We simplify administration with Webmin. Linux Administration

Signs of pregnancy after embryo implantation

For the first time in a long time I decided to install Webmin, I was just used to putty. Saw new interface and not very crooked localization and decided to unsubscribe.

This is an unforgotten graphic web interface for managing your Linux server. That is, with its help, you can easily and without special knowledge remotely manage a Linux server, now no longer in a disgusting interface via a web browser.

The possibilities are truly impressive:

  • Full control of the operating system
  • Visual monitoring all processes
  • user management and groups and their rights
  • Network configuration including firewall
  • Manage all installed servers(Apache, IMAP/POP3)
  • Opportunity Reserve copy, and a whole host of other functions.

Installing Webmin on Ubuntu 16.04

We wait a few minutes and voila, you can open the panel at: https://IP:10000. You can use as authorization data login and password of any user systems, including root. Ignore the security warning, it is related to the self-signed certificate.

*Recently, a problem was discovered on Amazon EC2 servers; to solve it, before opening the port, use the following command:

Sudo apt-get --fix-broken install

Some other commands you may need:

#create a webmin user sudo useradd -g sudo webmin #password sudo passwd webmin

Webmin language setting

The first thing I want to change is the language. In the webmin tab select " Change Language and Theme"(https://IP:10000/change-user/), we poke there" Personal choice" and select Russian from the list and apply the changes. We also change the language in " Webmin Configuration"through the button" Language"(https://IP:10000/webmin/edit_lang.cgi).


Using Webmin

Webmin works in a modular manner, that is, when you install which package it supports, the corresponding control module is activated. If the panel did not activate the module on its own, then you can help it by clicking the "Refresh Modules" button.

It will be interesting to know how you can get convenient access using webmin in ubuntu server. The best tool for managing Unix systems via a web interface.

Using webmin, you can not only conveniently view logs, make changes to the configuration of installed services, but also install packages, remove them, update the system, etc. Even access the terminal!

Webmin is a ready-made web server with a whole bunch of scripts. All the delights of its use can be experienced after installation.

Installing Webmin

First of all, you need to add the webmin repositories to the /etc/apt/sources.list file

sudo nano /etc/apt/sources.list

At the very end of the file add two lines:

Deb http://download.webmin.com/download/repository sarge contrib deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib

Save and close the file. Now let's import the keys

wget http://www.webmin.com/jcameron-key.asc

sudo apt-key add jcameron-key.asc

Update the list of package sources

sudo apt-get update

install webmin

sudo apt-get install webmin

Launching Webmin

After successfully installing the package, open your browser and go to

https://server-ip-address:10000/

instead of " server-ip-address ” Enter either the server's IP address or its name. If you did everything correctly, you will see a prompt to enter your username and password.

Enter your server login and password in the fields, after which you will be taken to the webmin main page

The first thing we will do is change the language to Russian. To do this, go to the menu item “ Webmin” — “Change Language and Theme” and set the encoding Russian (RU.UTF-8)
After applying the changes, you need to refresh the page. Great! Now you have a completely Russified webmin


A little review of webmin

I won’t describe all the menu items, take a look for yourself and find a lot of interesting things for yourself. I focus on the most basic points.

The “Webmin” section provides tools for working with the webmin module itself. Setting up users, access, backup, etc.

The “System” section provides tools for working with the main functionality of the server. In this section you can find logs, perform operations with users and groups, update software, manage active processes, work with job scheduling (Cron) and much more.

In the “Network” section you can configure network interfaces, and also configure the firewall

In the “Equipment” section you can view the equipment connected to the server, as well as view the partitions of local disks.

I will not describe the “Cluster” section. Didn't work with clusters.

Now you can configure webmin in ubuntu server and use it from anywhere in the world.

Webmin is graphical web interface to manage a server based Unix-like operating systems. A very convenient thing for administering Linux servers. Makes life easier for beginners and experts, and saves Linux administration time. MUST HAVE!!!

Possibilities.

  • Full OS management (boot, processes, status, log files);
  • Manage users and groups and their rights;
  • Manage all servers (Apache, FTP, SSH, Samba);
  • Network setup including Firewall;
  • Conduct backup, and much more;

Let's move on to the installation.

