges()_ escape single char wildcard (_) in database grant checks (mysql)
FIX: strip domain from $subdomain if passed as FQDN (dns)
FIX: remove_zone() erroneous warning message (dns)
FIX: editing user in MariaDB 10.2 ignores password update in .my.cnf (mysql)
FIX: cleanup dns_get_public_ip{,6} handling
FIX: Majordomo skeleton calls API commands before API permissions evaluated (majordomo)
FIX: get_records_raw() consistency. get_zone_data(), a dependent method, returns null on failure. get_records_raw() documentation states return type false on failure. Previously behavior converted to polysemic empty array that could be either an empty zone or failed transfer. (dns)
FIX: import() TTL data type, return value (dns)
FIX: get_public_ip6() pulls IPv4 (dns)
FIX: shadow_buildup()- symlink bypass vulnerability. Unchecked referent allows user buildup of arbitrary directories within system-owned directory (file)
FIX: find_quota_files()- symlink attack (user)
FIX: bypass deletion hooks if Majordomo disabled (majordomo)
FIX: copy()- symlink permission bypass. Parent stat must always be directory, ignore filetype in favor of can_* attributes (file)
FIX: AP-04, AP-05 security fixes. stat()- use referent permissions in stat calculations. Closes symlink attack loophole that always treated symlink itself as writeable requiring additional calculations to validate referent access (file)
FIX: touch()- symlink directories ignored in permission calculation (file)
FIX: import()- symlink redirection attack (mysql, pgsql)
FIX: AP-03, AP-07 chown/chmod on symlink ignores referent checks on v5+ platforms with optimized shadow assertion enabled. Add extra check if target file is symlink, falling back to non-OSA checks. (file)
FIX: unmake_path()- disable cache usage. make_path() stores the cached result, symlinks resolved, of the specified path. Calling unmake_path() on a symlink file returns the target path discarding symlink state. Performance hit is minimal as algorithm simply strips leading fs path (file)
FIX: restore_mailboxes()- permit underscore, dash in name (email)
FIX: AP-01, AP-02 security issues. $domain affinity not checked prior to manipulating mailboxes (email)
FIX: restore_mailboxes()- poor sanitization of $file argument allows read from untrusted backup (email)
FIX: restart haproxy on SSL certificate update (email)
FIX: remove_zone()- UUID check always fails (dns)
FIX: [mysql] => concurrency_limit ceiling ignored (mysql)
FIX: change_password()- complete implementation that permits appliance admin to change site admin password (auth)
FIX: get_invoice()- cast return to string (billing)
FIX: CIDR treated as IPv4/IPv6 (rampart)
FIX: get_plist() requires privilege escalation (rampart)
FIX: incorrect default value (cgroup)
FIX: driver typo (rampart)
FIX: union operator (rampart)
FIX: remove_alias()- #0eeeb4e7 introduced invalid type check on setConfig() return (aliases)
FIX: enabling mysql service from a disabled state incorrectly applies backup renaming task (sql)
FIX: schema_column_maxlen() missing privilege escalation (mysql)
FIX: schema_column_maxlen()- always escalate to backend for root access (mysql)
FIX: whitelist(), blacklist()- pass mode to backend (rampart)
FIX: namespace import (sql)
FIX: create_temp_user return type (mysql,pgsql)
FIX: Discourse 2.3.0 yarn/brotli requirements (discourse)
FIX: orphaned reference (letsencrypt)
FIX: repo update triggers purge of postgresql-libs package that in turn prunes essential packages (packages/install)
FIX: dns_default_provider default value (software/powerdns)
FIX: addin library path (software/powerdns)
FIX: .gitignore path (software/tmpfiles)
FIX: protected files follow removed files (software/tmpfiles)
FIX: migration ordering (migrations)
FIX: out-of-order migration (migrations)
FIX: restore pre-7.4 behavior, timestamp column type includes TZ (apnscp/initialize-db)
FIX: phpXX_build_flags never imported from vars file (php/build-from-source)
FIX: "will be updated" fragment in stderr (pgsql/install)
FIX: ExecStartPost= runs irrespective ExecStart non-zero exit code thus forcing service into perpetual restart (common/fail-and-save)
FIX: phpconfig path overwritten (apnscp/php-filesystem-template)
FIX: ignore tmp/.gitignore (software/tmpfiles)
FIX: incorrect truthiness check skips local.d population (mail/rspamd)
FIX: missing tmpfiles migration (migrations)
FIX: e tmpfiles flag usage (software/tmpfiles)
FIX: e flag correctly applied in CentOS 7.7. var glob incorrectly referenced as "var" instead of "var/tmp". (software/tmpfiles)
FIX: /etc/redhat-release version match (check-requirements)
FIX: ReadWritePaths= format (fail2ban/configure-jails)
FIX: reset phpconfig var on each pass (php/common)
FIX: explicitly denote line continuation in cpuweight_plan_update (migrations)
FIX: fail2ban override location (fail2ban/configure-jails)
FIX: apply quota rebuild to /home/virtual mount-point (filesystem/make-mounts)
FIX: update migration
FIX: quiet /etc/ftp.pamlist errors on / (software/vsftpd)
FIX: None within Jinja template transformed into "" (system/sysctl)
FIX: sysctl state=present expects non-empty value (system/sysctl)
FIX: maps always overwritten (mail/configure-postfix)
FIX: rspamd/haproxy disablement (mail/rspamd, software/haproxy)
FIX: building apnscp PHP independently fails to set __php_force_build (php/install)
FIX: addin roles skipped when type isdir (common/addin)
FIX: conditions (common/addin)
FIX: conditional checks on module/role/play affect dict members depending upon result (addin)
FIX: prefix var "None" treated as string literal (system/sysctl)
FIX: relocate libunwind to siteinfo (migrations)
FIX: multiline ini_file cannot achieve idempotence. Switch to copying updated filter (fail2ban/configure-jails)
FIX: IPv6 formatting (apache/configure)
FIX: add backwards-compatible systemd service file for MariaDB 5.5/10.0 (mysql/install)
FIX: decouple apnscp dependency from Requires= to Wants=. Restarting MariaDB during integrity check forces panel restart (apnscp/bootstrap)
FIX: add missing pre/postaddin directories
FIX: smtpd_upstream_proxy_protocol warning applies to unix service (mail/configure-postfix)
FIX: ignoring non-empty smtpd_upstream_proxy_protocol setting behind postscreen (mail/configure-postfix)
FIX: quotas within jailed environments generate quotactl() errors if the root partition is an LVM mount. LVMs mount the mapped device in /dev/mapper and symlink to the physical device whereas this symlink is copied instead of its referent during FST provisioning (apnscp/initialize-filesystem-template)
FIX: Roundcube, Horde log rotation (system/misc-logrotate)
FIX: var typo (software/pyenv)
FIX: wait for SMTP timeout (apnscp/notify-installed)
FIX: permission restrictions disallow setting global interpreter (software/{py,rb,go}env)
FIX: suspended accounts may login via public key (system/pam)
FIX: Ansible 2.8.0 changes
FIX: Ansible 2.8.0 fixes
FIX: typo
FIX: multi-version pg_config detection (php/build-from-source)
FIX: revert service type to notify if MariaDB >= 10.1. Slower systems may not fully boot MariaDB by the time apnscp starts thus resulting in database connectivity errors resolved by Argos (mysql/install)
FIX: until condition. Cleanup included task usage (packages/install)
FIX: smarthost idempotency (mail/configure-postfix)
FIX: bool header value silently ignored (mail/rspamd)
FIX: smarthost auth initialization fails on 0 byte (mail/configure-postfix)
FIX: ExecStartPost= runs irrespective ExecStart non-zero exit code thus forcing service into perpetual restart (common/fail-and-save)
FIX: missing tmpfiles migration (migrations)
FIX: e flag correctly applied in CentOS 7.7. var glob incorrectly referenced as "var" instead of "var/tmp". (software/tmpfiles)
FIX: ignore tmp/.gitignore (software/tmpfiles)
FIX: e tmpfiles flag usage (software/tmpfiles)
FIX: /etc/redhat-release version match (check-requirements)
FIX: ReadWritePaths= format (fail2ban/configure-jails)
FIX: fail2ban override location (fail2ban/configure-jails)
FIX: apply quota rebuild to /home/virtual mount-point (filesystem/make-mounts)
FIX: None within Jinja template transformed into "" (system/sysctl)
FIX: sysctl state=present expects non-empty value (system/sysctl)
FIX: maps always overwritten (mail/configure-postfix)
FIX: building apnscp PHP independently fails to set __php_force_build (php/install)
