On our Virtualmin Server, one of our virtual server admins is trying to change their password via the webmin chanve passwords module. When they use the webmin module: Change Password available to them in their virtualmin admin section, to change the password that was set for them in the Virtualmin -> Edit Virtual Server -> Configurable Settings -> Change Admin Password, they get this error: Failed to change password : Incorrect old password
If, as a master user, I change the password in the Virtualmin -> Edit Virtual Server -> Configurable Settings -> Change Admin Password section, it still does not work for the user when they log in as themselves...
I can't find anything in the miniserv logs that gives a clue (but then again, I may not be looking in the right place).
Comments
Submitted by JamieCameron on Tue, 08/18/2009 - 00:37 Comment #1
If you go to (as root) Webmin -> Webmin Users -> serveradmin and click to by-pass the warning, what is the "Password" menu set to? It should be "Unix authentication".
Submitted by jahlewis on Tue, 08/18/2009 - 14:26 Comment #2
It is set to "unix authentication" currently.
Submitted by JamieCameron on Tue, 08/18/2009 - 20:01 Comment #3
Does it work if they use the Change Password link on the left menu (near the bottom), or change it at Edit Virtual Server -> Configurable settings ?
Submitted by jahlewis on Wed, 08/19/2009 - 08:35 Comment #4
When they use the Change Password link on their admin page, it generates this error.
If they reset the password, or I as admin, reset their password via Edit Virtual Server -> Configurable Settings, they still have the same issue when using the Change Password link on their admin page.
Is there a log file I can look at that could tell what is happening?
Submitted by JamieCameron on Wed, 08/19/2009 - 13:24 Comment #5
Could you attach a screenshot showing which Change Password link they are using? There are a few in Virtualmin, and I want to be sure the right one is being used ..
Also, what is the output from the command :
grep username /etc/shadow
I'd like to see the format their encrypted password is in.
Submitted by jahlewis on Tue, 09/08/2009 - 09:09 Comment #6
Sorry for the delay in response on this one, been on vacation...
[root@kermit ~]# grep quakers /etc/shadow quakers:$1$51303457$fyngZfc.G4IZIIFDu7fEv/:14482::::::
I've attached screenshots of both places we've tried to change this user's password.
Submitted by JamieCameron on Tue, 09/08/2009 - 14:58 Comment #7
So if you click on Server Configuration -> Change Password , does it still report "Incorrect old password" or similar? Because that page doesn't even have an old password field..
I'd be interested to see a screenshot of the error page if possible.
One place that is known not to work is Webmin -> System -> Change Passwords, which will be fixed in the next Webmin release.
Submitted by jahlewis on Wed, 09/09/2009 - 13:34 Comment #8
attached is a .txt email of what the server's admin did, and a .doc file with screenshots.
FWIW
[root@kermit quakers]# ll
total 36
drwxr-xr-x 2 quakers quakers 4096 Sep 9 14:03 awstats
drwxr-x--- 2 quakers quakers 4096 Jun 10 20:26 cgi-bin
drwxr-xr-x 3 quakers quakers 4096 Jun 10 20:11 etc
drwxr-xr-x 2 quakers quakers 4096 Jun 10 20:26 fcgi-bin
drwxr-xr-x 2 quakers quakers 4096 Jun 10 20:11 homes
drwxr-x--- 2 quakers quakers 4096 Jun 10 20:17 logs
drwx------ 9 quakers quakers 4096 Aug 26 13:37 Maildir
drwxr-x--- 3 quakers quakers 4096 Jun 12 10:37 public_html
drwxr-x--- 2 quakers quakers 4096 Jun 12 10:37 tmp
[root@kermit quakers]# cd Maildir/
[root@kermit Maildir]# ll
total 60
drwx------ 2 quakers quakers 12288 Aug 26 13:35 cur
-rw------- 1 quakers quakers 180 Aug 26 13:35 dovecot.index
-rw------- 1 quakers quakers 19456 Aug 26 13:35 dovecot.index.cache
-rw------- 1 quakers quakers 7248 Aug 26 13:36 dovecot.index.log
-rw------- 1 quakers quakers 4626 Aug 26 13:33 dovecot-uidlist
drwx------ 2 quakers quakers 4096 Sep 9 09:25 new
drwx------ 2 quakers quakers 4096 Sep 9 09:25 tmp
Submitted by JamieCameron on Wed, 09/09/2009 - 17:50 Comment #9
Ok, I think I can see the real issue now - the password for accessing his IMAP inbox is wrong.
Does it help if you edit the .usermin/mailbox/inbox.imap file under the mail user's home directory, and correct the pass= line?
Also, what is the output from the following commands :
grep -e mail_system -e pop3_server /etc/usermin/mailbox/config
quota -v quakers
Submitted by jahlewis on Wed, 09/09/2009 - 21:15 Comment #10
[root@kermit ~]# grep -e mail_system -e pop3_server /etc/usermin/mailbox/config
mail_system=4
pop3_server=localhost
[root@kermit ~]# quota -v quakers
Disk quotas for user quakers (uid 622):
Filesystem blocks quota limit grace files quota limit grace
/dev/md1 11492 102400 0 455 0 0
Interesting, the permissions for inbox.imap in quakers was
-rw-r--r-- 1 root root 36 Jun 10 20:11 inbox.imap
I changed it to be like the rest of them, and what I saw in other .usermin directories
[root@kermit mailbox]# chown quakers:quakers inbox.imap
I then changed the password for the site user at the virtualmin level (edit virtual server), and it did not change the .usermin/mailbox/inbox.imap password
I could log in with the new password to virtualmin as quakers, and changed the password there in Server Configuration -> Change Password
That did not change the .usermain/mailbox/inbox.imap password either.
Should it not be updating the usermin imap file with the new password? Am I doing something wrong?
Do you have any script/option that can repair permissions recursively for virtual servers?
Submitted by JamieCameron on Thu, 09/10/2009 - 00:38 Comment #11
Yes, that inbox.imap file certainly should be getting updated .. and does on my test systems.
If you go to Edit Mail and FTP Users, click on the username and open the "Email settings" section, is "Primary email address enabled?" set to "Yes" ?
Submitted by jahlewis on Fri, 09/11/2009 - 08:29 Comment #12
It was set to "no", we've set to "yes" and everything appears to work.
Not sure how that got changed, but it appears to be the issue here.
The original password issue that started this thread is not happening either, so you can close this issue...
Thanks jamie!
Submitted by JamieCameron on Fri, 09/11/2009 - 12:48 Comment #13
Great! Also, I will fix Virtualmin to set the IMAP password correctly even if that is set to "No".
Submitted by Issues on Fri, 09/25/2009 - 20:18 Comment #14
Automatically closed -- issue fixed for 2 weeks with no activity.