Adding the WEBMIN repository

Sudo nano /etc/apt/sources.list

Insert the line at the end of the file (shift+ctrl+v)

Deb https://download.webmin.com/download/repository sarge contrib

Save (ctrl+o) and input.

Installing the keys

Wget https://www.webmin.com/jcameron-key.asc sudo apt-key add jcameron-key.asc

Adding the necessary modules

Sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl libdigest-md5-perl

Let's update.

Sudo apt-get update

Set WEBMIN

Sudo apt-get install webmin

PROFIT!!!

Go to the browser and open webmin. Please note that the protocol HTTPS(a window will appear with an invalid certificate, accept it and add it to the exceptions).

Https://ip server address:10000

|

Webmin is a web-based system administration tool for Unix-like systems. This simple and convenient alternative to administration via command line can be used to manage various aspects of the system (for example, users and services) through Webmin modules. Webmin is ideal for users who prefer to maintain their own virtual private server, but do not want to work with the command line.

This tutorial will demonstrate the process of installing the Webmin and SSL tool using apt-get on Ubuntu 14.04.

Requirements

To install Webmin you need root privileges. It is recommended to create a user with elevated sudo privileges (instructions can be found in ), which will also be needed to log into the Webmin interface. In addition, Webmin will be able to use his credentials to manage the server.

note: When using Webmin, password-based authorization is assumed.

Login to the server as New user(or root) via SSH using the command:

ssh user_name@server_ip_address

When prompted, provide your password.

Installing Webmin

Before you can install Webmin using apt-get, you need to add the Webmin repository to your sources.list file.

Open the sources.list file to virtual server V text editor(in this tutorial this is nano):

sudo nano /etc/apt/sources.list

Enter your password. Then press Ctrl-W and Ctrl-V to go to the end of the file and enter the following lines:

deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib

Once you're done editing, save the file by pressing Ctrl-X and then Y.

Then add the Webmin GPG key to apt so that the system can trust the added repository. To do this use:

wget -q http://www.webmin.com/jcameron-key.asc -O- | sudo apt-key add -

Now we need to update the list of apt-get packages:

sudo apt-get update

You can start installing Webmin; to do this, run the command:

sudo apt-get install webmin

Confirm that the installation will start.

Once the installation is complete, the Webmin service will start automatically.

Login to Webmin

Using a web browser, open the Webmin login page; to do this, specify the external IP and port 10000. By default, Webmin supports SSL/TLS, so you need to use HTTPS to connect. So, open the following link in your browser:

https://server_ip_address:10000

At this stage, a warning “Server’s SSL certificate is not trusted” will appear, which indicates that the browser cannot trust the server’s SSL certificate. The problem is that during installation, Webmin automatically generates and installs an SSL certificate, but this SSL certificate has not been verified by a certificate authority that the server can trust. And although the computer cannot verify the validity of the certificate, you can be sure that it is secure.

Tell the browser that the certificate can be trusted. For example, in Chrome you need to do the following:

  • Click the Advanced link;
  • Then click the link “Proceed to IP address(unsafe)".

In Firefox you need:

  • Click I Understand the Risks;
  • Then click the Add Exception... button;
  • And then Confirm Security Exception.

At this point, the Webmin login screen will appear.

Enter the same credentials that you used for the SSH connection at the very beginning. Don't forget: this user must have sudo or root privileges.

Ready! The Webmin tool has been successfully installed and is ready to use.

Note: The security of this user's credentials requires special attention because, thanks to his privileges, the Webmin application has full access to the server.

Using Webmin

When you launch Webmin for the first time, the System Information page appears, containing an overview of system resources and other useful information. This page also shows all available Webmin updates.

On the left you can see a navigation menu that can be used to manage the server and access various Webmin modules. The navigation menu is divided into categories, and each individual category has its own set of modules. The Webmin category is particularly noteworthy because it contains modules for configuring the Webmin application, while other categories are used to perform various system administration tasks.

Browse the navigation menu and check out the available modules.

