I am having a problem changing the virtualmin administrative password. I am not sure if this is related but I have restricted access to webmin/virtualmin to localhost:10000 So in order to connect to the interface I use tunneling to connect to https://127.0.0.1:10000
The steps I follow are: 1. Connect to Webmin as root 2. Select VirtualMin and then select the virtual server in question 3. Edit Virtual Server-->Configurable Settings-->Administration Password (Set to) 4. Enter some password and click Save Virtual Server 5. Log out 6. Log in with the virtual server credentials as changed above and the password is not accepted.
I can log in to the said account with the old password.
This is very strange as it seems the password is not actually changed. Any suggestions?
Changed file /etc/shadow 32c32
chaky:$6$48063558$O7RPP9B/SiI0oXrKUh6OD3TQDEBD.7zFjYSwTdLrzkZYRHp/h/ojz9NH6mCBPJU1JMPWvmXFDMd0MdHLUE3w5.:15602:::::: Executed command chattr -i \/home\/chaky\/fcgi-bin\/php5.fcgi Executed command chattr +i \/home\/chaky\/fcgi-bin\/php5.fcgi Changed file /home/chaky/.stats-htpasswd 1c1
chaky:0.cDq1/3VrQjA Changed file /etc/webmin/virtual-server/domains/13473052752397 21c21
md5_enc_pass=$1$48063558$VvmYJ3HDScgUNxU72ZeET0 23c23
lastsave=1348063563 28c28
crypt_enc_pass=0.cDq1/3VrQjA 45c45
enc_pass=$6$48063558$O7RPP9B/SiI0oXrKUh6OD3TQDEBD.7zFjYSwTdLrzkZYRHp/h/ojz9NH6mCBPJU1JMPWvmXFDMd0MdHLUE3w5. 104c104
digest_enc_pass=1cbce5922d299a63867aa90209a82259 142a143
In /etc/secure Sep 19 14:06:10 ****** webmin[29005]: Logout by root from localhost.localdomain Sep 19 14:06:17 ****** webmin[29008]: Invalid login as ****** from localhost.localdomain
Howdy.
Hmm, are you using a non-typical authentication mechanism, such as LDAP or MySQL?
Also, do you see any errors in /var/webmin/miniserv.error?
-Eric
I am using PAM Authentication. I had a problem with PAM and resolved it by installing the pam perl module and creating the webmin file with the following contents
"auth include system-auth"
The miniserve log file shows the following before and after installing pam.
[19/Sep/2012:14:03:45 +0000] miniserv.pl started [19/Sep/2012:14:03:45 +0000] Using MD5 module Digest::MD5 [19/Sep/2012:14:03:45 +0000] PAM test failed - maybe /etc/pam.d/webmin does not exist [19/Sep/2012:14:04:59 +0000] miniserv.pl started [19/Sep/2012:14:04:59 +0000] Using MD5 module Digest::MD5 [19/Sep/2012:14:04:59 +0000] PAM authentication enabled
Thanks, Efty
Hmm, it looks like PAM authentication isn't working for some reason, it looks like you're getting an error regarding that.
Can you verify that the webmin file you created is still there? You can do that with this command:
ls -l /etc/pam.d/webminIf that is there -- which distro/version is it that you're using? We may need to double-check the contents.
Also, is PAM just configured to read from /etc/passwd and /etc/shadow? Another option would be to configure Virtualmin to read directly from those.
-Eric
Hi Eric,
I am using Centos 6.3. I am not sure how you configure PAM to read from /etc/passwd and /etc/shadow What I tried was to disable PAM and the password change works. What are the pros/cons of using/not using PAM? Thanks, Efty Here is the output of the command and the contents of the file
[root@cyatcu pam.d]# ls -l /etc/pam.d/webmin -rw-r--r-- 1 root root 61 Sep 19 14:04 /etc/pam.d/webmin [root@cyatcu pam.d]# cat /etc/pam.d/webmin
%PAM-1.0 description: webmin pamauth include system-auth [root@cyatcu pam.d]#
Howdy,
Well, using PAM in theory should work.
However, that's actually disabled by default -- and Virtualmin just directly uses the password and shadow files to handle authentication.
There's not really a downside to that... it's only a problem if you later switch to a different authentication method. In that case you'd have to reconfigure Virtualmin, rather than just reconfiguring PAM.
But it's rare to change authentication methods, most folks just use the standard password files.
-Eric