webadmin-devel — The webmin development mailing list

Re: Version of Apache is not Updating

[Jeremy R. <jer...@te...>]

> It's probably because the old version is still haunting you in some
> startupscript...

Yeah this is what somebody else told me in another forum:

>> The starting script you use is pointing to the old version. So edit the starting script to run the new version.

Which file do I need to modify to make this change?


Best Regards,

Jeremy Reed
-- 
_______________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup

Re: Version of Apache is not Updating

[Jeppe U. J. <ar...@nx...>]

> Sorry about that...I wasn't clear enough. After I switched themes, it
displayed the correct version at the top of Webmin (the other template I was
using didn't display any version #). But when I run the perldiver.pl script
that shows all the server info, or when I lookup my site using
www.netcraft.com, it still says 1.3.20.
>

If netcraft says 1.3.20, it -is- that version that's running... It finds the
version by querying your server...

It's probably because the old version is still haunting you in some
startupscript...

/Jeppe Uhd Jepsen - NX

Re: Version of Apache is not Updating

[Jeremy R. <jer...@te...>]

> > I even switched the Webmin template back to the default to make sure the problem wasn't due to the template I was using, and it is showing 'Apache version 1.324' at the top of the page under Apache Webserver.
> 
> 
> Was that a typo, or did switching themes actually solve the problem?

Sorry about that...I wasn't clear enough. After I switched themes, it displayed the correct version at the top of Webmin (the other template I was using didn't display any version #). But when I run the perldiver.pl script that shows all the server info, or when I lookup my site using www.netcraft.com, it still says 1.3.20.


Best Regards,

Jeremy Reed
-- 
_______________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup

Re: Version of Apache is not Updating

[Jamie C. <jca...@we...>]

Jeremy Reed wrote:

>>Well, I'm totally confused because the version shown on the main page definately comes from the
>>site file :(  Unless your browser is caching the page or something, I have no idea where that
>>1.3.20 is coming from! Fortunately it doesn't matter much in terms of the functionality of the
>>module, because if the site file is what determines which apache directives the module will
>>edit.
>>
> 
> To make sure my browser wasn't caching the page I tried going to it in Netscape, since I always use IE, and it also shows 1.3.20.
> 
> I even switched the Webmin template back to the default to make sure the problem wasn't due to the template I was using, and it is showing 'Apache version 1.324' at the top of the page under Apache Webserver.


Was that a typo, or did switching themes actually solve the problem?

 
> Do you think if I tried uninstalling then re-installing Webmin it would fix the problem?


It would definately be worth a try ..

  - Jamie

Re: Version of Apache is not Updating

[Jeremy R. <jer...@te...>]

> Well, I'm totally confused because the version shown on the main page definately comes from the
> site file :(  Unless your browser is caching the page or something, I have no idea where that
> 1.3.20 is coming from! Fortunately it doesn't matter much in terms of the functionality of the
> module, because if the site file is what determines which apache directives the module will
> edit.

To make sure my browser wasn't caching the page I tried going to it in Netscape, since I always use IE, and it also shows 1.3.20.

I even switched the Webmin template back to the default to make sure the problem wasn't due to the template I was using, and it is showing 'Apache version 1.324' at the top of the page under Apache Webserver.

Do you think if I tried uninstalling then re-installing Webmin it would fix the problem?


Best Regards,

Jeremy Reed
-- 
_______________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup

Re: Version of Apache is not Updating

[Jamie C. <jca...@we...>]

Jeremy Reed wrote:

>>Very strange, because the version number should come from the site file.
>>You're not using a clone of the apache module by any chance? And I presume you are using
>>the latest webmin release?
>>
> 
> No, I deleted the Apache module and downloaded a new one from the Webmin site, uploaded it, and re-installed it.
> 
> Yes, I'm using the latest Webmin release.


Well, I'm totally confused because the version shown on the main page definately comes from the
site file :(  Unless your browser is caching the page or something, I have no idea where that
1.3.20 is coming from! Fortunately it doesn't matter much in terms of the functionality of the
module, because if the site file is what determines which apache directives the module will
edit.

