Submitted by jpenix on Sat, 11/01/2014 - 18:27 Pro Licensee
It's great that Virtualmin calls out config security issues such as symlinks being enabled and mismatched mod_php execution modes. But it's a little frustrating when it only offers a count of the number of impacted domains, a warning that things might break, and then nothing but an A/B choice of fix/allow.
How can I get Virtualmin to give me more details about which domains are impacted before doing a blanket fix/allow?
Status:
Active
Comments
Submitted by JamieCameron on Sat, 11/01/2014 - 18:41 Comment #1
I'm a little surprised you are seeing that message actually - it was put in place to catch a misconfiguration in older Virtualmin releases, but the current version shouldn't allow any dangerous symlinks by default.
It is a bug in Virtualmin if that message appears at all in new installs!
Submitted by jpenix on Sat, 11/01/2014 - 18:54 Pro Licensee Comment #2
Actually this is in an existing version (Bedinger's) that has been upgraded through many versions of Virtualmin, so it makes sense that it might be valid.
If I tell it to fix the misconfig, will it at least notify me which configs were changed so I can QA the sites?
Submitted by JamieCameron on Sat, 11/01/2014 - 22:32 Comment #3
It won't list the domains that were modified immediately after you click the button - but you can figure this out by looking at Virtualmin's log of file changes. This is visible at Webmin -> Webmin Actions Log (assuming that file change logging is enabled).