FIX: addin roles skipped when type isdir (common/addin)
FIX: conditions (common/addin)
FIX: conditional checks on module/role/play affect dict members depending upon result (addin)
FIX: prefix var "None" treated as string literal (system/sysctl)
FIX: relocate libunwind to siteinfo (migrations)
FIX: multiline ini_file cannot achieve idempotence. Switch to copying updated filter (fail2ban/configure-jails)
FIX: IPv6 formatting (apache/configure)
FIX: add backwards-compatible systemd service file for MariaDB 5.5/10.0 (mysql/install)
FIX: decouple apnscp dependency from Requires= to Wants=. Restarting MariaDB during integrity check forces panel restart (apnscp/bootstrap)
FIX: add missing pre/postaddin directories
FIX: quotas within jailed environments generate quotactl() errors if the root partition is an LVM mount. LVMs mount the mapped device in /dev/mapper and symlink to the physical device whereas this symlink is copied instead of its referent during FST provisioning (apnscp/initialize-filesystem-template)
FIX: var typo (software/pyenv)
FIX: wait for SMTP timeout (apnscp/notify-installed)
FIX: permission restrictions disallow setting global interpreter (software/{py,rb,go}env)
FIX: Ansible 2.8.0 changes
FIX: Ansible 2.8.0 fixes
FIX: typo
FIX: multi-version pg_config detection (php/build-from-source)
FIX: revert service type to notify if MariaDB >= 10.1. Slower systems may not fully boot MariaDB by the time apnscp starts thus resulting in database connectivity errors resolved by Argos (mysql/install)
FIX: until condition. Cleanup included task usage (packages/install)
CHG: update version (config.ini)
CHG: update plan version (plans)
CHG: always authenticate self (apnscpd)
CHG: cache PHP version (Opcenter\Php)
CHG: update (docs)
CHG: add apache,webuser usage (docs)
CHG: update (docs)
CHG: conditionally include module-specific files in migration (Transfer)
CHG: disable unsetting mlist provider on toggle off (Service\Validators)
CHG: extract stream readers into general purpose (Migration)
CHG: blurb about configuring PowerDNS (Admin\Settings)
CHG: pass ; along with incomplete arglist (cpcmd)
CHG: default PHP-FPM (config.ini)
CHG: generalize blacklist module (Opcenter)
CHG: rename apnscp Scope namespace to cp (Admin\Settings)
CHG: socket_close() leaves the FD defined but unknown. Unset datastream socket explicitly for empty() check to operate as expected (apnscpd)
CHG: restore setPriority() behavior (Util::Process\Fork)
CHG: remove suspension when new threshold exceeds prior limit (Opcenter\Bandwidth)
CHG: bandwidth bin width now tuneable (config.ini)
CHG: bandwidth update (Opcenter)
CHG: 7.5 -> 7 platform fixup (Transfer)
CHG: ensure session properly initialized prior to contextless invocation (Module_Skeleton)
CHG: update (docs)
CHG: bypass notifications for locally originating commands (Auth)
CHG: update smarthost info (docs)
CHG: [dns] => proxy_ip[46] must be set to for hairpin check (HTTP)
CHG: requestReal()- return null if filtered set empty. Resolves empty set ambiguity during renewal (Letsencrypt)
CHG: improve nameserver reporting message (Addon Domains)
CHG: [anvil] => whitelist bypassed in IP restricted logins (Auth)
CHG: silence()- squelch runtime error macros (Error Reporter)
CHG: mail.smart-host, specifying :465 in host implies TLS wrappermode (Settings\Mail)
CHG: update, scope invocation (docs)
CHG: move AJAX functions to external library (ajax)
CHG: rename Notifications to Security (Summary)
CHG: extract non-specific IP validation to general utility (Net\IpCommon)
CHG: tolerate multiple inclusions (ajax)
CHG: default to default timezone (apnscpd)
CHG: update fail2ban prefix (config)
CHG: validate accessibility via strict protocol check (Cache::Mproxy)
CHG: calculate maildir path from admin home. shell entry in getpwnam may be different from admin home (Cpanel\Pathmap)
CHG: FLARE documentation (docs)
CHG: use short-hand notation on module properties. 11% reduction on session storage (apnscpfunction)
CHG: ensure parent domain is migrated first (transfersite)
CHG: missing FLARE component...
CHG: fallback locally in per-server API keystores (Transfer)
CHG: flip crontab off entirely (Cpanel\Pathmap)
CHG: cron dep orderingl (Cpanel\Pathmap)
CHG: disable cron when jailshell is set without cron (Cpanel\Pathmap)
CHG: scale up backlog depth (templates)
CHG: update FPM (docs)
CHG: expose "PHP_HANDLER" environment variable. Location of PHP-FPM dispatcher (templates)
CHG: set platform version (composer)
CHG: bump Horizon 2.0 (composer)
CHG: permit mixed case usernames (Database\PostgreSQL)
CHG: permit dash in database prefix (Regex)
CHG: check and synchronize pending domain changes (Transfer)
CHG: allow partial plans. Merge .skeleton/ defaults as needed (Opcenter)
CHG: extract evasive stanzas into templates (templates)
CHG: apache.evasive- align hash table size. Quiet warnings on non-evasive directives (Settings\Apache)
CHG: apache.php-version- add apnscp/php-filesystem-template role (Admin\Settings)
CHG: ignore password change on reconfiguration (Validators\Mysql)
CHG: perform orphan check before attempting to reuse site ID (Opcenter\Account)
CHG: update /var/log/php-fpm ownership (Opcenter\Provisioning)
CHG: improve robustness in failed creation cleanup (Opcenter\Account)
CHG: attempt Browscap conversion on success (Util\Browscap)
CHG: attempt next-level DNS validation whenever the given domain does not have DNS provisioned. Resolves situations in which a subdomain may be created as an addon domain within the panel (Letsencrypt\Solvers)
CHG: update WP maximal version, string literal boolean (tests)
CHG: update plans/ exclusion list (templates)
CHG: cleanup nullable references (Opcenter)
CHG: log unhandled exceptions buffer (Error Reporter)
CHG: housekeeping perm check (Crypto\Letsencrypt)
CHG: default primary server certificate to RSA (SSL)
CHG: bootstrap SSL on import (Migration)
CHG: disable certificate renewal in debug mode (letsencrypt)
CHG: set PHP requirement (composer)
CHG: make Bootstrapper task session leader (Lararia\Jobs)
CHG: remove Kelunik PHP, switch to AcmePHP
CHG: issue stop then start to ensure scope flags are propagated (Settings\Apache)
CHG: infer data type from config.ini. Resolves case where a falsy setting could never match "false" from command-line (Settings\Apnscp)
CHG: update VPATH PHP-FPM regex (templates)
CHG: setContext()- return self (ContextableTrait)
CHG: permit uppercase mysql username (Opcenter\Database)
CHG: skip missing subdomain configuration from userdata (Formats\Cpanel)
CHG: ignore socket_select()/stream_select() errors globally that occur during signals (apnscpcore)
CHG: -i specifies input source for cpcmd arguments (CLI)
CHG: normalize CPU weight to [1,1000] IO weight scale (System\Cgroup)
CHG: attempt automatic repair of corrupted AOF (Cache\Mproxy)
CHG: static anonymous functions
CHG: watchdog support, permit setgid/setuid calls within PHP-FPM service (templates)
CHG: run()- systemd-derived services default behavior is synchronous (Opcenter\System)
CHG: restructure PHP-FPM layout. Place sockets outside roots (Php\Fpm)
CHG: implement apache,webuser (Service\Validators)
CHG: suspend CLI session resumption in production until further notice (Auth::CLI)
CHG: update return type (BladeLite)
CHG: implement browscap.ini updates (Util::Browscap)
CHG: ignore asynchronous syscall interrupt in socket_select()
CHG: move FPM site configuration to /etc/php-fpm.d/sites (Opcenter\Provisioning)
CHG: getDeviceId(), getDeviceFromPath()- return major:minor in decimal (Filesytem)
CHG: override protective block on .php files when using PHP-FPM (resources/templates)
CHG: downgrade missing filelist to debug (Provisioning\Traits)
CHG: scrutinize preferred worker validity (apnscpd)
CHG: ioweight system default 100 (plans)
CHG: update ipset wait (tests)
CHG: allow write access to /var/tmp (Opcenter\Provisioning)
CHG: cgroup controllers context-aware (Opcenter\Provisioning)
CHG: add PHP-FPM icon (Dashboard)
CHG: disable delayed restart if backend maxed out (apnscpd)
CHG: array_build()- omit null returns (helpers)
CHG: gracefully handle interrupted syscalls from asynchronous signals (Datastream)
CHG: move Apache parent directory check to writeConfiguration (Opcenter\Provisioning)
CHG: make()- call from derived class implies static class as $type (System\Cgroup)