  - Jamie

Re: Version of Apache is not Updating

[Jeppe U. J. <ar...@nx...>]

> No, I deleted the Apache module and downloaded a new one from the Webmin
site, uploaded it, and re-installed it.
>
> Yes, I'm using the latest Webmin release.
>
>

Have you tried to wipe your browser cache ?

I've experienced som weird errors related to IE not being 'nice'

/Jeppe Uhd Jepsen - NX

Re: Version of Apache is not Updating

[Jeremy R. <jer...@te...>]

> Very strange, because the version number should come from the site file.
> You're not using a clone of the apache module by any chance? And I presume you are using
> the latest webmin release?

No, I deleted the Apache module and downloaded a new one from the Webmin site, uploaded it, and re-installed it.

Yes, I'm using the latest Webmin release.


Best Regards,

Jeremy
-- 
_______________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup

Re: Version of Apache is not Updating

[Jamie C. <jca...@we...>]

Jeremy Reed wrote:

>>That all looks correct to me. One more thing you should try is deleting the
>>file /etc/webmin/apache/site , which caches the version number and apache modules.
>>It may have gotten out of date ..
>>
> 
> Here's what was in the site file:
> 
> modules=core/1.324 mod_access/1.324 mod_actions/1.324 mod_alias/1.324 mod_asis/1.324 mod_auth/1.324 mod_autoindex/1.324 mod_cgi/1.324 mod_dir/1.324 mod_env/1.324 mod_imap/1.324 mod_include/1.324 mod_info/1.324 mod_log_agent/1.324 mod_log_config/1.324 mod_log_referer/1.324 mod_mime/1.324 mod_negotiation/1.324 mod_perl/1.324 mod_php/1.324 mod_php3/1.324 mod_php4/1.324 mod_setenvif/1.324 mod_ssl/1.324 mod_status/1.324 mod_userdir/1.324 mod_vhost_alias/1.324
> size=395140
> 
> I deleted it and unfortunately, it's still showing up 1.3.20. I also checked the config file in the /etc/webmin/apache directory and it is showing:
> 
> httpd_version=1.3.24
> httpd_conf=
> start_cmd=/etc/rc.d/init.d/httpd start
> max_servers=100
> stop_cmd=/etc/rc.d/init.d/httpd stop
> virt_file=
> mime_types=/etc/mime.types
> apachectl_path=
> httpd_dir=/etc/httpd
> srm_conf=
> show_order=1
> test_config=1
> defines=HAVE_PERL HAVE_PHP HAVE_PHP3 HAVE_PHP4 HAVE_DAV HAVE_ROAMING HAVE_SSL SSL
> httpd_path=/usr/local/apache/bin/httpd
> show_list=0
> access_conf=
> 
> It's strange that there's all these references of 1.3.24 and 1.3.20 keeps showing up. Do you have anymore ideas?


Very strange, because the version number should come from the site file.
You're not using a clone of the apache module by any chance? And I presume you are using
the latest webmin release?

  - Jamie

Re: Version of Apache is not Updating

[Jeremy R. <jer...@te...>]

> That all looks correct to me. One more thing you should try is deleting the
> file /etc/webmin/apache/site , which caches the version number and apache modules.
> It may have gotten out of date ..

Here's what was in the site file:

modules=core/1.324 mod_access/1.324 mod_actions/1.324 mod_alias/1.324 mod_asis/1.324 mod_auth/1.324 mod_autoindex/1.324 mod_cgi/1.324 mod_dir/1.324 mod_env/1.324 mod_imap/1.324 mod_include/1.324 mod_info/1.324 mod_log_agent/1.324 mod_log_config/1.324 mod_log_referer/1.324 mod_mime/1.324 mod_negotiation/1.324 mod_perl/1.324 mod_php/1.324 mod_php3/1.324 mod_php4/1.324 mod_setenvif/1.324 mod_ssl/1.324 mod_status/1.324 mod_userdir/1.324 mod_vhost_alias/1.324
size=395140

