From: Fajar P. <faj...@ar...> - 2012-04-01 01:17:42
|
Hi Joe. Why dont you try my suggestion of creating another admin and login with it? Maybe you accidentally set your account to "no password accepted". Sent from my iPhone On Apr 1, 2012, at 4:20 AM, Joe Nyland <jo...@jo...> wrote: > > On 31 Mar 2012, at 18:37, Jamie Cameron wrote: > >> On 31/Mar/2012 03:35 Joe Nyland <jo...@jo...> wrote .. >>> >>> On 30 Mar 2012, at 23:46, Jamie Cameron wrote: >>> >>>> On 30/Mar/2012 01:33 Joe Nyland <jo...@jo...> wrote .. >>>>> -----Original message----- >>>>>>> >>>>>>> Here's the output from 'sudo -l -S': >>>>>>> >>>>>>> joe@MailServer1:~$ sudo -l -S >>>>>>> [sudo] password for joe: >>>>>>> Matching Defaults entries for joe on this host: >>>>>>> env_reset >>>>>>> >>>>>>> User joe may run the following commands on this host: >>>>>>> joe@MailServer1:~$ >>>>>>> >>>>>>> Does that look right to you? >>>>>>> >>>>>>> Thank you for your help. >>>>>> >>>>>> That doesn't look like it includes all the needed permissions. >>>>>> >>>>>> It should be more like : >>>>>> >>>>>> User jcameron may run the following commands on this host: >>>>>> (ALL) ALL >>>>>> (ALL) ALL >>>>>> >>>>>> - Jamie >>>>> >>>>> Ok, this is a bit strange; 'sudo -l -S' now gives: >>>>> >>>>> joe@MailServer1:~$ sudo -l -S >>>>> [sudo] password for joe: >>>>> Matching Defaults entries for joe on this host: >>>>> env_reset >>>>> >>>>> User joe may run the following commands on this host: >>>>> (ALL) ALL >>>>> joe@MailServer1:~$ >>>>> >>>>> But I still can't login to Webmin. >>>>> >>>>> Sudo from an SSH connection still continues to work. Also, I've checked the >>> above >>>>> command output on my file server which I can login to Webmin fine on, and that >>>>> gives the same output as above: >>>>> >>>>> joe@FileServer1:~$ sudo -l -S >>>>> Matching Defaults entries for joe on this host: >>>>> env_reset >>>>> >>>>> User joe may run the following commands on this host: >>>>> (ALL) ALL >>>>> joe@FileServer1:~$ >>>>> >>>>> I'm not sure how to proceed with this. I'm tempted to do a reinstall of Webmin >>>>> on this server, but I'm not convinced this will help. >>>> >>>> The (ALL) ALL is what Webmin is looking for .. so I would expect the login >>>> as a sudo-capable user to work now. >>>> >>>> What gets logged to the debug file now when you try to login? >>>> >>>> - Jamie >>> >>> Here's a login attempt I just made, which has been taken from miniserv.debug: >>> >>> handle_request: passed timeout check >>> handle_request reqline=POST /session_login.cgi HTTP/1.1 >>> handle_request: got headline Host: mailserver1:10000 >>> handle_request: got headline User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X >>> 10.7; rv:11.0) Gecko/20100101 Firefox/11.0 >>> handle_request: got headline Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 >>> handle_request: got headline Accept-Language: en-gb,en;q=0.5 >>> handle_request: got headline Accept-Encoding: gzip, deflate >>> handle_request: got headline Connection: keep-alive >>> handle_request: got headline Referer: https://mailserver1:10000/session_login.cgi >>> handle_request: got headline Cookie: testing=1 >>> handle_request: got headline Content-Type: application/x-www-form-urlencoded >>> handle_request: got headline Content-Length: 29 >>> clen_read=29 clen=29 posted_data=29 >>> handle_request: posted_data=page=%2F&user=joe&pass=**** >>> handle_request: Need authentication >>> validate_user: user=joe pass=**** host=mailserver1 >>> can_user_login: Validate with PAM >>> validate_user: canuser=joe canmode=2 notexist=0 webminuser=root sudo=1 >>> validate_user: unix val=1 >>> check_sudo_permissions: querying cache for joe >>> main: inline readsudo joe >>> check_sudo_permissions: cache said 0 >>> validate_user: sudo failed >>> handle_login: requesting delay vu=joe acptip=192.168.1.205 ok=0 >>> main: inline delay joe 192.168.1.205 0 >>> handle_login: delay=2 blocked=0 >>> handle_request: page=/session_login.cgi simple=/session_login.cgi >>> handle_request: initial full= >>> handle_request: full=/usr/share/webmin/session_login.cgi >>> handle_request: executing CGI >>> REMOTE_USER = >>> BASE_REMOTE_USER = >>> main: Done handle_request loop pid=7801 >>> main: inline EOF >>> >>> For completeness, I checked my sudo privileges again, after the login attempt: >>> >>> joe@MailServer1:~$ sudo -l -S >>> Matching Defaults entries for joe on this host: >>> env_reset >>> >>> User joe may run the following commands on this host: >>> (ALL) ALL >>> >>> However, still: "Login failed. Please try again." >>> >>> I'm happy to perform a reinstall of Webmin, if you think this will resolve anything. >>> However, this would also remove any hope of finding what this issue is, so that >>> it can be worked around in the future, if it crops up again. >> >> Looks like Webmin was caching the response from sudo in that check .. I can tell >> from the message "check_sudo_permissions: cache said 0" >> >> Try running /etc/webmin/restart , and then immediately after attempting a login >> and post what gets logged to the debug file. >> >> I'm pretty sure a re-install won't help here. >> >> - Jamie > > Still no luck, I'm afraid: > > miniserv.pl starting .. > Reading crons from /etc/webmin/webmincron/crons > adding cron id=133215899832608 module=system-status func=scheduled_collect_system_info > adding cron id=133215899832422 module=cron func=cleanup_temp_files > Running cron id=133215899832422 module=cron func=cleanup_temp_files > main: Starting handle_request loop pid=16829 > handle_request: from 192.168.1.205 to 192.168.1.8 ipv6=0 > handle_request: passed IP checks > handle_request: passed timeout check > handle_request reqline=POST /session_login.cgi HTTP/1.1 > handle_request: got headline Host: mailserver1:10000 > handle_request: got headline User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:11.0) Gecko/20100101 Firefox/11.0 > handle_request: got headline Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 > handle_request: got headline Accept-Language: en-gb,en;q=0.5 > handle_request: got headline Accept-Encoding: gzip, deflate > handle_request: got headline Connection: keep-alive > handle_request: got headline Referer: https://mailserver1:10000/ > handle_request: got headline Cookie: testing=1 > handle_request: got headline Content-Type: application/x-www-form-urlencoded > handle_request: got headline Content-Length: 29 > clen_read=29 clen=29 posted_data=29 > handle_request: posted_data=page=%2F&user=joe&pass=*** > handle_request: Need authentication > validate_user: user=joe pass=*** host=mailserver1 > can_user_login: Validate with PAM > validate_user: canuser=joe canmode=2 notexist=0 webminuser=root sudo=1 > validate_user: unix val=1 > check_sudo_permissions: querying cache for joe > main: inline readsudo joe > check_sudo_permissions: cache said 2 > check_sudo_permissions: ptyfh=IO::Pty=GLOB(0x281df28) > check_sudo_permissions: ttyfh=IO::Tty=GLOB(0x3326030) > check_sudo_permissions: tty=/dev/pts/1 > check_sudo_permissions: about to fork.. > check_sudo_permissions: fork=0 pid=16831 > check_sudo_permissions: fork=16831 pid=16829 > check_sudo_permissions: pid=16831 > check_sudo_permissions: about to send pass > check_sudo_permissions: sent pass=*** > validate_user: sudo failed > handle_login: requesting delay vu=joe acptip=192.168.1.205 ok=0 > main: inline writesudo joe 0 > main: inline delay joe 192.168.1.205 0 > handle_login: delay=0 blocked=0 > handle_request: page=/session_login.cgi simple=/session_login.cgi > handle_request: initial full= > handle_request: full=/usr/share/webmin/session_login.cgi > handle_request: executing CGI > REMOTE_USER = > BASE_REMOTE_USER = > main: Done handle_request loop pid=16829 > Running cron id=133215899832608 module=system-status func=scheduled_collect_system_info > main: inline EOF > Running cron id=133215899832422 module=cron func=cleanup_temp_files > > Thank you for you continued support. > > Joe > > > ------------------------------------------------------------------------------ > This SF email is sponsosred by: > Try Windows Azure free for 90 days Click Here > http://p.sf.net/sfu/sfd2d-msazure > - > Forwarded by the Webmin mailing list at web...@li... > To remove yourself from this list, go to > http://lists.sourceforge.net/lists/listinfo/webadmin-list |