CHG: suppress asynchronous signal warnings in select (Util_Process)
CHG: update migration docs (docs)
CHG: update migration docs (docs)
CHG: update removal list (Formats\Cpanel)
CHG: skip "cptmpdb" grants (Formats\Cpanel)
CHG: disabling disk quota no longer disables inode quota (Service\Validators)
CHG: strip cPanelesque corruption of shadow to disable login when encountered (Opcenter\Migration)
CHG: move site hijack to Dashboard. Site may not have user service enabled, which would disallow postback to Manage Users controller (Layout)
CHG: anticipatory panel version bump (config.ini)
CHG: ServiceExplicitReconfiguration implies ServiceReconfiguration (Opcenter\Service)
CHG: update unit tests, 's' session name support dropped in ajax test. Add 1 second sleep to allow ipset to catchup delisting IP (tests)
CHG: move IP lookup to browser (Whitelist)
CHG: rampart,whitelist cast scalar (Validators\Rampart)
CHG: merge custom getopts (cmd)
CHG: delay instantiation of remediator until data population (Opcenter\Migration)
CHG: implicitly quote .my.cnf values (Opcenter\Database)
CHG: flip gold/bfd priority in binutils (Plugins\Trigger)
CHG: update usage (scripts/change_dns)
CHG: support A/AAAA address change, arbitrary IP/TTL adjustment (scripts/change_dns)
CHG: domain source to domains on server (DNS Manager)
CHG: warn if ini contains unparseable characters without surrounding quotes (Opcenter\Map)
CHG: set placeholder (DNS Manager)
CHG: allow apnscp.config adjustments to accumulate into a 1 minute window (Settings\Apnscp)
CHG: prep for PHP-FPM
CHG: prefix change triggers session logout (Validators\Mysql)
CHG: show matching meta on search results (Nexus)
CHG: add webmail subdomainss for suggested SSL population (SSL Certificates)
CHG: trim domain from login (Login)
CHG: check if transport may be added first. cPanel leaves behind orphaned email accounts (Migration\Formats)
CHG: set theme default (Terminal)
CHG: trim trailing forward slash (Formats\Cpanel)
CHG: check file size and memory limits for in-situ import (Formats\Cpanel)
CHG: use pigz when present (Opcenter\Migration)
CHG: apache,subnum default limit unlimited. 0 implies disabled (Service\Validators)
CHG: disable memory limit on import (Opcenter\Account)
CHG: switching DNS providers triggers population (Service\Validators)
CHG: normalize database (Database)
CHG: filter duplicate hostname/RR/parameter records (Formats\Cpanel)
CHG: default new user to original user (Formats\Cpanel)
CHG: semicolon (Formats\Cpanel)
CHG: support catch-all parsing (Formats\Cpanel)
CHG: apply default ACLs to web app owner in learning mode (Web Apps)
CHG: support reading of wildcard MySQL grants (Cpanel\Pathmap)
CHG: add SEC tag (changelogparser)
CHG: add Login As to edit view (Nexus)
CHG: conditionally link to apps (Summary)
CHG: import MAXSUB limit (Formats\Cpanel)
CHG: conditionally import apnscp DNS entries, including UUID tracking (Formats\Cpanel)
CHG: custom-select:disabled update (css)
CHG: fromSiteDomainMap() returns null if map missing (Http\Apache)
CHG: disambiguate MustBeEnabled service parameters (Nexus)
CHG: default remediation profile fail (Opcenter\Migration)
CHG: register admin tasks after import
CHG: ignore "class" field in AXFR. Not all DNS mediums report this record in AXFR, such as cPanel PowerDNS with BIND backend (Regex)
CHG: .editorconfig support
CHG: Update directives (Support\Personality)
CHG: multi-ip support (CLI\Transfer)
CHG: default provider (tests)
CHG: change_dns IPv6 support (scripts)
CHG: autoload surrogate in DNS population (Service\Validators)
CHG: purge metadata cache on creation (Opcenter\Account)
CHG: cPanel migration update (Opcenter\Migration)
CHG: update RR placeholders (DNS Manager)
CHG: refer to public IP (SSL Certificates)
CHG: report public IP address (Template\Engine)
CHG: GenericDomainMap forces lowercase on domain (Service\Validators)
CHG: load vendor prior to config parser. Switch to Symfony for Yaml 1.2 spec (apnscpcore)
CHG: bypass service check when disabled (User Manage)
CHG: instantiate contexted modules iff session ID differs from context ID (Module\Skeleton)
CHG: purge etc, public_ftp, tmp from backup (Formats\Cpanel)
CHG: conditionally disable/terminate services (Validators\Mail)
CHG: code update (Mail\Providers)
CHG: cleanup PAM handler instantiation (Provisioning\Pam)
CHG: check if group exists prior to creation (GroupCreationTrait)
CHG: skip category display when empty (Template\Engine)
CHG: rename index to master (views)
CHG: gracefully handle exceptions generated within domain wrappers (Opcenter)
CHG: rename createAuthContext() to getAuthContext() (Opcenter\SiteConfiguration)
CHG: downgrade auth,XXX clear to debug (Service\Validators)
CHG: resolve passwd at run-time (Opcenter\Role)
CHG: remove group ownership on fst/ (Opcenter\Provisioning)
CHG: null provider bypass zone management (Dns\Providers)
CHG: check license once per 24 hours (apnscpd)
CHG: mail.enabled- add software/haproxy to task (Admin\Settings)
CHG: fork inherits effective UID (Util_Process)
CHG: job runner drops root for apnscp system user unless requested (Lararia)
CHG: user, euser options set uid, euid respectively on fork (Util_Process::Fork)
CHG: TERM graceful shutdowns (apnscpd)
CHG: move _setArgs() callback usage to synthesizeCommand(), occurs after command is parsed. Prevents accidental escaping of poorly formatted arguments in which empty arguments are skipped in parameter list (Util_Process)
CHG: rename method name, polly -> polyfill (afi)
CHG: upgrade errors to exceptions (Dav)
CHG: use null return type if domain not found (Auth::Redirect)
CHG: apply option as option callback (Util::Process)
CHG: run job daemon as apnscp system user (Lararia)
CHG: apnscp system user authentication equivalency (Auth::CLI)
CHG: billing must always be enabled (Service\Validators)
CHG: remove esprit_id from $_GET after resumption (apnscpSession)
CHG: session resumption code (apnscpsession)
CHG: drop esprit_id on set (apnscpsession)
CHG: move session resumption to init (apnscpSession)
CHG: ignore generating CSRF if it cannot be sent to browser (Auth::UI)
CHG: cache class => configuration translation (Opcenter\Service)
CHG: update billing renewal link (Template\Engine)
CHG: collapse anonymous ini sections when section is "" (Opcenter\Map)
CHG: graceful recovery from housekeeping error (apnscpd)
CHG: randomize TTL (tests)
CHG: XSS restrictions (httpd.conf)
CHG: bump Cloudflare version
CHG: remove develoment code (Opcenter)
CHG: skip pause() if stdin is not writeable (Opcenter)
CHG: flatten configuration up to lists (config)
CHG: wording (Web Apps)
CHG: disambigutate filter wording (Web Apps)
CHG: immediately set sysconfig/apnscp on update policy change (Admin\Settings)
CHG: escape objects that implement __toString (Util_Process::Safe)
CHG: update dependencies
CHG: ensure major/minor/patch versions reported as integers per semantic versioning. Version reports dirty build. Add 'dirty', 'ver_pre' fields (Opcenter)
CHG: Actions alignment (Manage Users)
CHG: auto-import all values defined in db.yaml/auth.yaml/config.ini (config)
CHG: label file browser actions (apnscp.js)
CHG: nextSemanticVersion() $limit null equivalent to 'none' (Opcenter\Versioning)
CHG: ignore setting TTL if value is nulled (Opcenter\Dns)
CHG: discard NS/SOA records when restoring zone (DNS Manager)
CHG: missing commit from #d1e45db8 (BladeLite)
CHG: service value now editable by provider validator (Dns\Providers)
CHG: add array check (Opcenter\Service)
CHG: use CliParse to translate edit parameters into command on 7.5+ platforms (Util::Account::Editor)
CHG: network-restricted licensing options (Opcenter)
CHG: rename CSRF cookie from _token (Auth::UI)
CHG: cleanup CSRF cookie path (Auth::UI)
CHG: postback cleanup (Auth::UI)
CHG: ignore restoring impersonator on disparate gates
CHG: bump maxmemory to 32 MB (redis)
CHG: cookie storage restrictions (apnscpcore)
CHG: strict cookie policy (httpd.conf)
CHG: implement CSRF
CHG: move API Keys to Dev category for admin (Template)
CHG: disable rampart check for user privilege (Dashboard)
CHG: cleanup (Auth, Auth::Stub, ImpersonableTrait)
CHG: default mail,spam_filter to system defined (Service\Validators)
CHG: confirm deletion (Nexus)
CHG: mute provider key change if no key previously set (Admin\Settings)
CHG: warn if setting in config.ini does not previously exist (Admin\Settings)