I deleted it and unfortunately, it's still showing up 1.3.20. I also checked the config file in the /etc/webmin/apache directory and it is showing:

httpd_version=1.3.24
httpd_conf=
start_cmd=/etc/rc.d/init.d/httpd start
max_servers=100
stop_cmd=/etc/rc.d/init.d/httpd stop
virt_file=
mime_types=/etc/mime.types
apachectl_path=
httpd_dir=/etc/httpd
srm_conf=
show_order=1
test_config=1
defines=HAVE_PERL HAVE_PHP HAVE_PHP3 HAVE_PHP4 HAVE_DAV HAVE_ROAMING HAVE_SSL SSL
httpd_path=/usr/local/apache/bin/httpd
show_list=0
access_conf=

It's strange that there's all these references of 1.3.24 and 1.3.20 keeps showing up. Do you have anymore ideas?


Best Regards,

Jeremy Reed
-- 
_______________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup

Re: Version of Apache is not Updating

[Jamie C. <jca...@we...>]

Jeremy Reed wrote:

>>It sounds like webmin is not looking at the right httpd executable on your system.. Try clicking on
>>Module Config and making sure the 'Path to httpd executable' option is set to
>>/usr/local/apache/bin/httpd , and leave the 'Apache version' as 'Work out automatically' .
>>
> 
> I changed the path to the httpd executable to /usr/local/apache/bin/httpd (it was set to /usr/sbin/httpd) and it didn't update even after restarting. 
> 
> Here are my settings under the Module Config page:
> 
> Apache server root directory: /etc/httpd
> Path to httpd executable: /usr/local/apache/bin/httpd
> Path to the apachectl command  None       
> Command to start apache  /etc/rc.d/init.d/httpd start      
> Command to stop apache  /etc/rc.d/init.d/httpd stop       
> Display virtual servers as  Icons     
> Order virtual servers by: Server name     
> Maximum number of servers to display: 100   
> Path to httpd.conf  Automatic       
> Path to srm.conf  Automatic       
> Path to access.conf  Automatic       
> Path to mime.types  /etc/mime.types
> File to add virtual servers to  httpd.conf   
> Test config file before applying changes?  Yes
> 
> Does everything look correct?


That all looks correct to me. One more thing you should try is deleting the
file /etc/webmin/apache/site , which caches the version number and apache modules.
It may have gotten out of date ..

  - Jamie

Re: Version of Apache is not Updating

[Jeremy R. <jer...@te...>]

> It sounds like webmin is not looking at the right httpd executable on your system.. Try clicking on
> Module Config and making sure the 'Path to httpd executable' option is set to
> /usr/local/apache/bin/httpd , and leave the 'Apache version' as 'Work out automatically' .

I changed the path to the httpd executable to /usr/local/apache/bin/httpd (it was set to /usr/sbin/httpd) and it didn't update even after restarting. 

Here are my settings under the Module Config page:

Apache server root directory: /etc/httpd
Path to httpd executable: /usr/local/apache/bin/httpd
Path to the apachectl command  None       
Command to start apache  /etc/rc.d/init.d/httpd start      
Command to stop apache  /etc/rc.d/init.d/httpd stop       
Display virtual servers as  Icons     
Order virtual servers by: Server name     
Maximum number of servers to display: 100   
Path to httpd.conf  Automatic       
Path to srm.conf  Automatic       
Path to access.conf  Automatic       
Path to mime.types  /etc/mime.types
File to add virtual servers to  httpd.conf   
Test config file before applying changes?  Yes

Does everything look correct?


Best Regards,

Jeremy
-- 
_______________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup

Re: Version of Apache is not Updating

[Jamie C. <jca...@we...>]

Jeremy Reed wrote:

> I just updated Apache from 1.3.20 to 1.3.24 earlier today and for some reason Webmin is not picking it up.

