{"id":161,"date":"2000-05-21T20:54:24","date_gmt":"2000-05-22T03:54:24","guid":{"rendered":"http:\/\/www.jeffcarl.com\/?p=161"},"modified":"2020-07-08T19:04:32","modified_gmt":"2020-07-09T02:04:32","slug":"webmin-easy-freenix-administration-through-a-web-interface","status":"publish","type":"post","link":"https:\/\/www.jeffcarl.com\/index.php\/2000\/05\/21\/webmin-easy-freenix-administration-through-a-web-interface\/","title":{"rendered":"Webmin Easy Freenix Administration through a Web Interface"},"content":{"rendered":"\n

By Jeffrey Carl<\/strong><\/p>\n\n\n\n

\"Boardwatch
Boardwatch Magazine, May 2000<\/figcaption><\/figure><\/div>\n\n\n\n

Boardwatch Magazine was the place to go for Internet Service Provider industry news, opinions and gossip for much of the 1990s. It was founded by the iconoclastic and opinionated Jack Rickard in the commercial Internet’s early days, and by the time I joined it had a niche following but an influential among ISPs, particularly for its annual ranking of Tier 1 ISPs and through the ISPcon tradeshow. Writing and speaking for Boardwatch was one of my fondest memories of the first dot-com age.<\/em><\/p>\n\n\n\n

Are you looking for an easy web-based GUI to administer Unix servers? Want to provide your Unix clue-challenged hosting customers with an easy way to administer their machines? <\/p>\n\n\n\n

If so, try Webmin<\/strong> (http:\/\/www.webmin.com\/webmin\/<\/em>), a free application which allows you or your users to easily administer their Freenix system through a web interface. You can use it yourself, or you can offer it to clients with dedicated web or mail servers to do some of their own administration and take the burden off of you.<\/p>\n\n\n\n

Installation and Setup<\/h2>\n\n\n\n

Webmin is a Perl 5 program that allows you to configure everything from user accounts to DNS and Samba filesharing and more. Webmin is free, and runs on a wide variety of Linuxes (including Caldera OpenLinux, RedHat, S.u.S.E., Slackware, Debian, TurboLinux, Mandrake, Delix DLD, Apple MkLinux) as well as FreeBSD and OpenBSD. It has been most thoroughly tested on Caldera OpenLinux, RedHat and FreeBSD, but it should run fine on other systems with potentially a bit of tweaking. <\/p>\n\n\n\n

To install, go to ftp:\/\/ftp.webmin.com<\/em>, and select the most recent version of Webmin (webmin-0.78.tar.gz at the time of this writing). Unzip and untar the file, then run the included setup.sh to install Webmin. Answer a few questions about your system setup, create a username and password for yourself, select a port for Webmin to run on, and you\u2019re ready to go. To upgrade, download the source for a new version and specify the source file\u2019s location in the Webmin interface\u2019s Webmin Configuration<\/strong> -> Webmin Upgrade<\/strong> option.<\/p>\n\n\n\n

Webmin is modular in nature, and comprises a \u201ccore\u201d Webmin server with a number of default modules. Each module (like Cron<\/strong>, BIND<\/strong>, Syslog<\/strong>, etc.) provides administration functionality for its specified service. At installation time, all default modules are installed; you can remove modules through the Webmin interface, or download new third-party modules from a link on the Webmin home page. Webmin stores configuration files for all of its modules inside directories located (usually) in \/etc\/webmin\/modulename\/. The start and stop scripts for Webmin are also stored (somewhat confusingly) in \/etc\/webmin, rather than in \/usr\/local\/sbin or in the Webmin home directory. Its logs are by default stored in \/var\/webmin\/, rather than in \/var\/log\/webmin\/.<\/p>\n\n\n\n

Webmin includes its own \u201cminiature\u201d webserver, so you don\u2019t need to alter your Apache (or other web server) configuration to use it. The mini server is also a Perl script (\/usr\/local\/webmin-0.78\/miniserv.pl or something similar), which runs (owned by the root<\/strong> user) until the process is killed. This isn\u2019t a terribly elegant solution, and it eats up about 3 MB of RAM as long as Webmin is running, but we\u2019re assuming here that convenience is more of an issue here than absolute maximum performance.<\/p>\n\n\n\n

If the idea of running a root-owned process over unencrypted HTTP scares you, you\u2019re right. Webmin includes functionality to use Perl\u2019s Net::SSLeay module to run its miniserver through HTTPS. If you don\u2019t have this Perl module installed (and you\u2019ll need to have the C libraries included with OpenSSL<\/strong> to get SSLeay<\/strong> to work), you\u2019ll find download links and (relatively) helpful instructions for OpenSSL and SSLeay on the Webmin home page. Keep in mind, however, that setting SSLeay up can sometimes be, to use the technical term, a \u201cmajor pain in the butt.\u201d<\/p>\n\n\n\n

