Back to Changelog
v4.5.173
Consolidated release covering migration discovery opt-in change, AppArmor full system-wide profile visibility with Settings tab, mode control for all profile types, profile detail modal with execution chain visualisation, and Docker PHP Runtime manager UI.
New Features
13- AppArmor Profiles tab now shows all kernel-loaded profiles (100+) instead of only Panelica-managed profiles. Profiles are categorized: Panelica, PHP-FPM, Snap, Docker, Container, System, Other
- AppArmor Profiles tab: search by profile name and filter by category (with counts) and mode (enforce/complain/disabled/unconfined)
- AppArmor Profiles tab: Managed and Read-only badges distinguish editable Panelica profiles from system/Snap/Docker profiles that are visible but cannot be modified from the panel
- New AppArmor Settings tab with system statistics: kernel profile counts, cache size, profile file count, and last reload time
- AppArmor Settings tab: AppArmor system service toggle (enable/disable) with confirmation dialog
- AppArmor Settings tab: Reload All Profiles button — triggers a full apparmor_parser reload for all system profiles
- AppArmor Settings tab: Clear Profile Cache button — removes compiled AppArmor profile cache
- AppArmor Settings tab: Bulk mode buttons (Enforce All / Complain All / Disable All) — applies mode change to all Panelica-managed profiles at once
- AppArmor Settings tab: Clear Event Logs button — removes stored AppArmor security events from the database
- All AppArmor profile types (snap, docker, system, managed) now display Enforce / Complain / Disabled toggle buttons in the Profiles tab
- Click any AppArmor profile row (Snap, Docker, system, or Panelica-managed) to open a detail modal with full profile name and one-click copy-to-clipboard
- Execution chain visualisation in the profile detail modal: nested AppArmor profiles using the //null- syntax are displayed as parent and child exec segments on separate lines
- Docker PHP Runtime manager: visual interface for managing PHP 5.6-7.4 legacy isolated runtimes
Improvements
11- Operators must explicitly select sites via the Select All / Deselect All toolbar before analysis begins. On a 143-domain Plesk source this avoids ~1.5h of unintended background analysis before any user choice.
- All destructive actions in the AppArmor Settings tab require SweetAlert2 confirmation before executing
- 53 new i18n keys added to the English translation bundle for AppArmor UI strings
- Non-managed profiles (snap/docker/system) show a SweetAlert2 warning before mode change: package upgrades may revert mode on next install
- Replaced Read-only badge with Kernel-only badge (ri-cpu-line icon) for kernel-tracked profiles that are not in Panelica database
- Kernel-only tooltip explains: Profile is loaded in the kernel but not tracked in Panelica database; snap/docker/system profiles may reset mode on package upgrade
- Mode change triggers optimistic row update and counter refresh without full page reload
- Profile detail modal shows metadata grid (Category, Current Mode, Status) and mode action buttons (Enforce / Complain / Disable) for managed profiles
- Non-managed profiles (kernel-only) show a warning that package upgrades may revert manual mode changes
- Cron job management page: improved scheduling UI with enhanced expression editor
- i18n 31-language parity update ensuring consistent translations across all supported languages
Bug Fixes
2- Migration discovery: V2 quick domain list is now opt-in instead of opt-out. The Start Full Discovery button no longer triggers deep analysis across every domain on the source by default.
- Long AppArmor profile names no longer break the table layout; names are truncated at 320px with hover tooltip showing the full name