> When I restarted httpd in SSH and I tried going to a page, it came up with a forbidden error with Apache 1.3.24

> at the bottom. Then after I started Apache through Webmin it sais 1.3.20. I also used http://www.netcraft.com/

> and it is still showing the older version. I've also tried restarting HTTP and the entire server.
> 
> Here's what comes up when checking what version of Apache is running through SSH:
> 
> [root@domain root]# /usr/local/apache/bin/httpd -v
> Server version: Apache/1.3.24 (Unix)
> Server built:   Jun  8 2002 18:23:29
> 
> In my original Apache Server Module that was installed with Webmin there was a section under the Module Config

> link at the top left to enter the version of Apache. I entered 1.3.24 and it still didn't show up. I then tried

> uninstalling the Apache module and reinstalling it and the textbox is missing from the Configuration section now.
> 
> I've searched through most of the pages in the Webmin folders and couldn't find anything on changing the Apache

> version. Can somebody tell me how to update it? This is really frustrating.


It sounds like webmin is not looking at the right httpd executable on your system.. Try clicking on
Module Config and making sure the 'Path to httpd executable' option is set to
/usr/local/apache/bin/httpd , and leave the 'Apache version' as 'Work out automatically' .

  - Jamie

Version of Apache is not Updating

[Jeremy R. <jer...@te...>]

I just updated Apache from 1.3.20 to 1.3.24 earlier today and for some reason Webmin is not picking it up. When I restarted httpd in SSH and I tried going to a page, it came up with a forbidden error with Apache 1.3.24 at the bottom. Then after I started Apache through Webmin it sais 1.3.20. I also used http://www.netcraft.com/ and it is still showing the older version. I've also tried restarting HTTP and the entire server.

Here's what comes up when checking what version of Apache is running through SSH:

[root@domain root]# /usr/local/apache/bin/httpd -v
Server version: Apache/1.3.24 (Unix)
Server built:   Jun  8 2002 18:23:29

In my original Apache Server Module that was installed with Webmin there was a section under the Module Config link at the top left to enter the version of Apache. I entered 1.3.24 and it still didn't show up. I then tried uninstalling the Apache module and reinstalling it and the textbox is missing from the Configuration section now.

I've searched through most of the pages in the Webmin folders and couldn't find anything on changing the Apache version. Can somebody tell me how to update it? This is really frustrating.


Best Regards,

Jeremy
-- 
_______________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup

Re: PAM Authentication for webmin users

[Scott M. <sco...@ya...>]

Mainly because I do not think you need a webmin user
to be a real user (case in point, the initial admin of
webmin).  Since I would be mainly using it to provide
some capability to helpdesk people, I would rather not
be creating & deleting accounts for helpdesk.  Also, I
do not want these webmin people actual telnet/ftp/etc
access into the server so *really* do not want them in
(reset user password via a web interface, ya I can
trust their skill to do that :)
Given some password expiration rules where I work, the
most beneficial capability would be to have the use
SecurID to log in.

-Scott


--- Daniel Wittenberg <dan...@st...>
wrote:
> I've been doing a bunch of work with PAM lately and
> curious why you
> wouldn't just use the PAM module?  I know people
> tend to like using
> their own stuff better, but it would simpify
> integration?
> 
> Dan
> 
> On Fri, 2002-06-07 at 12:03, Scott MacKay wrote:
> > Not how I use it.  I use a special shell 'sdshell'
> > which actually does the challenge (so the user
> needs a
> > login, regular password, then securid challenge),
> but
> > I do know the PAM module exists.
> > I was thinking it would be cool if there was a
> > 'foreign authentication' option allowed, as I can
> > easily write a C app which takes in a username and
> > PIN+ID to validate the user.  If that was
> suppoerted,
> > I don't think I would need actual UNIX accounts...
> > 
> > -Scott
> > 
> > 
> > --- Jamie Cameron <jca...@we...> wrote:
> > > Scott MacKay wrote:
> > > 
> > > >Hiyas,
> > > >    Is there an easy way to implement a SecurID
> > > login
> > > >check for webmin users?
> > > >
> > > Maybe - how does it work if you using PAM and
> > > secureID when
> > > logging in via telnet or at the console?
> Currently
> > > webmin's PAM
> > > authentication mode only supports simple
> > > username/password
> > > interaction.
> > > 
> > >  - Jamie
> > >
> 
> 
>
_______________________________________________________________
> 
> Don't miss the 2002 Sprint PCS Application
> Developer's Conference
> August 25-28 in Las Vegas --
> http://devcon.sprintpcs.com/adp/index.cfm
> 
> -
> Forwarded by the Webmin development list at
> web...@we...
> To remove yourself from this list, go to
>
http://lists.sourceforge.net/lists/listinfo/webadmin-devel