Even better for security, you can also use Webmin\u2019s interface to specify specific IP addresses from which Webmin can be accessed. This isn\u2019t a foolproof setup, but it should be good enough for many system administrators.<\/p>\n\n\n\n

Fun with Modules<\/h3>\n\n\n\n

Webmin\u2019s interface is no-frills. It has very plain and simple graphics, loads quickly and gets the job done \u2013 a very wise choice, in my opinion. All functionality is provided in HTML tables instead of through a contrived graphical user interface.<\/p>\n\n\n\n

As mentioned before, Webmin\u2019s functionality is based on its included modules, each of which provides an interface to a specific service, application or daemon. The default installation includes all of the Webmin modules, which include such helpful items as MySQL<\/strong>, WU-FTPD<\/strong>, NFS<\/strong>, Apache<\/strong>, Users, Groups and Passwords<\/strong>, and a large number of other actions (for a complete list, see www.webmin.com\/webmin\/standard.html<\/em>). Some default modules are OS-specific, like LinuxRAID<\/strong>, Linux Boot Loader<\/strong> and Network Configuration<\/strong> (for Linux and Solaris). Third-party modules which are available for Webmin (including ones for QMail<\/strong>, VNC<\/strong> and one which allows SSH<\/strong> logins in place of Webmin\u2019s telnet tool) are available at www.webmin.com\/webmin\/third.html<\/em>. There\u2019s also a \u201cwish list\u201d of modules currently planned or under development at www.coastnet.com\/~ken\/webmin\/wish.html<\/em>.<\/p>\n\n\n\n

Of course, having all of these modules available doesn\u2019t mean that all of these services are available to you. Despite the fact that there\u2019s a Samba Windows File Sharing<\/strong> module, for example, you\u2019ll still need to manually download and install Samba on your machine before you can use Webmin to configure it. <\/p>\n\n\n\n

Each of the included modules is well written, and provides a wide range of functionality. For example, the Apache module allows you to set up or alter virtual hosts, set permissions, add or modify MIME types, change Apache\u2019s process limits and more. Even better, the module-writing spec is open, allowing you to write your own modules if you have a good knowledge of Perl and the application or service that you\u2019re writing your module for. <\/p>\n\n\n\n

One exception to this is the included Telnet Login<\/strong> module, which offers up a Java applet allowing you a telnet login through the web browser. This module is (surprise!) unfortunately dependent upon the Java Virtual Machine (JVM)\/ Just-In-Time compiler (JIT) your browser is using, and can be unreliable in some cases. For example, it runs fine with the Apple JVM\/JIT used by Netscape\/MacOS, but is unusable with the Symantec JVM\/JIT used by Microsoft Internet Explorer\/MacOS. <\/p>\n\n\n\n

Overall, however, Webmin\u2019s functions are well defined and easily accessible. If you are at all familiar with the service that you\u2019re configuring, Webmin provides a simple point-and-click interface that absolves you from needing to remember file locations and command-line switches.<\/p>\n\n\n\n

Fun with Configurability<\/h2>\n\n\n\n

Through the Webmin Configuration<\/strong> option on its index page, you can set up a variety of options, including Webmin logging, port\/address for Webmin, and interface look and feel. Perhaps unsurprisingly, this is a significant improvement over command-line based programs which often leave no clues as to where their configuration files are. Also, most of these configuration options can be set manually via the command line in \/etc\/webmin\/miniserv.conf.<\/p>\n\n\n\n

Another handy feature if you\u2019re using Webmin to administer a number of machines is its Webmin Servers Index<\/strong> function (available from your Webmin index page). Choose a central machine where you do most of your administration, and then fill out the forms to \u201cregister\u201d the other servers you\u2019re running Webmin on. Alternatively, you can set up a list of servers on one machine, then copy the files in \/etc\/webmin\/servers\/ from that server to all of your other servers and have those links automatically established. <\/p>\n\n\n\n

Every time thereafter that you click on the Servers Index button, you\u2019ll be presented with a quick link to all of your other Webmin-enabled servers. You can specify a username and password to quickly log in to the other servers for convenience, or you can create a normal connection that will prompt you for a username and password for extra security.<\/p>\n\n\n\n

An especially useful configuration option on the index page is Webmin Users<\/strong>. Through this, you can set up a variety of username\/password logins for Webmin, and the modules that they\u2019re allowed to access. This is particularly worthwhile if you want to set up one user for you (allowing access to all modules) and another user for your customer (only allowing access to modules for adding\/removing users, Sendmail, Apache, etc.). With this setup, you can allow customers access to commonly used features but keep them from doing anything which might seriously \u201chose\u201d their system. <\/p>\n\n\n\n