CHG: dbasenum=-1 implies None (Service\Validators)
CHG: cleanup SOAP tests (tests)
CHG: convert fatal() macro calls into exceptions (soap)
CHG: NAT IP example (docs)
CHG: default to [letsencrypt] => verify_ip setting (SSL Certificates)
CHG: getHelpFromModules()- add second parameter to restrict help to specific service (Opcenter)
CHG: disable bandwidth,threshold if nonsensible usage detected (Service\Validators)
CHG: setting rampart,enabled=0 disllows delisting from panel (Dashboard)
CHG: cast billing,invoice to string (Service\Validators)
CHG: add bin_path(), script_path() (helpers)
CHG: rename rampart.whitelist to rampart.fail2ban-whitelist, deprecate whitelist usage. Balance feature with deprecated rampart.blacklist scope (Admin\Settings)
CHG: support alternative invocation in apnscp.cmd() (ajax)
CHG: specify banned services on announcement (Dashboard)
CHG: activate restarts or reloads depending upon state (Opcenter\Http)
CHG: warn if EditDomain required on service injection (Opcenter)
CHG: extract account metadata access to trait (AccountHelperTrait)
CHG: ignore IP present/absent errors in ipset (Net\Firewall)
CHG: accept true/false for enabled service parameters (Service\Validators)
CHG: account edits implicit flush metadata (Util::Account::Editor)
CHG: add rebuild notice on default invocation (scripts/mapCheck)
CHG: Composer versioning checks packagist.org (Support\Webapps)
CHG: iptables internal debugging (Net\Firewall)
CHG: update pip usage (Package Manager)
CHG: disambiguate tagless run (Admin\Bootstrapper)
CHG: revert Ansible pre-2.8 behavior on display of included tasks (Lararia\Jobs)
CHG: disable Composer progress in non-interactive terminals (upcp)
CHG: use language-specific max lengths (MySQL Manager, PostgreSQL Manager)
CHG: add(), remove() rules permanent between firewalld reloads (Net\Firewall)
CHG: IPv4, IPv6 detection (Opcenter\Net)
CHG: force filesystem reload on Postfix update to clear ghosted sendmail binary (Yum::Synchronizer)
CHG: always run plugins against packages (Yum::Synchronizer)
CHG: block upcp until Bootstrapper completes (upcp)
CHG: SQL_PREFIX must be compiled with distribution max length (Regex)
CHG: --reset retains branch (upcp)
CHG: namespace updates, PHP 7.x fixes for interactive mode (cli)
CHG: setConfig()- accept compound service notation (class,name) (Util::Account)
CHG: revert graham-campbell/markdown removal until future (composer.json)
CHG: bail on query error (mysql)
CHG: server name domain implies admin login (Login)
CHG: sort domains (DNS Manager)
CHG: sort domains (DNS Manager)
CHG: refactor admin:kill-site usage to suspend task (CLI\Transfer)
CHG: refactor (Database)
CHG: implicitly upgrade reload to restart if service marked "failed" (Opcenter\Http)
CHG: Linode, Vultr module update (Dns\Providers)
CHG: during PHP configuration, filter orphaned PostgreSQL package paths (build)
CHG: popover body click cancels active popover (Dashboard)
CHG: update docs
CHG: update renewal link (Change Billing)
CHG: force fail if reissuing certificate would result in loss of domain names from certificate (Webapps)
CHG: update icons (css)
CHG: ignore SSO in passwordless mode (Webmail)
CHG: implicitly convert internal marker plan to default plan (Opcenter\SiteConfiguration)
CHG: update version (config.ini)
CHG: update plan version (plans)
CHG: always authenticate self (apnscpd)
CHG: cache PHP version (Opcenter\Php)
CHG: update (docs)
CHG: add apache,webuser usage (docs)
CHG: update (docs)
CHG: conditionally include module-specific files in migration (Transfer)
CHG: disable unsetting mlist provider on toggle off (Service\Validators)
CHG: extract stream readers into general purpose (Migration)
CHG: blurb about configuring PowerDNS (Admin\Settings)
CHG: pass ; along with incomplete arglist (cpcmd)
CHG: default PHP-FPM (config.ini)
CHG: generalize blacklist module (Opcenter)
CHG: rename apnscp Scope namespace to cp (Admin\Settings)
CHG: socket_close() leaves the FD defined but unknown. Unset datastream socket explicitly for empty() check to operate as expected (apnscpd)
CHG: restore setPriority() behavior (Util::Process\Fork)
CHG: remove suspension when new threshold exceeds prior limit (Opcenter\Bandwidth)
CHG: bandwidth bin width now tuneable (config.ini)
CHG: bandwidth update (Opcenter)
CHG: 7.5 -> 7 platform fixup (Transfer)
CHG: ensure session properly initialized prior to contextless invocation (Module_Skeleton)
CHG: update (docs)
CHG: bypass notifications for locally originating commands (Auth)
CHG: update smarthost info (docs)
CHG: [dns] => proxy_ip[46] must be set to for hairpin check (HTTP)
CHG: requestReal()- return null if filtered set empty. Resolves empty set ambiguity during renewal (Letsencrypt)
CHG: improve nameserver reporting message (Addon Domains)
CHG: [anvil] => whitelist bypassed in IP restricted logins (Auth)
CHG: silence()- squelch runtime error macros (Error Reporter)
CHG: mail.smart-host, specifying :465 in host implies TLS wrappermode (Settings\Mail)
CHG: update, scope invocation (docs)
CHG: move AJAX functions to external library (ajax)
CHG: rename Notifications to Security (Summary)
CHG: extract non-specific IP validation to general utility (Net\IpCommon)
CHG: tolerate multiple inclusions (ajax)
CHG: default to default timezone (apnscpd)
CHG: update fail2ban prefix (config)
CHG: validate accessibility via strict protocol check (Cache::Mproxy)
CHG: calculate maildir path from admin home. shell entry in getpwnam may be different from admin home (Cpanel\Pathmap)
CHG: FLARE documentation (docs)
CHG: use short-hand notation on module properties. 11% reduction on session storage (apnscpfunction)
CHG: ensure parent domain is migrated first (transfersite)
CHG: missing FLARE component...
CHG: fallback locally in per-server API keystores (Transfer)
CHG: flip crontab off entirely (Cpanel\Pathmap)
CHG: cron dep orderingl (Cpanel\Pathmap)
CHG: disable cron when jailshell is set without cron (Cpanel\Pathmap)
CHG: scale up backlog depth (templates)
CHG: update FPM (docs)
CHG: expose "PHP_HANDLER" environment variable. Location of PHP-FPM dispatcher (templates)
CHG: set platform version (composer)
CHG: bump Horizon 2.0 (composer)
CHG: permit mixed case usernames (Database\PostgreSQL)
CHG: permit dash in database prefix (Regex)
CHG: check and synchronize pending domain changes (Transfer)
CHG: allow partial plans. Merge .skeleton/ defaults as needed (Opcenter)
CHG: extract evasive stanzas into templates (templates)
CHG: apache.evasive- align hash table size. Quiet warnings on non-evasive directives (Settings\Apache)
CHG: apache.php-version- add apnscp/php-filesystem-template role (Admin\Settings)
CHG: ignore password change on reconfiguration (Validators\Mysql)
CHG: perform orphan check before attempting to reuse site ID (Opcenter\Account)
CHG: update /var/log/php-fpm ownership (Opcenter\Provisioning)
CHG: improve robustness in failed creation cleanup (Opcenter\Account)
CHG: attempt Browscap conversion on success (Util\Browscap)
CHG: attempt next-level DNS validation whenever the given domain does not have DNS provisioned. Resolves situations in which a subdomain may be created as an addon domain within the panel (Letsencrypt\Solvers)
CHG: update WP maximal version, string literal boolean (tests)
CHG: update plans/ exclusion list (templates)
CHG: cleanup nullable references (Opcenter)
CHG: log unhandled exceptions buffer (Error Reporter)
CHG: housekeeping perm check (Crypto\Letsencrypt)
CHG: default primary server certificate to RSA (SSL)
CHG: bootstrap SSL on import (Migration)
CHG: disable certificate renewal in debug mode (letsencrypt)
CHG: set PHP requirement (composer)
CHG: make Bootstrapper task session leader (Lararia\Jobs)
CHG: remove Kelunik PHP, switch to AcmePHP
CHG: issue stop then start to ensure scope flags are propagated (Settings\Apache)
CHG: infer data type from config.ini. Resolves case where a falsy setting could never match "false" from command-line (Settings\Apnscp)
CHG: update VPATH PHP-FPM regex (templates)
CHG: setContext()- return self (ContextableTrait)
CHG: permit uppercase mysql username (Opcenter\Database)
CHG: skip missing subdomain configuration from userdata (Formats\Cpanel)
CHG: ignore socket_select()/stream_select() errors globally that occur during signals (apnscpcore)
CHG: -i specifies input source for cpcmd arguments (CLI)