Create a user (optional)

The main task of system administration (in particular in Webmin) is user management. In this section we will talk about creating a new user using the Users and Groups module.

Enter the username in Username and provide other required user information. Then click the Create button.

After this, a user with the specified data will appear on the server.

The Users and Groups module can also be used to perform other user management tasks, such as deleting or disabling users and groups.

Apache installation (optional)

Webmin comes with a large number of modules to manage different packages software. This section will demonstrate how to install a web server using the Apache Webserver module.

In the navigation menu, select the Un-used Modules category, and find the Apache Webserver module in it.

If Apache has not been installed on the server previously, the module will report this and suggest how to install the web server.

Once the Apache installation is complete, the standard web server will be launched.

After this, the Apache Webserver module will be moved to the Servers category and can be used to manage Apache server settings.

Conclusion

Now that Webmin is installed and ready to go, you can use the tool to perform basic system administration tasks.

Tags: ,

Original text on official page Webmin.

  • I think I found a bug in Webmin!

    First, check if your Webmin is updated to the latest version. Many bugs in older versions have already been fixed in newer ones.
    Second, check the Webmin updates page, which hosts bug fixes for the current version. The easiest way to install everything latest updates- use the second and third forms in the Webmin Modules window on the Webmin Configuration module page.
    If you find a truly new bug, go to the bug tracking system page and post information about it.

  • How can I change my Webmin password if I have forgotten it?

    The changepass.pl program included in the Webmin distribution will help solve this problem. By default, Webmin is installed in /usr/libexec/webmin and you can change the admin user's password to foo by running:

    /usr/libexec/webmin/changepass.pl /etc/webmin admin foo

    That is, now you can log into Webmin using a pair of login - admin, password - foo. Instead of the value foo, there can be any value and it will become the current password for admin. Exactly the same actions can be done with any user.
    Note from the site : In the case of FreeBSD, if Webmin is installed in the default directory, the command to change the password is as follows:

    /usr/local/lib/webmin/changepass.pl /usr/local/etc/webmin admin foo

  • What changes will happen to the existing OS configuration files after installing Webmin on it?

    A simple Wemin installation does not affect the configuration files in any way operating system Only when you start using the program, changes will be made to the configuration files according to your actions in Webmin, regarding a specific module. For example, using the Apache Webserver module will not affect your Sendmail settings.

  • My browser says "The page cannot be displayed" when I try to log into Wemin via SSL

    If you are using SSL, check that the URL is written correctly. It should look like this http s://ip-address:10000/ instead of http://ip-address:10000. Without https, your browser does not use SSL mode and is reporting an error.

  • How do I run setup.sh?

    After extracting the Webmin tar archive, go to the directory (cd) webmin-1.430 and write ./setup.sh . The setup.sh file must be executable. Because the root user on most systems doesn't have a specific directory, so a simple setup.sh won't work.
    Note from the site: If Webmin is installed by default, go to the directory /usr/local/lib/webmin and run setup.sh by simply typing setup.sh into the command line. Sometimes you may need another launch option: sh setup.sh.

  • Where can I get the Perl MD5 module?

    Webmin module "Users and Groups" supports MD5 password encryption, if your system supports it. It depends on the Perl MD5 module, which can be downloaded from http://www.cpan.org/modules/by-module/MD5/MD5-1.7.tar.gz. Once downloaded, enter the following commands to install the module:

    gunzip MD5-1.7.tar.gz
    tar xvf MD5-1.7.tar
    cd MD5-1.7
    perl Makefile.PL
    make
    make install

    If you are using Webmin 0.83 or higher earlier version, the simplest solution would be to install the MD5 module from CPAN.

  • How can I install new modules?

    Download new module- a file with the extension .wbm, open Webmin -> Webmin configuration and select Webmin Modules. Then, using the form on the page that opens, you can install the module from the local file system, where the Webmin server is running or upload through your browser on the client machine.
    Note from the site: Module installation example wbmtranslator you can see .

  • Can I run Webmin or Usermin under Apache?

    Yes, but it will require some changes to the configuration files. See details for running Webmin under Apache, or for running Usermin.
    You can also run Webmin from the Zeus webserver. See instructions.