This isn\u2019t a completely secure setup, however, since information about the modules that users can access is store in a plain text file as \/etc\/webmin\/webmin.acl (usernames and passwords are stored in \/etc\/webmin\/webmin.users), and a user with root access could easily change this.<\/p>\n\n\n\n

You Can Lead a User to Man Pages, But You Can\u2019t Make Them Think<\/p>\n\n\n\n

Webmin provides a great deal of functionality in the modules it provides; but what it doesn\u2019t<\/em> provide is help in understanding them. This is almost certainly too much to ask from a free admin program, but it does limit Webmin\u2019s usefulness in some ways (at least for users who are not already very familiar with Unix). For example, it can allow a user to enable or disable the chargen service or edit \/etc\/fstab, but it provides no information about what those things are, or why you might want (or might not!) want to change them. <\/p>\n\n\n\n

While a truly novice-friendly administration interface is too much to ask for, clickable keywords with glossary listings probably aren\u2019t too much to ask for. The lack of documentation and help defeats one of Webmin\u2019s primary benefits: the ability for a Unix novice to easily administer their system. While Webmin certainly aids new users by removing the burden of needing to know command-line options, it certainly won\u2019t help them to configure Apache options if they don\u2019t know what \u201cMaximum requests per server process<\/strong>\u201d means. Novice users are one of Webmin\u2019s potentially largest markets, and it would be a shame if they didn\u2019t provide explanatory text for their options in a future release version.<\/p>\n\n\n\n

Still, this is a very forgivable gripe for a program which still isn\u2019t even at release 1.0. What isn\u2019t<\/em> forgivable, however, is Webmin\u2019s severe lack of documentation about itself, what it does, and how it does what it does. While this won\u2019t deter the experienced system administrator, it limits how useful Webmin can be to administrators who would like an explanation of what they\u2019re doing to their system, but don\u2019t have the skills or knowledge to examine Webmin and its modules closely.<\/p>\n\n\n\n

On the positive side, the Webmin site answers many frequently asked questions, and each built-in module also contains its own help information. A Webmin mailing list (frequently posted to by the authors) is also available; subscription information and a searchable archive are available from the Webmin home page. Even better, a Webmin Help<\/strong>option is always available from the index screen. Unfortunately, the help that is available appears to have been written as an afterthought, and the regexp searches that Webmin appears to do when you\u2019re looking for help aren\u2019t always very useful. <\/p>\n\n\n\n

The installation doesn\u2019t even include a documentation directory or man page, and users are left to figure out for themselves how the system works and what goes on. Most of the information I managed to gather about Webmin\u2019s internal workings was from reading the source for the installer shell script and the Perl code of the individual modules. If you\u2019re like me (and I feel bad for you if you are), you will want lots of documentation about any third-party tool that runs as root.<\/p>\n\n\n\n

Conclusions: Good, But Not Perfect<\/h2>\n\n\n\n

Is Webmin worth downloading, installing and trying? Absolutely \u2013 it offers excellent features, and the price (none) can\u2019t be beat. Is it worth deploying for your technical support staff or customers? It depends on whether you\u2019re willing to accept its limitations (and potential security or system integrity risks).<\/p>\n\n\n\n

Nonetheless, Webmin has tremendous potential to provide a great web interface for Unix control. If your needs match its strengths and you aren\u2019t too concerned about its weaknesses, then it\u2019s something you should add to your administration arsenal right away. Even if it doesn\u2019t meet your needs now, it certainly is a tool worth watching for the future.<\/p>\n","protected":false},"excerpt":{"rendered":"

By Jeffrey Carl Boardwatch Magazine was the place to go for Internet Service Provider industry news, opinions and gossip for much of the 1990s. It was founded by the iconoclastic and opinionated Jack Rickard in the commercial Internet’s early days, and by the time I joined it had a niche following but an influential among … Continue reading Webmin Easy Freenix Administration through a Web Interface<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":22,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,66],"tags":[],"class_list":["post-161","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-boardwatch-writing","category-tech"],"jetpack_featured_media_url":"https:\/\/www.jeffcarl.com\/wp-content\/uploads\/2020\/04\/bwatch.gif","_links":{"self":[{"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/posts\/161","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/comments?post=161"}],"version-history":[{"count":1,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/posts\/161\/revisions"}],"predecessor-version":[{"id":162,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/posts\/161\/revisions\/162"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/media\/22"}],"wp:attachment":[{"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/media?parent=161"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/categories?post=161"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/tags?post=161"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}