#3598 Deleting a domain in virtualmin breaks /etc/group

1.500
open
Jamie Cameron
5
2010-01-27
2010-01-27
Anonymous
No

Problem deleting a domain also removes all of the members of a secondary group!

OS: CentOS 5.4
Virtualmin: 3.76.gpl, via rpm
Webmin: 1.500, via rpm
Initial Install: via Virtualmin install.sh

Set up Virtualmin configuration like this:
1. Server Templates --> Default Settings --> Administration user --> Field "Add domain owners to secondary group" --> Bullet "Selected group" --> field = "wheel" --> Click on Save
2. Examine your /etc/groups file (cat /etc/groups) and note the members of "wheel" (and say goodbye to them).
3. Create a new domain in Virtualmin.
4. Delete the domain --> Select the domain in the Virtualmin dropdown box and click on the green go button --> expand Disable and Delete --> click on Delete Virtual Server --> Click on "Yes, Delete It"
5. Examine your /etc/groups file. Where did root go? Root's no longer a member of wheel.
6. Panic

Discussion

  • Fantastic that webmin logs DIFFS! LOVE IT.

    I checked and went into Webmin --> Webmin Actions Log --> click on the delete domain action.
    Search for "/etc/group" and you'll see the diff clears out the "wheel" group.
    I love the logging changes function. Fantastic! This is a real bug.

     
  • And the /etc/gshadow also gets modified, like it should -- but of course it wipes out the entire wheel::: group, too, just like /etc/group

     
  • Last note? Why set up this way? 1. "allowgroup wheel" in SSH so that virtualmin-admin accounts can ssh to the machine and change to root, 2. in sudo, allow virtualmin-admins to change to root, too. This allows this a box owner to allow multiple admin accounts to change to root or whatever. It could have been a completely different group, but none the less, it still would be wiped.

     
  • Jamie Cameron
    Jamie Cameron
    2010-01-27

    It looks like you are using the feature to add domain owners to a group in a way that I didn't expect - it was designed to be used with a group that contains *only* domain owners, and not any other users. The code will re-generate the member list for the group with just domain owners, and nobody else, not even root. You can then use the group in the configurations for other servers like Samba, OpenSSH and so on.

    What is the use case behind adding all domain owners to the "wheel" group?

     
  • Jamie said: "What is the use case behind adding all domain owners to the "wheel"
    group?"

    Yes, that is the reason. I understand what you are saying: the secondary group should be only specific to Virtualmin and used no-where else. That is not explained in the context sensitive help.

    Two suggested options: 1. update the context sensitive help (and/or alter the field description saying something like "Virtualmin only group"), 2. alter the code to be able to add/remove Virtualmin domains without clobbering existing group members.

    #2 is more coding, but isn't the group add/remove code part of Users and Groups (useradmin/user-lib.pl)? The only tricky part, I would figure, is code in Virtualmin to Check & Verify that the configuration is correct for each Virtualmin domain setup.

    With your new knowledge, and to get this working, I'll create a new group and assign only Virtualmin domains to it (and add the new groups to ssh, sudo, etc), instead of using wheel (since the current code clobbers existing members of the group).

     
  • Jamie, another confusing part about "Add domain owners to secondary group" is that the group must already exist prior to using this feature. Clicking on the ellipse button "..." only allows you to select a pre-existing group (no add feature).

    Therefore, can you just type in a name that does not already exist?

    OOPS, just tried that:
    "Failed to save server template : Missing or invalid secondary Unix group"

    So the answer is no. The group must pre-exist.

     
  • Jamie said: "What is the use case behind adding all domain owners to the
    "wheel" group?"
    OOps, just notice I didn't answer your question. A server, dedicated to one owner, could automatically have an account created via Virtualmin that would add the administrator to a group that would allow SSH, sudo, etc. I was being lazy and adding it to wheel. I didn't know that the group should ONLY be used for Virtualmin domains (again, no documentation was clear on that).

    There is no use-case for re-using another existing group. (Other than the Virtualmain interface does not allow you to add a group on the fly -- it must pre-exist).

     
  • Jamie Cameron
    Jamie Cameron
    2010-01-28

    Ok, I see ..

    I will update the help for that field to explain that only an existing empty group should be used.