  • Why am I getting the error "ERROR: Perl crypt function does not work under Slackware"?

    On some systems with Slackware installed, the Perl crypt() function does not work because the descrypt.tgz package is not installed. To solve this problem, install the required package from the Slackware CD or FTP.

  • How can I install Perl on a system that does not have it installed by default?

    You need to download the file from source codes or port and assemble latest version Perl from http://www.cpan.org/src/stable.tar.gz. Or if you have Solaris or HPUX you can download pre-built packages that you don't have to compile yourself.

  • Is there a log of Webmin operations?

    By default, partial logging is enabled in Webmin. To enable recording of all events and actions, go to the Webmin configuration module ( Webmin Configuration module), click on the icon Logging and enable the option to record all actions and changes( Log changes made to files by each action). This will record all file changes and commands launched by Webmin. Once the option is enabled, all actions performed from that moment can be viewed in the Webmin operation log module( Webmin Actions Log module).

  • When I downloaded the .tar.gz version of Webmin, why do I receive a .tar file? Or why is the file size much larger than what is indicated on the download page?

    Your browser will automatically unzip the file for you. Simply rename it to webmin-1.430.tar (if not already done) and skip the gunzip step during installation.

  • My browser does not accept the Webmin certificate in SSL mode.

    This happened because the default SSL certificate generated by Webmin is not recognized by browsers as a trusted certificate. From a security perspective, this makes the certificate less secure because an attacker (hacker) could theoretically redirect traffic from your server to another machine without your knowledge, which is usually not possible using a strong SSL certificate. Network traffic is still encrypted, so you are protected from attackers simply listening to your network connection.

    If you really want to be sure that only you are connecting to the Webmin server, buy a certificate from a company that issues certificates, for example, VeriSign (by the way, they have trial versions for free testing). The resulting certificate will be associated with your domain name and will be recognized by web browsers. The certificate should be placed in the /etc/webmin/miniserv.pem file. It should contain the following data: Certificate + key.

    To download the resulting certificate, you must follow several steps:

    • Run the command openssl genrsa -out key.pem 1024 . This will create a key.pem file which will be your private key.
    • The following command is openssl req -new -key key.pem -out req.pem . When asked for your common name, be sure to enter the full name Domain name your server used in the URL, for example www.yourserver.com. This command will create a req.pem file, which is a certificate signing request (CSR).
    • Send this request (CSR) to the certificate agency of your choice in any way convenient for them. They should respond to you with a certificate file. Starting at the line in this file -----BEGIN CERTIFICATE-----, copy the contents into the cert.pem file.
    • Connect the key and certificate files with the command cat key.pem cert.pem >/etc/webmin/miniserv.pem.
    • Restart Webmin (check if SSL mode is enabled) to use the new key.
  • What variables does Webmin use?module Users and Groups?
    • $USERADMIN_ACTION - Can take values: CREATE_USER, MODIFY_USER, DELETE_USER, CREATE_GROUP, MODIFY_GROUP or DELETE_GROUP depending on which action was performed last.
    • $USERADMIN_USER - The last name of the Unix user with whom actions were performed - creation, modification or deletion.
    • $USERADMIN_UID - Unix user UID.
    • $USERADMIN_REAL - Real Unix username.
    • $USERADMIN_SHELL - Shell used by the Unix user.
    • $USERADMIN_HOME - The user's Unix home directory.
    • $USERADMIN_PASS - Unix user password.
    • $USERADMIN_GROUP - The name of the group that was last created, modified, or deleted.
  • When I install Webmin RPM (from RPM packages), I get the error "Unable to identify operating system"

    This happens if Webmin cannot identify your OS automatically from the information in the /etc/issue file. Perhaps because it (this file) has been modified. The best option is to install the .tar.gz version of Webmin, which asks about the user's operating system, requiring manual input from the user.

  • How can I create a Webmin user that would only have rights to configure the Apache virtual server or DNS service (DNS domain)?

    In the module Webmin Servers create a new user and give him access only to the module Apache Webserver. After saving, click on Apache Webserver then select the name of this user in the Webmin user list and use the form that allows you to deny him access to other modules except Apache virtual server.