CHG: normalize CPU weight to [1,1000] IO weight scale (System\Cgroup)
CHG: attempt automatic repair of corrupted AOF (Cache\Mproxy)
CHG: static anonymous functions
CHG: watchdog support, permit setgid/setuid calls within PHP-FPM service (templates)
CHG: run()- systemd-derived services default behavior is synchronous (Opcenter\System)
CHG: restructure PHP-FPM layout. Place sockets outside roots (Php\Fpm)
CHG: implement apache,webuser (Service\Validators)
CHG: suspend CLI session resumption in production until further notice (Auth::CLI)
CHG: update return type (BladeLite)
CHG: implement browscap.ini updates (Util::Browscap)
CHG: ignore asynchronous syscall interrupt in socket_select()
CHG: move FPM site configuration to /etc/php-fpm.d/sites (Opcenter\Provisioning)
CHG: getDeviceId(), getDeviceFromPath()- return major:minor in decimal (Filesytem)
CHG: override protective block on .php files when using PHP-FPM (resources/templates)
CHG: downgrade missing filelist to debug (Provisioning\Traits)
CHG: scrutinize preferred worker validity (apnscpd)
CHG: ioweight system default 100 (plans)
CHG: update ipset wait (tests)
CHG: allow write access to /var/tmp (Opcenter\Provisioning)
CHG: cgroup controllers context-aware (Opcenter\Provisioning)
CHG: add PHP-FPM icon (Dashboard)
CHG: disable delayed restart if backend maxed out (apnscpd)
CHG: array_build()- omit null returns (helpers)
CHG: gracefully handle interrupted syscalls from asynchronous signals (Datastream)
CHG: move Apache parent directory check to writeConfiguration (Opcenter\Provisioning)
CHG: make()- call from derived class implies static class as $type (System\Cgroup)
CHG: suppress asynchronous signal warnings in select (Util_Process)
CHG: update migration docs (docs)
CHG: update removal list (Formats\Cpanel)
CHG: skip "cptmpdb" grants (Formats\Cpanel)
CHG: disabling disk quota no longer disables inode quota (Service\Validators)
CHG: strip cPanelesque corruption of shadow to disable login when encountered (Opcenter\Migration)
CHG: move site hijack to Dashboard. Site may not have user service enabled, which would disallow postback to Manage Users controller (Layout)
CHG: anticipatory panel version bump (config.ini)
CHG: ServiceExplicitReconfiguration implies ServiceReconfiguration (Opcenter\Service)
CHG: update unit tests, 's' session name support dropped in ajax test. Add 1 second sleep to allow ipset to catchup delisting IP (tests)
CHG: move IP lookup to browser (Whitelist)
CHG: rampart,whitelist cast scalar (Validators\Rampart)
CHG: merge custom getopts (cmd)
CHG: delay instantiation of remediator until data population (Opcenter\Migration)
CHG: implicitly quote .my.cnf values (Opcenter\Database)
CHG: flip gold/bfd priority in binutils (Plugins\Trigger)
CHG: update usage (scripts/change_dns)
CHG: support A/AAAA address change, arbitrary IP/TTL adjustment (scripts/change_dns)
CHG: domain source to domains on server (DNS Manager)
CHG: warn if ini contains unparseable characters without surrounding quotes (Opcenter\Map)
CHG: set placeholder (DNS Manager)
CHG: allow apnscp.config adjustments to accumulate into a 1 minute window (Settings\Apnscp)
CHG: prep for PHP-FPM
CHG: prefix change triggers session logout (Validators\Mysql)
CHG: show matching meta on search results (Nexus)
CHG: add webmail subdomainss for suggested SSL population (SSL Certificates)
CHG: trim domain from login (Login)
CHG: check if transport may be added first. cPanel leaves behind orphaned email accounts (Migration\Formats)
CHG: set theme default (Terminal)
CHG: trim trailing forward slash (Formats\Cpanel)
CHG: check file size and memory limits for in-situ import (Formats\Cpanel)
CHG: use pigz when present (Opcenter\Migration)
CHG: apache,subnum default limit unlimited. 0 implies disabled (Service\Validators)
CHG: disable memory limit on import (Opcenter\Account)
CHG: switching DNS providers triggers population (Service\Validators)
CHG: normalize database (Database)
CHG: filter duplicate hostname/RR/parameter records (Formats\Cpanel)
CHG: default new user to original user (Formats\Cpanel)
CHG: semicolon (Formats\Cpanel)
CHG: support catch-all parsing (Formats\Cpanel)
CHG: apply default ACLs to web app owner in learning mode (Web Apps)
CHG: support reading of wildcard MySQL grants (Cpanel\Pathmap)
CHG: add SEC tag (changelogparser)
CHG: add Login As to edit view (Nexus)
CHG: conditionally link to apps (Summary)
CHG: import MAXSUB limit (Formats\Cpanel)
CHG: conditionally import apnscp DNS entries, including UUID tracking (Formats\Cpanel)
CHG: custom-select:disabled update (css)
CHG: fromSiteDomainMap() returns null if map missing (Http\Apache)
CHG: disambiguate MustBeEnabled service parameters (Nexus)
CHG: default remediation profile fail (Opcenter\Migration)
CHG: register admin tasks after import
CHG: ignore "class" field in AXFR. Not all DNS mediums report this record in AXFR, such as cPanel PowerDNS with BIND backend (Regex)
CHG: .editorconfig support
CHG: Update directives (Support\Personality)
CHG: multi-ip support (CLI\Transfer)
CHG: default provider (tests)
CHG: change_dns IPv6 support (scripts)
CHG: autoload surrogate in DNS population (Service\Validators)
CHG: purge metadata cache on creation (Opcenter\Account)
CHG: cPanel migration update (Opcenter\Migration)
CHG: update RR placeholders (DNS Manager)
CHG: refer to public IP (SSL Certificates)
CHG: report public IP address (Template\Engine)
CHG: GenericDomainMap forces lowercase on domain (Service\Validators)
CHG: load vendor prior to config parser. Switch to Symfony for Yaml 1.2 spec (apnscpcore)
CHG: bypass service check when disabled (User Manage)
CHG: instantiate contexted modules iff session ID differs from context ID (Module\Skeleton)
CHG: purge etc, public_ftp, tmp from backup (Formats\Cpanel)
CHG: conditionally disable/terminate services (Validators\Mail)
CHG: code update (Mail\Providers)
CHG: cleanup PAM handler instantiation (Provisioning\Pam)
CHG: check if group exists prior to creation (GroupCreationTrait)
CHG: skip category display when empty (Template\Engine)
CHG: rename index to master (views)
CHG: gracefully handle exceptions generated within domain wrappers (Opcenter)
CHG: rename createAuthContext() to getAuthContext() (Opcenter\SiteConfiguration)
CHG: downgrade auth,XXX clear to debug (Service\Validators)
CHG: resolve passwd at run-time (Opcenter\Role)
CHG: remove group ownership on fst/ (Opcenter\Provisioning)
CHG: null provider bypass zone management (Dns\Providers)
CHG: check license once per 24 hours (apnscpd)
CHG: mail.enabled- add software/haproxy to task (Admin\Settings)
CHG: fork inherits effective UID (Util_Process)
CHG: job runner drops root for apnscp system user unless requested (Lararia)
CHG: user, euser options set uid, euid respectively on fork (Util_Process::Fork)
CHG: TERM graceful shutdowns (apnscpd)
CHG: move _setArgs() callback usage to synthesizeCommand(), occurs after command is parsed. Prevents accidental escaping of poorly formatted arguments in which empty arguments are skipped in parameter list (Util_Process)
CHG: rename method name, polly -> polyfill (afi)
CHG: upgrade errors to exceptions (Dav)
CHG: use null return type if domain not found (Auth::Redirect)
CHG: apply option as option callback (Util::Process)
CHG: run job daemon as apnscp system user (Lararia)
CHG: apnscp system user authentication equivalency (Auth::CLI)
CHG: billing must always be enabled (Service\Validators)
CHG: remove esprit_id from $_GET after resumption (apnscpSession)
CHG: session resumption code (apnscpsession)
CHG: drop esprit_id on set (apnscpsession)
CHG: move session resumption to init (apnscpSession)
CHG: ignore generating CSRF if it cannot be sent to browser (Auth::UI)
CHG: cache class => configuration translation (Opcenter\Service)
CHG: update billing renewal link (Template\Engine)
CHG: collapse anonymous ini sections when section is "" (Opcenter\Map)
CHG: graceful recovery from housekeeping error (apnscpd)
CHG: randomize TTL (tests)
CHG: XSS restrictions (httpd.conf)
CHG: bump Cloudflare version
CHG: remove develoment code (Opcenter)
CHG: skip pause() if stdin is not writeable (Opcenter)
CHG: flatten configuration up to lists (config)
CHG: wording (Web Apps)
CHG: disambigutate filter wording (Web Apps)
CHG: immediately set sysconfig/apnscp on update policy change (Admin\Settings)