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

Re: PAM Authentication for webmin users

[Daniel W. <dan...@st...>]

I've been doing a bunch of work with PAM lately and curious why you
wouldn't just use the PAM module?  I know people tend to like using
their own stuff better, but it would simpify integration?

Dan

On Fri, 2002-06-07 at 12:03, Scott MacKay wrote:
> Not how I use it.  I use a special shell 'sdshell'
> which actually does the challenge (so the user needs a
> login, regular password, then securid challenge), but
> I do know the PAM module exists.
> I was thinking it would be cool if there was a
> 'foreign authentication' option allowed, as I can
> easily write a C app which takes in a username and
> PIN+ID to validate the user.  If that was suppoerted,
> I don't think I would need actual UNIX accounts...
> 
> -Scott
> 
> 
> --- Jamie Cameron <jca...@we...> wrote:
> > Scott MacKay wrote:
> > 
> > >Hiyas,
> > >    Is there an easy way to implement a SecurID
> > login
> > >check for webmin users?
> > >
> > Maybe - how does it work if you using PAM and
> > secureID when
> > logging in via telnet or at the console? Currently
> > webmin's PAM
> > authentication mode only supports simple
> > username/password
> > interaction.
> > 
> >  - Jamie
> >

Re: PAM Authentication for webmin users

[Scott M. <sco...@ya...>]

Not how I use it.  I use a special shell 'sdshell'
which actually does the challenge (so the user needs a
login, regular password, then securid challenge), but
I do know the PAM module exists.
I was thinking it would be cool if there was a
'foreign authentication' option allowed, as I can
easily write a C app which takes in a username and
PIN+ID to validate the user.  If that was suppoerted,
I don't think I would need actual UNIX accounts...

-Scott


--- Jamie Cameron <jca...@we...> wrote:
> Scott MacKay wrote:
> 
> >Hiyas,
> >    Is there an easy way to implement a SecurID
> login
> >check for webmin users?
> >
> Maybe - how does it work if you using PAM and
> secureID when
> logging in via telnet or at the console? Currently
> webmin's PAM
> authentication mode only supports simple
> username/password
> interaction.
> 
>  - Jamie
> 
> 
> 
>
_______________________________________________________________
> 
> Don't miss the 2002 Sprint PCS Application
> Developer's Conference
> August 25-28 in Las Vegas --
> http://devcon.sprintpcs.com/adp/index.cfm
> 
> -
> Forwarded by the Webmin development list at
> web...@we...
> To remove yourself from this list, go to
>
http://lists.sourceforge.net/lists/listinfo/webadmin-devel


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

Re: PAM Authentication for webmin users

[Jamie C. <jca...@we...>]

Scott MacKay wrote:

>Hiyas,
>    Is there an easy way to implement a SecurID login
>check for webmin users?
>
Maybe - how does it work if you using PAM and secureID when
logging in via telnet or at the console? Currently webmin's PAM
authentication mode only supports simple username/password
interaction.

 - Jamie

PAM Authentication for webmin users

[Scott M. <sco...@ya...>]

Hiyas,
    Is there an easy way to implement a SecurID login
check for webmin users?


-Scott

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

Re: More secure 'passwd' module?