    With the remaining modules, the actions are similar to those described above, i.e. issuing rights only to a specific module, for example, DNS domains, Unix users or mail aliases.

  • Is there a version of Webmin for Windows?

    Yes, download ZIP archive Webmin and install on Windows using the included setup.pl script. However, this is an alpha version and only a few modules are more or less working. For example, Squid, Sendmail and some others that are missing on Windows. In addition, the system Windows security quite different from Unix. In general, nothing special if something suddenly doesn’t work.

  • How can I change the list of allowed IP addresses to access Webmin from the shell?

    You need to change the /etc/webmin/miniserv.conf file, in part allow= or deny=. If part allow= exists, it contains a list of all addresses and networks that are allowed access to Webmin. Exactly the same block deny= contains addresses that are denied access to Webmin. After making changes, restart the Webmin server. That is, stop and start again /etc/webmin/stop ; /etc/webmin/start . Typically this file can only be modified by the root user.

  • After logging into Webmin, I receive an error message - You do not have access to Webmin modules( You do not have access to any Webmin modules)

    We are not sure what is causing this error, but if you follow these steps, this issue will go away:

    • Connect to your server via telnet as root.
    • Open the /etc/webmin/webmin.acl file and make sure there is a line that starts with root: or admin:. It should look something like this:
      admin: acl
    • Login to Webmin again, and go into the Webmin Users module, which will be the only one you have access to.
    • Click on your username in the list, grant yourself access to all the modules, and click Save.
  • Is it possible to run Webmin using inetd?

    Certainly. True, with some changes in the configuration files. Your actions:

    • Open /etc/services and add a line like:
      webmin 10000 /tcp
    • Open /etc/inetd.conf and add the following:
      webmin stream tcp nowait root /usr/libexec/webmin/miniserv.pl miniserv.pl /etc/webmin/miniserv.conf
    • Restart inetd to apply the changes. Connect to Webmin as usual on port 10000.
    • Using the module Bootup and Shutdown, check that inetd is configured to start at boot and Webmin is not.

    If you are using xinetd instead of inetd, follow these steps:

    • Stop Webmin with /etc/webmin/stop
    • Add the line inetd=1 to /etc/webmin/miniserv.conf
    • Remove the line session=1 from /etc/webmin/miniserv.conf
    • Open /etc/xinetd.conf and add the following:

      • service webmin
      {
      user = root
      env=LANG=
      port = 10000
      socket_type = stream
      protocol = tcp
      wait = no
      disable = no
      type = UNLISTED
      server = /usr/libexec/webmin/miniserv.pl
      server_args = /etc/webmin/miniserv.conf
      }

    • If you have Webmin installed somewhere else, then you also need to change /usr/libexec/webmin in the part where the paths are written.
    • Restart xinetd to apply the changes. Connect to Webmin as usual on port 10000.
    • Using the Bootup and Shutdown module, check that xinetd is configured to start at boot and Webmin is not.

    To run Usermin from inetd or xinetd, follow the steps above, but replace /etc/webmin with /etc/usermin and change the port to 20000.

  • How can I make sure that users gain access to Webmin using their operating system login/password?

    This is done in several steps:

    • In the Users module( Webmin Users) click on the user for whom you want synchronization to be performed with his login credentials to the operating system and set the field Password to Unix authorization value( Unix Authentication).

    If PAM is not used on your operating system, feel free to skip the first two steps. Webmin automatically reads /etc/passwd or /etc/shadow files directly to authorize users who use the mode Unix Authentication.

  • How to remove Webmin?

    Simply by running /etc/webmin/uninstall.sh .
    If you have an RPM version of Webmin, then run the command rpm -e webmin, or if you have a version for Solaris, then use the following command pkgrm WSwebmin.

  • How to allow access to any Unix user to authorize (log in) to Webmin?