CHG: escape objects that implement __toString (Util_Process::Safe)
CHG: update dependencies
CHG: ensure major/minor/patch versions reported as integers per semantic versioning. Version reports dirty build. Add 'dirty', 'ver_pre' fields (Opcenter)
CHG: Actions alignment (Manage Users)
CHG: auto-import all values defined in db.yaml/auth.yaml/config.ini (config)
CHG: label file browser actions (apnscp.js)
CHG: nextSemanticVersion() $limit null equivalent to 'none' (Opcenter\Versioning)
CHG: ignore setting TTL if value is nulled (Opcenter\Dns)
CHG: discard NS/SOA records when restoring zone (DNS Manager)
CHG: missing commit from #d1e45db8 (BladeLite)
CHG: service value now editable by provider validator (Dns\Providers)
CHG: add array check (Opcenter\Service)
CHG: use CliParse to translate edit parameters into command on 7.5+ platforms (Util::Account::Editor)
CHG: network-restricted licensing options (Opcenter)
CHG: rename CSRF cookie from _token (Auth::UI)
CHG: cleanup CSRF cookie path (Auth::UI)
CHG: postback cleanup (Auth::UI)
CHG: ignore restoring impersonator on disparate gates
CHG: bump maxmemory to 32 MB (redis)
CHG: cookie storage restrictions (apnscpcore)
CHG: strict cookie policy (httpd.conf)
CHG: implement CSRF
CHG: move API Keys to Dev category for admin (Template)
CHG: disable rampart check for user privilege (Dashboard)
CHG: cleanup (Auth, Auth::Stub, ImpersonableTrait)
CHG: default mail,spam_filter to system defined (Service\Validators)
CHG: confirm deletion (Nexus)
CHG: mute provider key change if no key previously set (Admin\Settings)
CHG: warn if setting in config.ini does not previously exist (Admin\Settings)
CHG: dbasenum=-1 implies None (Service\Validators)
CHG: cleanup SOAP tests (tests)
CHG: convert fatal() macro calls into exceptions (soap)
CHG: NAT IP example (docs)
CHG: default to [letsencrypt] => verify_ip setting (SSL Certificates)
CHG: getHelpFromModules()- add second parameter to restrict help to specific service (Opcenter)
CHG: disable bandwidth,threshold if nonsensible usage detected (Service\Validators)
CHG: setting rampart,enabled=0 disllows delisting from panel (Dashboard)
CHG: cast billing,invoice to string (Service\Validators)
CHG: add bin_path(), script_path() (helpers)
CHG: rename rampart.whitelist to rampart.fail2ban-whitelist, deprecate whitelist usage. Balance feature with deprecated rampart.blacklist scope (Admin\Settings)
CHG: support alternative invocation in apnscp.cmd() (ajax)
CHG: specify banned services on announcement (Dashboard)
CHG: activate restarts or reloads depending upon state (Opcenter\Http)
CHG: warn if EditDomain required on service injection (Opcenter)
CHG: extract account metadata access to trait (AccountHelperTrait)
CHG: ignore IP present/absent errors in ipset (Net\Firewall)
CHG: accept true/false for enabled service parameters (Service\Validators)
CHG: account edits implicit flush metadata (Util::Account::Editor)
CHG: add rebuild notice on default invocation (scripts/mapCheck)
CHG: Composer versioning checks packagist.org (Support\Webapps)
CHG: iptables internal debugging (Net\Firewall)
CHG: update pip usage (Package Manager)
CHG: disambiguate tagless run (Admin\Bootstrapper)
CHG: revert Ansible pre-2.8 behavior on display of included tasks (Lararia\Jobs)
CHG: disable Composer progress in non-interactive terminals (upcp)
CHG: use language-specific max lengths (MySQL Manager, PostgreSQL Manager)
CHG: add(), remove() rules permanent between firewalld reloads (Net\Firewall)
CHG: IPv4, IPv6 detection (Opcenter\Net)
CHG: force filesystem reload on Postfix update to clear ghosted sendmail binary (Yum::Synchronizer)
CHG: always run plugins against packages (Yum::Synchronizer)
CHG: block upcp until Bootstrapper completes (upcp)
CHG: SQL_PREFIX must be compiled with distribution max length (Regex)
CHG: --reset retains branch (upcp)
CHG: namespace updates, PHP 7.x fixes for interactive mode (cli)
CHG: setConfig()- accept compound service notation (class,name) (Util::Account)
CHG: revert graham-campbell/markdown removal until future (composer.json)
CHG: bail on query error (mysql)
CHG: server name domain implies admin login (Login)
CHG: sort domains (DNS Manager)
CHG: sort domains (DNS Manager)
CHG: refactor admin:kill-site usage to suspend task (CLI\Transfer)
CHG: refactor (Database)
CHG: implicitly upgrade reload to restart if service marked "failed" (Opcenter\Http)
CHG: Linode, Vultr module update (Dns\Providers)
CHG: during PHP configuration, filter orphaned PostgreSQL package paths (build)
CHG: popover body click cancels active popover (Dashboard)
CHG: update docs
CHG: update renewal link (Change Billing)
CHG: force fail if reissuing certificate would result in loss of domain names from certificate (Webapps)
CHG: update icons (css)
CHG: ignore SSO in passwordless mode (Webmail)
CHG: implicitly convert internal marker plan to default plan (Opcenter\SiteConfiguration)
CHG: list_commands()- sort modules (misc)
CHG: cache PHP version (php)
CHG: add FS_METHOD to new installs, reserved for future usage (wordpress)
CHG: refactor (majordomo)
CHG: delete()- cleanup remapped systemd users (user)
CHG: schedule_api_cmd_admin()- pass multimode flag when command count exceeds 1 (pman)
CHG: get_quota_history()- switch data source to Postgres (user)
CHG: refactor (bandwidth)
CHG: reference total memory instead o available as limit (cgroup)
CHG: refactor address validation to Opcenter\Net (rampart)
CHG: bypass loading packages on invocation (wordpress)
CHG: expose request, append to admin (letsencrypt)
CHG: cap limit to "memory available" (total - rss - vsz) instead of free, which includes buffers/dentry/inode caches (cgroup)
CHG: cap "free" memory to reasonable limits (cgroup)
CHG: defer wp-cli initialization until FST built (wordpress)
CHG: restrict bootstrap to first 100 hostnames (letsencrypt)
CHG: is_ca()- match against staging fingerprint (letsencrypt)
CHG: expose zone_exists() to admin (dns)
CHG: takeover_user()- update return type (file)
CHG: stat()- check referent before stat attempt (file)
CHG: extract process management to Opcenter\Process (pman)
CHG: collect()- collapse nested $params input (admin)
CHG: add_subdomain()- set placeholder (web)
CHG: takeover_user() accepts / path (file)
CHG: rename get_records() to provisioning_records(). Consistency change to reflect dns:provisioning-records() (email)
CHG: whitelist() determined by panel version (rampart)
CHG: whitelist()- reset account metadata on whitelist modification (rampart)
CHG: get_records()- update phpdoc (email)
CHG: database, domain, username self-service may be toggled (modules)
CHG: expand permissions for basic zone operations to admin (dns)
CHG: prep for PHP-FPM
CHG: reserve scope module for future use (modules)
CHG: collect()- support [], null parameters (admin)
CHG: escape tsig (dns)
CHG: add_subdomain()- respect web,subnum limit (web)
CHG: wp-cli permissions (wordpress)
CHG: common:get-ip-address dereferencing (php)
CHG: remove_virtual_transport()- enumerate mailing lists only if enabled (email)
CHG: import()- handle all RR from module (dns)
CHG: get_acls()- cast UID to int (file)
CHG: update handling of common:get-ip-address()
CHG: update limits (letsencrypt)
CHG: link wp-cli to /usr/bin (wordpress)
CHG: owned_zone() returns true if zone previously detached from account pending configuration sync (dns)
CHG: get_public_ip{,6}()- null return when service not configured (dns)
CHG: get_public_ip{,6}- pop if singular address (dns)
CHG: cleanup DNS record check algorithm (email, web)
CHG: record_exists()- set RD 0 in query. Instructs authoritative response from split-view resolvers (dns)
CHG: validate WP-CLI consistency (wordpress)
CHG: record_exists()- cache unreachable resolvers to avoid repeated timeouts (dns)
CHG: add()- squelch email disablement notice if email not enabled for account (user)
CHG: add()- downgrade service enablement to info (user)
CHG: domains attached via aliases,aliases may be attached to an account via aliases:add-domain bypassing conventional checks (aliases)
CHG: export()- sgid/suid routines (mysql, pgsql)
CHG: export_pipe_real()- drop permissions on fork (mysql, pgsql)
CHG: run()- support contextability (pman)
CHG: domain_hosted()- add lookup check from cp-proxy (dns)
CHG: address_exists()- restrict querying email addresses for unauthorized domains (email)