[Jamie C. <jca...@we...>]

Scott MacKay wrote:
> 
> Actually, found the problem.
> 
> In save_passwd.cgi, the section
> if ($config{'passwd_cmd'}) {
> 
> is missing something.  After the
> @user || &error($text{'passwd_euser'});
> 
> it should have the line
> &can_edit_passwd(\@user) ||
>               &error($text{'passwd_ecannot'});
> 
> This would be consistent with the else clause and the
> previous modules.

Absolutely correct .. there is now an update at
http://www.webmin.com/updates.html that fixes this as well.
 
> Also, if the original 'index.cgi' called
> can_edit_passwd, that would be a little more
> consistent.

Yeah, but if there are a lot of users calling can_edit_passwd
repeatedly would be very slow.
 
> For me, I added the following changes:
> 1) Only allow normal and expired passwords to be
> reset. (Expires is the password set to '*expired*' for
> me).  This allows you to keep peeps form giving a
> password to a system account
> 2) Disallow password to be changed for UID <=100
> This was done (hopefully correctly) by doing the
> following in can_edit_passwd:
> 
> if ($_[0]->[2]<=100 || $_[0]->[1] =~ 'NP' ||
> 
> (($_[0]->[1]=~/^[*]+.*$/)&&($_[0]->[1]!~/\*expired\*/)))
> {
>        return 0;
> }

There is already support for controlling access by
UID though. You can just enter 100 as the minimum, and
enter no maximum.

 - Jamie

Re: More secure 'passwd' module?

[Scott M. <sco...@ya...>]

Actually, found the problem.

In save_passwd.cgi, the section
if ($config{'passwd_cmd'}) {

is missing something.  After the 
@user || &error($text{'passwd_euser'});

it should have the line
&can_edit_passwd(\@user) || 
              &error($text{'passwd_ecannot'});

This would be consistent with the else clause and the
previous modules.  

Also, if the original 'index.cgi' called
can_edit_passwd, that would be a little more
consistent.

For me, I added the following changes:
1) Only allow normal and expired passwords to be
reset. (Expires is the password set to '*expired*' for
me).  This allows you to keep peeps form giving a
password to a system account
2) Disallow password to be changed for UID <=100
This was done (hopefully correctly) by doing the
following in can_edit_passwd:

if ($_[0]->[2]<=100 || $_[0]->[1] =~ 'NP' ||
      
(($_[0]->[1]=~/^[*]+.*$/)&&($_[0]->[1]!~/\*expired\*/)))
{
       return 0;
}


--- Jamie Cameron <jca...@we...> wrote:

> You can configure some of those access controls
> already in the password change module, by going into
> the Webmin Users module and clicking on 'Change
> Passwords'
> next to the name of a user. If there are any access
> control restrictions that you would like that are
> currently missing, tell me and it should be possible
> to add them.


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

Re: More secure 'passwd' module?

[Daniel W. <dan...@st...>]

Unfortunately this doesn't work with kerberos though, because you have
to get a token first before you can change the password.  So if you just
tell it to use kpasswd instead, it will try to change it and get an
error. Basically before you run the kpasswd, all you have to do is do a
kinit with the user login/pass, then you can run kpasswd.  So I think
it's simple, I just haven't dived into the setup of the password module
and would like to avoid it if someone else has done this...make sense?

Dan

On Tue, 2002-06-04 at 01:12, Jamie Cameron wrote:
> Since webmin 0.970, the passwd module has had support for running
> an external command (like /usr/bin/passwd) for doing the change, which
> you can set in the module config. If kerberos has some similar command,
> you might be able to use that ..
> 
>  - Jamie

Re: More secure 'passwd' module?

[Scott M. <sco...@ya...>]

Ah, OK.  I have not tried that.

I did see that 2 of the 3 CGIs (I think index.cgi and
update_passwd.cgi) used some kind of lookup to control
access.  the save_passwd.cgi did not, however.
The first one seems to have the access control build
right in, while the second CGI did a lookup from a
library routine.  The third had no apparent lookup.