    Follow these steps:

    • In the Perl Modules in Webmin, install Authen::PAM from CPAN.
    • In the PAM Authentication module, add a new PAM service called webmin that uses Unix authentication.
    • In the module Webmin Users, create a new user and give him a custom name, for example, unixer, with access to the modules you want him to have access to.
    • In each of the modules in which the user unixer has access, change the rights of your users so that they can only change their account information. For example, in the Change Passwords module( Change Passwords) you should select the option Only for this user( Only this user) for the item Users whose passwords can be changed( Users whose passwords can be changed). Therefore, Unix users, after authorization, will only be able to change their own passwords.
    • Click on Configure Unix User Authentication( Configure Unix user authentication), select the list of all Webmin users and click Allow any Unix user to log in with user rights( Allow any Unix user to login with permissions of user) unixer.
    • Any Unix user can now log in to Webmin.
    • If PAM is not used on your operating system, feel free to skip the first two steps. Webmin automatically reads /etc/passwd or /etc/shadow files directly to authenticate users who use Unix Authentication mode.

      • Another way is to install Usermin, which allows all Unix users to log in and have access to the settings they are allowed to change using a Webmin-like interface.

  • How can I download a file through File Manager?

    Usually, by double-clicking on a file on the right side of the list, it is displayed in a separate window. However, if you also press Shift when double-clicking, your file manager should prompt you to save the file to disk.

    In Webmin versions 0.966 and older, you can also download the file by selecting the file and clicking on the button Save in the upper left corner of the file manager.

  • How can I update Webmin on Solaris?

    By default, Solaris does not allow packages to be updated. However, you can change this by opening the file /var/sadm/install/admin/default and replacing the line instance= with instance=overwrite. By updating we mean installing a new Webmin .pkg file.

  • How can I configure the From field for users in the Read Mail module?in Usermin's if I have several virtual domains (hosts)?

    By default, when the user composes an email, the From field contains username@systemhostname. You can change this by following these steps:

    • Login to Webmin and run the Usermin Configuration module( Usermin Configuration).
    • Select Usermin Module Configuration.
    • Then click Read Mail.
    • In field Default hostname for From: addresses, enter the domain name or host name that will be appended after the @ sign in the From address field.
    • If you want to prevent users from changing the From (From) address field, set the Allow changing the (From) field( Allow editing of From: address) to No( No).
    • If you have several virtual domains and different users need to install different domains, you should create a Map file that contains the combination Username - Virtual Domain Name. Then into the field From: address mapping file indicate the path to this file. The file might have something like this structure:
      usernamefromaddress
      Part username in each line this is the user login for accessing the Unix system, and fromaddress this is the address for the From field for that specific user. Field username may also contain the full form of the postal address, e.g. [email protected] .
  • How can I restrict database access rights for users in Usermin's MySQL Database module?

    By default, the module shows all databases of your operating system on home page, even if some of them are not available to some users. To change this, follow these instructions:

    • Login to Webmin and run the module Usermin Configuration.
    • Select Usermin Module Configuration.
    • Select MySQL Database on the list.
    • In the Database Access List field( Database access control list) remove the line *: *. Instead, enter the names of the users and, separated by a colon, the databases they have access to. One entry per line. For example:

    jcameron: database1
    fred: database2 database3
    joe: *

      The * sign means all databases are displayed. While the * sign in the user field implies any user not previously entered.

    • Click the Save button to apply the restrictions.
  • Why do reports for different logs generated by the Webalizer module turn out the same?

    This is common on Redhat Linux due to a bug in the default Webalizer configuration. You can fix this as follows:

    • Open /etc/webalizer.conf.
    • Change the line starting with HistoryName to HistoryName webalizer.hist.
    • Change the line starting with IncrementalName to IncrementalName webalizer.current.
    • Make the same changes in all .conf files located in the /etc/webmin/webalizer directory.
    • Regenerate all reports.
  • Why do I get an error when I try to download something through Webmin, although other programs like wget work fine?

    If you have a firewall configured to transparently allow HTTP requests (e.g. Sonicwall), this may be causing requests made through Webmin to time out. Without going into protocol details, my research has shown that Sonicwall makes an incorrect assumption about the number of IP packets per HTTP request, and that's why the error appears.

    It is verified that turning off the option Enforce Host Tag Search The error stops appearing in the firewall.

Publications on the topic