CHG: restore_mailboxes()- attempt to create transport first otherwise skip invalid transports (email)
CHG: move DNS provisioning to service validation on v7.5+ (dns)
CHG: always use PHP_BINARY for ACME usage (letsencrypt)
CHG: put_file_contents_backend()- fail when fopen() fails (file)
CHG: workaround for Nonfatal=Override directives in .htaccess (joomla, drupal)
CHG: tie module commands to mlist state (majordomo)
CHG: default concurrency limit to [mysql] => concurrency_limit (mysql)
CHG: get_customer_since()- pull from billing,ctime if set (billing)
CHG: is_demo()- flexible demo invoice (auth)
CHG: unsafe implementation to fetch DB credentials (magento)
CHG: remove_zone()- revoke direct access relying on hooks/API calls within dns module. Consequently move DNS provisioning to dns module (dns)
CHG: get_plan accepts null parameter (admin)
CHG: limit preferences cache to 1 hour (common)
CHG: alias deactivate_site() to suspend_site() (admin)
CHG: create theme directory if not exists (admin)
CHG: test oob messages (tests)
CHG: list_commands()- drop numerical indices (misc)
CHG: update haproxy SSL certificate on install (email)
CHG: update reload hook usage (ssl)
CHG: update _reload() references (email, ftp, rampart)
CHG: admin may now delegate (rampart)
CHG: set fetch mode (discourse)
CHG: link public/storage (laravel)
CHG: extract get_version() to utility class (discourse, ghost, laravel)
CHG: detect/remove zero-byte cached configuration (misc)
CHG: database connection limits tunable (mysql, pgsql)
CHG: increase allowable database prefix length to schema definition (sql)
CHG: add()- update quota check (user)
CHG: support custom diskquota,units (site)
CHG: API cleanup (user)
CHG: rewrite AOF during housekeeping (misc)
CHG: normalize_path()- API update (web)
CHG: preserve TXT records with multiple quotes (dns)
CHG: module update (aliases)
CHG: module cleanup. Reflect database identifier max size (mysql, pgsql)
CHG: reduce memory requirement to 1.5 GB (discourse)
CHG: follow http => https redirects in domain validation (aliases)
CHG: theme_status()- permit 0 detected themes (wordpress)
CHG: append() implies strict (letsencrypt)
CHG: refactor modules into separate Opcenter helpers (letsencrypt, ssl)
CHG: idempotency improvements (migrations)
CHG: disable sender_canonical_maps on ESMTPA intake (mail/configure-postfix)
CHG: enable Delegation for cgconfig (system/cgroup)
CHG: platform bump 8.0 (apnscp-internals)
CHG: set USEDNS= to disallow dhcp override in network settings (common/update-config)
CHG: update panel code on restart (common/fail-and-save)
CHG: addin usage works outside the addin task list (common/addin)
CHG: set HOME= (software/etckeeper)
CHG: place newly mounted layer topmost (apnscp/install-services)
CHG: update rspamd v2 library deps (mail/rspamd)
CHG: strip [SPAM] (SCORE) header from reclaimed mail (mail/configure-dovecot)
CHG: breakout hypertable conversions (apnscp/initialize-db)
CHG: alias apnscp to apiscp (apnscp/bootstrap)
CHG: add separate set of emergency Postfix constraints for unlinked main.cf (mail/configure-postfix)
CHG: autopopulate proxied IPv4/IPv6 addresses (apnscp/bootstrap)
CHG: disable Timescale telemetry (pgsql/install)
CHG: enabling TLS encryption in SMTP enables wrappermode (mail/configure-postfix)
CHG: delay fail2ban processing until later (fail2ban/configure-jails)
CHG: disallow SRS rewrites on locally originating messages (mail/configure-postfix)
CHG: bump VSZ limit to 512 MB for use with large (> 15 GB) mailboxes (mail/configure-dovecot)
CHG: prioritize whitelist (network/setup-firewall)
CHG: idempotency (apnscp/install-services)
CHG: reprioritize fsmount as part of local-fs (apnscp/install-services)
CHG: reload FST on package install (apnscp/initialize-filesystem-template)
CHG: kdump part of apnscp_debug setting (system/kernel)
CHG: centos_7.7_hotfixes - ignore errors on empty servers (migrations)
CHG: conditionally alter kdump service on availability (system/kernel)
CHG: CentOS 7.7 migrations (migrations)
CHG: bwcron service ordering after apnscp (apnscp/install-services)
CHG: disable kdump when experimental kernel enabled (system/kernel)
CHG: downgrade mail failure to warning (apnscp/notify-installed)
CHG: reattempt installation 3 times (common/fail-and-save)
CHG: overwrite [cron] => low_memory on has_low_memory, persist [crm] => reply_address (apnscp/bootstrap)
CHG: purge descriptor orphange on boot (software/tmpfiles)
CHG: ACME v1 => v2 migration (migrations)
CHG: trigger handler (migrations)
CHG: harden fail2ban (fail2ban/configure-jails)
CHG: backport 0.8 Postfix filter to 0.10. fail2ban detects rspamd greylisting with default filter (fail2ban/configure-jails)
CHG: 0.10 fixes (roles/fail2ban)
CHG: restart Dovecot on configuration removal (mail/configure-dovecot)
CHG: reduce DB retention from 90 days to recidive + 5 days (fail2ban/configure-jails)
CHG: normalize CPU weight to IO (migrations)
CHG: cleanup config.ini provisioning (apnscp/bootstrap)
CHG: update PHP i18n dependencies (migrations)
CHG: link upcp, cpcmd to /usr/local/sbin (apnscp/link-bins)
CHG: use /var/tmp for larger temporary files (software/tmpfiles)
CHG: [ssh] => embed_terminal depends upon sshd_pubkey_only (system/sshd)
CHG: add pigz package (packages/install)
CHG: update setuptools for ruaml dependencies (packages/install)
CHG: apply global lock_timeout (bootstrap)
CHG: updating /tmp attributes requires service reload (filesystem/make-mounts)
CHG: disable opcache_invalidate. Blocked by opcache.restrict_api setting (php/create-configuration)
CHG: parameterize inode limit (filesystem/make-mounts)
CHG: add app idle timeout (software/passenger)
CHG: bump clamd@scan startup timeout to 3m (clamav/setup)
CHG: inject or update ServerName (apache/configure)
CHG: always use null provider to test (apnscp/assert-account-works)
CHG: integrity check (migrations)
CHG: add 2 minute wait for integrity job to acquire lock. Potentially resolves situations in which integrity check fails to complete during monthly cron run (apnscp/crons)
CHG: Redis migration (migrations)
CHG: specify working directory (playbooks)
CHG: retain clamav_enabled state for future use (migrations)
CHG: disable ClamAV on machines < 3 GB (apnscp-vars.yml)
CHG: filter ssh DDoS attempts (fail2ban/configure-jails)
CHG: support su siteXX notation (apnscp/admin-helper)
CHG: filter SASL logins (fail2ban/configure-jails)
CHG: misc cleanups (mail/rspamd, mysql/install)
CHG: standardize pip binaries to ~/.local/bin (software/pyenv)
CHG: set CAP_SYS_NICE capability (mysql/install)
CHG: possible collision in stat check variable (common/addin)
CHG: update apnscp macros (apnscp/bootstrap)
CHG: rename APNSCP_HOME to APNSCP_ROOT (apnscp/admin-helper)
CHG: add apnscp_root rpm macro (apnscp/bootstrap)
CHG: remove /etc/init.d/mysql (mysql/install)
CHG: migration, any-version update, sshd pubkey access (migrations)
CHG: "~" usage deprecated, use "stop". "~" is seen to cause segfaults on certain VMs, such as UpCloud (system/rsyslog)
CHG: include pyenv-virtualenv plugin (software/pyenv)
CHG: run haproxy after Dovecot + Postfix changes (bootstrap.yml)
CHG: Ansible 2.12 deprecation fixes in when: condition
CHG: move apnscp_user_defaults to internals (bootstrap.yml)
CHG: raise fail2ban timeout (fail2ban/configure-jails)
CHG: MariaDB changes (migrations)
CHG: extract database versions to apnscp-internals.yml (packages/install)
CHG: enable Brotli by default. Add Brotli to FST (apnscp/initialize-filesystem-template)
CHG: honor reject on DMARC quarantine (mail/rspamd)
CHG: extend timeout for IDLE support (software/haproxy)
CHG: prune multiple experimental kernels (system/kernel)
CHG: DMARC quarantine action rewrites + tags (mail/rspamd)
CHG: PostgreSQL repo migration (playbooks)
CHG: update PostgreSQL repo layout (packages/install)
CHG: update PostgreSQL 11 repo rpm (packages/install)
CHG: disallow posix_getpwnam globally (php/create-configuration)
CHG: modprobe tcp_bbr (system/sysctl)
CHG: validate elrepo.repo exists (system/kernel)
CHG: enable CoDel queueing, BBR congestion control (system/sysctl)
CHG: enable sshd keepalives (system/sshd)
CHG: update DMARC disposition (mail/rspamd)
CHG: swap robust DNS resolvers on demand (apnscp-vars)
CHG: network retry (software/passenger, software/rbenv)
CHG: record spam filter preference (mail/spamassassin)
