Re: [webmin-l] Virtualmin Deinstall/Install losing configuration

[Joe C. <jo...@sw...>]

Hey Roger,

I know it's too late for you in this case, but I'd like to chime in here 
to state emphatically that one should /never/ uninstall/reinstall a 
previously working piece of server software that has be configured for 
your environment in order to try to fix a problem with that software 
(any problem).  Something like Webmin has dozens of configuration files 
that will be removed during the uninstallation process, and sometimes 
their removal can be very uncomfortable...While Webmin modules don't 
store a lot of necessary state data in /etc/webmin, Virtualmin does (it 
has to because of what it does--it is a wholly different mindset from 
Webmin's one-to-one presentation of system configuration 
files...Virtualmin is itself a complex piece of software with its own 
configuration and lots of state data that is unique to Virtualmin). 
Losing all of that data is a much bigger problem than the very small 
problem of not being able to login.

If you have backups of /etc/virtualmin, you can restore everything, 
including passwords.  If you don't, getting a good backup policy is your 
first step.

Beyond that, the solution is definitely not blank passwords.  ;-)

You can set temporary passwords for each user, and ask them to login 
with that password to reset to their previous password.  I don't believe 
password syncrhonization will be a problem, even if the user opts to 
change the password to something entirely different, as MySQL user 
passwords are changed by the root user.  There are some situations where 
Virtualmin needs to have the plain text password, but that isn't one of 
them.  Anyway, try it out with one test account and let us know what 
happens.  If password synching does prove to be a problem, we'll 
probably be able to help you resolve it.  I might be wrong about my 
assertions (I don't manage any servers with heavy, or possibly even any, 
MySQL usage...so I might be missing some of the nuances of the 
situation), but I'm sure we can get it all resolved without too much 
pain or opening up your server to the insecurity of blank passwords 
(which would still be subject to the same problems temporary passwords 
would have).

Roger B.A. Klorese wrote:
> Would I be correct in:
> - disabling the option to set the MySQL password to agree with the user 
> password
> - importing the servers with a blank password
> - re-enabling the password synchronization
> - telling users to log in and change their passwords to the current value
> ...so Webmin could save the password for future database uses?
> 
> 
> Vernon J. Spangler wrote:
> 
>> There are actually two different methods I would have attempted but 
>> one that
>> is crucial. First is to always make backup. Since Virtualmin has a backup
>> utility you should use it before you make any changes to your server.
>>
>> When changing the version of Webmin you have two choices you can make.
>> 1. This is to upgrade the by using the Webmin section of the web 
>> interface
>> and going to the Webmin configuration. This is the one I would recommend
>> doing before any sudden changes.
>> 2. Uninstall and re-install Webmin after having made all the backups.
>>
>> You can still recover the Virtualmin accounts by using the import 
>> feature of
>> the module. Granted it may require you to reset the passwords and you may
>> run into errors with the passwords with SQL portion. But you 
>> technically did
>> not loose the users or the actual information. Recovery is a pain staking
>> event but it does teach a vital lesson. Backups and logs are your 
>> friend. I
>> understand that this does not resolve the actual issue with the
>> fail-to-restart but at least you will have a better ideal when 
>> upgrading and
>> some weight off your shoulders on the lost accounts.