I am hoping to make a really secure and restrictable
set of modules available to helpdesk...


--- Jamie Cameron <jca...@we...> wrote:
> Scott MacKay wrote:
> > 
> > Hiyas,
> >     Is there a more secure version of the password
> > change module?  I am workin on restricting it down
> > (disallow you to change root password, only change
> > password of unlocked users or those with a
> specific
> > '*expired*' keyword), and noticed that the
> security
> > checks are not too tight.  Namely, save_passwd.cgi
> > does not seem to do the same validation for
> password
> > change rights as the other modules.
> 
> You can configure some of those access controls
> already in the password change module, by going into
> the Webmin Users module and clicking on 'Change
> Passwords'
> next to the name of a user. If there are any access
> control restrictions that you would like that are
> currently missing, tell me and it should be possible
> to add them.
> 
>  - Jamie
> 
>
_______________________________________________________________
> 
> Don't miss the 2002 Sprint PCS Application
> Developer's Conference
> August 25-28 in Las Vegas --
> http://devcon.sprintpcs.com/adp/index.cfm
> 
> -
> Forwarded by the Webmin development list at
> web...@we...
> To remove yourself from this list, go to
>
http://lists.sourceforge.net/lists/listinfo/webadmin-devel


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

Re: More secure 'passwd' module?

[Jamie C. <jca...@we...>]

Since webmin 0.970, the passwd module has had support for running
an external command (like /usr/bin/passwd) for doing the change, which
you can set in the module config. If kerberos has some similar command,
you might be able to use that ..

 - Jamie

dwi...@dn... wrote:
> 
> Speaking of passwd module, anyone adapted it to use kerberos?  I just
> converted all machines to use kerberos so I only have 1 password to keep
> track of and was trying to find an easy way for people to change
> passwords.. ?
> 
> Dan
> 
> On Tue, 4 Jun 2002, Jamie Cameron wrote:
> 
> > Scott MacKay wrote:
> > >
> > > Hiyas,
> > >     Is there a more secure version of the password
> > > change module?  I am workin on restricting it down
> > > (disallow you to change root password, only change
> > > password of unlocked users or those with a specific
> > > '*expired*' keyword), and noticed that the security
> > > checks are not too tight.  Namely, save_passwd.cgi
> > > does not seem to do the same validation for password
> > > change rights as the other modules.
> >
> > You can configure some of those access controls
> > already in the password change module, by going into
> > the Webmin Users module and clicking on 'Change Passwords'
> > next to the name of a user. If there are any access
> > control restrictions that you would like that are
> > currently missing, tell me and it should be possible
> > to add them.
> >
> >  - Jamie

Re: More secure 'passwd' module?

[<dwi...@dn...>]

Speaking of passwd module, anyone adapted it to use kerberos?  I just 
converted all machines to use kerberos so I only have 1 password to keep 
track of and was trying to find an easy way for people to change 
passwords.. ?

Dan

On Tue, 4 Jun 2002, Jamie Cameron wrote:

> Scott MacKay wrote:
> > 
> > Hiyas,
> >     Is there a more secure version of the password
> > change module?  I am workin on restricting it down
> > (disallow you to change root password, only change
> > password of unlocked users or those with a specific
> > '*expired*' keyword), and noticed that the security
> > checks are not too tight.  Namely, save_passwd.cgi
> > does not seem to do the same validation for password
> > change rights as the other modules.
> 
> You can configure some of those access controls
> already in the password change module, by going into
> the Webmin Users module and clicking on 'Change Passwords'
> next to the name of a user. If there are any access
> control restrictions that you would like that are
> currently missing, tell me and it should be possible
> to add them.
> 
>  - Jamie
> 
> _______________________________________________________________
> 
> Don't miss the 2002 Sprint PCS Application Developer's Conference
> August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
> 
> -
> Forwarded by the Webmin development list at web...@we...
> To remove yourself from this list, go to
> http://lists.sourceforge.net/lists/listinfo/webadmin-devel
>