CHG: record spam filter preference (mail/spamassassin)
CHG: up socket backlog, set reserved ports (system/sysctl)
CHG: anchor X-Spam-Score pattern (mail/maildir)
CHG: implement subject rewrite + X-Spam-Score header. Close out issue #14 (mail/rspamd)
CHG: defer rspamd deletion to rejection threshold (mail/maildir)
CHG: set HOME= (software/etckeeper)
CHG: set USEDNS= to disallow dhcp override in network settings (common/update-config)
CHG: update panel code on restart (common/fail-and-save)
CHG: set [httpd] => use_fpm (apnscp/php-filesystem-template)
CHG: autopopulate proxied IPv4/IPv6 addresses (apnscp/bootstrap)
CHG: enabling TLS encryption in SMTP enables wrappermode (mail/configure-postfix)
CHG: prioritize whitelist (network/setup-firewall)
CHG: idempotency (apnscp/install-services)
CHG: reload FST on package install (apnscp/initialize-filesystem-template)
CHG: centos_7.7_hotfixes - ignore errors on empty servers (migrations)
CHG: CentOS 7.7 migrations (migrations)
CHG: bwcron service ordering after apnscp (apnscp/install-services)
CHG: downgrade mail failure to warning (apnscp/notify-installed)
CHG: reattempt installation 3 times (common/fail-and-save)
CHG: purge descriptor orphange on boot (software/tmpfiles)
CHG: harden fail2ban (fail2ban/configure-jails)
CHG: backport 0.8 Postfix filter to 0.10. fail2ban detects rspamd greylisting with default filter (fail2ban/configure-jails)
CHG: 0.10 fixes (roles/fail2ban)
CHG: backport PHP-FPM migration (migrations)
CHG: restart Dovecot on configuration removal (mail/configure-dovecot)
CHG: reduce DB retention from 90 days to recidive + 5 days (fail2ban/configure-jails)
CHG: update PHP i18n dependencies (migrations)
CHG: add pigz package (packages/install)
CHG: update setuptools for ruaml dependencies (packages/install)
CHG: apply global lock_timeout (bootstrap)
CHG: updating /tmp attributes requires service reload (filesystem/make-mounts)
CHG: disable opcache_invalidate. Blocked by opcache.restrict_api setting (php/create-configuration)
CHG: parameterize inode limit (filesystem/make-mounts)
CHG: add app idle timeout (software/passenger)
CHG: bump clamd@scan startup timeout to 3m (clamav/setup)
CHG: inject or update ServerName (apache/configure)
CHG: always use null provider to test (apnscp/assert-account-works)
CHG: integrity check (migrations)
CHG: add 2 minute wait for integrity job to acquire lock. Potentially resolves situations in which integrity check fails to complete during monthly cron run (apnscp/crons)
CHG: Redis migration (migrations)
CHG: specify working directory (playbooks)
CHG: disable ClamAV on machines < 3 GB (apnscp-vars.yml)
CHG: retain clamav_enabled state for future use (migrations)
CHG: filter ssh DDoS attempts (fail2ban/configure-jails)
CHG: support su siteXX notation (apnscp/admin-helper)
CHG: filter SASL logins (fail2ban/configure-jails)
CHG: standardize pip binaries to ~/.local/bin (software/pyenv)
CHG: possible collision in stat check variable (common/addin)
CHG: backport apnscp 3.1 changes (mail/rspamd)
CHG: ignore deprecation warnings in 3.0 branch (bootstrapper)
CHG: update apnscp macros (apnscp/bootstrap)
CHG: rename APNSCP_HOME to APNSCP_ROOT (apnscp/admin-helper)
CHG: add apnscp_root rpm macro (apnscp/bootstrap)
CHG: migration, any-version update, sshd pubkey access (migrations)
CHG: "~" usage deprecated, use "stop". "~" is seen to cause segfaults on certain VMs, such as UpCloud (system/rsyslog)
CHG: include pyenv-virtualenv plugin (software/pyenv)
CHG: move apnscp_user_defaults to internals (bootstrap.yml)
CHG: raise fail2ban timeout (fail2ban/configure-jails)
CHG: MariaDB changes (migrations)
CHG: extract database versions to apnscp-internals.yml (packages/install)
CHG: enable Brotli by default. Add Brotli to FST (apnscp/initialize-filesystem-template)
CHG: PostgreSQL repo migration (playbooks)
CHG: update PostgreSQL repo layout (packages/install)
CHG: update PostgreSQL 11 repo rpm (packages/install)
CHG: swap robust DNS resolvers on demand (apnscp-vars)
CHG: network retry (software/passenger, software/rbenv)
CHG: record spam filter preference (mail/spamassassin)
REM: non-blocking behavior (apnscpd)
REM: unnecessary date reformatting (tabulate bandwidth)
REM: Magento 2.x support
REM: blocking mode (apnscpd)
REM: debug code (IpRestrictor)
REM: America/New_York default timezone setting. Inherit system default (php.ini)
REM: fpm generator marker (templates)
REM: socket closure in destructor (apnscpd)
REM: previous joomlatools phars (storehouse)
REM: sticky dropdown (Layout)
REM: "s" session name support (AJAX)
REM: provider, AlwaysValidate property (Validators\Dns)
REM: consistency check, accomplished by in-situ compression (Opcenter\Migration)
REM: memory limit (Opcenter\Migration)
REM: Spyc
REM: implicit pop from single item arrays (AccountInfoTrait)
REM: email from options when provider is null (Manage Users)
REM: self-signing, ignore purpose check. Relay on issuer DN matching subject DN (Crypto)
REM: cp, chown sudo support
REM: add_* ER wrapper functions (Page Container)
REM: job daemon run-as (Lararia)
REM: old ER wrapper usage (DNS Manager)
REM: Ensim backwards compatibility (Auth::UI)
REM: SpamAssassin Config when spam filter is rspamd (Template Engine)
REM: cleanup reg domain message (Addon Domains)
REM: set_level() (afi)
REM: stray import (License)
REM: apisnetworks reference (Crontab)
REM: duplicate code (Nexus)
REM: Twilio usage (config)
REM: cleanup (composer.json)
REM: non-blocking behavior (apnscpd)
REM: unnecessary date reformatting (tabulate bandwidth)
REM: Magento 2.x support
REM: blocking mode (apnscpd)
REM: debug code (IpRestrictor)
REM: America/New_York default timezone setting. Inherit system default (php.ini)
REM: fpm generator marker (templates)
REM: socket closure in destructor (apnscpd)
REM: previous joomlatools phars (storehouse)
REM: sticky dropdown (Layout)
REM: "s" session name support (AJAX)
REM: provider, AlwaysValidate property (Validators\Dns)
REM: consistency check, accomplished by in-situ compression (Opcenter\Migration)
REM: memory limit (Opcenter\Migration)
REM: Spyc
REM: implicit pop from single item arrays (AccountInfoTrait)
REM: email from options when provider is null (Manage Users)
REM: self-signing, ignore purpose check. Relay on issuer DN matching subject DN (Crypto)
REM: cp, chown sudo support
REM: add_* ER wrapper functions (Page Container)
REM: job daemon run-as (Lararia)
REM: old ER wrapper usage (DNS Manager)
REM: Ensim backwards compatibility (Auth::UI)
REM: SpamAssassin Config when spam filter is rspamd (Template Engine)
REM: cleanup reg domain message (Addon Domains)
REM: set_level() (afi)
REM: stray import (License)
REM: apisnetworks reference (Crontab)
REM: duplicate code (Nexus)
REM: Twilio usage (config)
REM: cleanup (composer.json)
REM: code cleanup (file)
REM: verco (modules)
REM: key limit for admin (auth)
REM: zone deletion within delete hook on v7.5+ platforms (dns)
REM: record_exists()- authoritative nameservers are not necessary to query the existence of a record with providers (dns)
REM: v5 backwards compatibility (email)
REM: duplicate account cache flush. Flush handled by Util::Account::Hooks (aliases)
REM: getResultCode() usage (watch)
REM: TXT multi-quote reformatting (dns)
REM: canonical rewrites on submission ports 587/465. Canonical rewrites reform forwarded mail to avoid SPF failures, which does not follow similar treatment when mail arrives over an ESMTP-authenticated session (mail/configure-postfix)
REM: hypertable creation (migrations)
REM: initialize-db task from 2019/10/07 migration, initialized later point otherwise breaks pending migrations (migrations)
REM: hugepage usage - sporadic deadlocks in semop() syscalls (apnscp/php-filesystem-template)
REM: postgresql-libs removal from migration, RPM pulls all dependencies? (migrations)
REM: unnecessary service restarts that break mail service toggle (software/haproxy, mail/configure-postfix)
REM: MariaDB 5.5 support (mysql/install)
REM: coolkey, PC/SC packages (packages/install)
REM: stray code (apnscp/initialize-db)
REM: postgresql-libs removal from migration, RPM pulls all dependencies? (migrations)
REM: unnecessary service restarts that break mail service toggle (software/haproxy, mail/configure-postfix)
REM: MariaDB 5.5 support (mysql/install)
REM: stray code (apnscp/initialize-db)