The second category on the Webmin tab bar is System. Clicking it will allow you to edit such system features as: Bootup and Shutdown behavior, Disk Quotas, Filesystems, Manual Pages, NFS Exports, Processes, Cron Jobs, System Logs, and more. Figure 5.1, “System Category” shows the options available on a Linux system (specifically a server that's running Red Hat Linux).
Clicking bootup and shutdown brings you to a page of bootup options. In the case of a Red Hat system, it provides access to all of the init scripts found in /etc/rc.d/init.d. Similarly, on a Solaris system the scripts are located in /etc/init.d. Clicking on any of the script names will provide the ability to edit, start, stop, and delete the init script. Usually, each init script provides functions to start, stop, and restart system services such as Sendmail, named, and Apache, as well as perform basic system initializations such as setting up network devices and routing tables. An easy way to add a new service or command to the system startup routine, if it does not have an init script, is to add it in /etc/rc.d/rc.local or /etc/rc.local.
Also on this page you'll see the Reboot and Shutdown buttons. They do just what you would assume, after a confirmation screen.
The Change Password module allows administrators to change the passwords of some or all users on the system, depending on access control configuration. Generally, the root user can change passwords of all users on the system. This module provides the same functions as the passwd command, but offers a little more flexibility with regard to dictating which passwords can be modified by whom.
Use of the module is mostly self-explanatory. If logged in as a user that has control over more than your own password, you will first see a list of usernames. Click on the one you would like to change the password for, and enter the new password twice (the second field is a confirmation field, to insure the first instance was entered correctly). Depending on the module configuration for the user, it may be necessary to enter the old password before changing the password will be permitted.
![[Note]](http://swelltech.com/support/webminguide/images/note.png) | Note |
|---|---|
On some systems, a library known as cracklib is used to insure relatively complex passwords. It enforces rules against simple dictionary word passwords, and some other easily guessed types of passwords. When this is enabled, changing passwords may be confusing for users unfamiliar with the notion of choosing secure passwords, and you may receive complaints from users unable to change their password. Education is the preferred way to handle this problem, but in some environments, disabling cracklib is easier and less likely to result in disgruntled users. Configuration of this is usually handled by the PAM service, which is covered in the PAM Authentication XXX make a cross-ref XXX section | |
This module has quite flexible options for dictating what passwords can be changed by a given user. To edit the ACL for this module, browse to the Webmin:Webmin Users module, and locate the user you wish to edit. Then click on the Change Password link for that user. This will open the Module Access Control page for the selected user.
Like all modules, the first option is Can edit module configuration?, which simply specifies whether the module configuration can be altered by the user. More interesting options are those that select which users whose passwords can be changed. The Users whose passwords can be changed option allows you to choose from a number of options, including All users, Only this user, Only users which allows selection of any number of users from a list, and All except which allows specification of one or more users which cannot be edited while all others can be. The next choice, Users with UID in range is particularly useful, as most UNIX and Linux systems segregate system and non-system users into ranges of UIDs. Specifically, on most Linux systems, system users fall into the 0-499 range, while normal users begin on UID 500. The Users with primary group option allows you to select a primary group to permit the user to change passwords for. This can be useful for segregating users into workgroups with group administrators who can reset passwords (and perform other actions based on the same criteria in other modules). The final option Users matching performs a simple text match on the username.XXX?
Other options include whether the password must be entered a second time for confirmation (recommended), whether the old password must be entered before a new one can be set, and whether other password restricted services will also be changed. This final option selects whether the new password will apply to databases, Samba, Squid authentication, etc.
Disk quotas allow an administrator to specify the amount of space that users are allowed to use before they are no longer allowed to write to the filesystem. Webmin supports the quota systems on most of its supported operating systems and versions, though the capabilities and specific details are slightly different across the various systems. In the tutorial at the end of the quotas section, there is a walk-through of initializing quota support under Linux and configuring a set of user and group quotas on the /home filesystem.
Disk quotas can be applied to either users or groups or both. They are applied to all files and directories within a given filesystem that belong to a given user or group. It is possible to apply quotas to some users while allowing others to have unrestricted use of the filesystem. Most operating systems support soft limits, which allow the user to surpass their limit for some period of time, and hard limits which immediately stop writing data upon reaching the limit. Limits can be placed on the amount of space (usually in disk block increments) and on the number of files.
The Disk and Network Filesystems page provides a detailed view of the filesystems listed in /etc/fstab. From this page you can edit mount points, create new mount points, umount and mount partitions, and add execute and setuid restrictions to specific mount points for security Figure 5.2, “Mounted Filesystems”. This module configures the /etc/fstab file.
To edit one of the listed filesystems, simply click on it. From there, you'll be able to mount and unmount the filesystem, and adjust several filesystem options. The available options may vary depending on the operating system and the media. Linux and Solaris have large differences, and so will be documented separately. Irix and FreeBSD are nearly identical to Linux, and so are not given their own section.
In the upper table on the Edit Mount page, Webmin offers access to several general options that are applicable for all filesystems Figure 5.3, “Linux Native Filesystem Mount Details”.
- Mounted As
This is the mount point on which the filesystem will be located in your system's directory hierarchy. A mount point is a directory, made like any other directory using the mkdir command. When mounting a filesystem, the OS checks this value to decide where the contents of the filesystem should be located in the hierarchy. Some mount points, such as /usr and /, have a specific meaning for the OS and must not be changed. While several other mount points are so named because of long standing UNIX tradition, such as /home and /usr/local. Nevertheless, most mount points can be named in any way that suits your environment; just be careful when you diverge from the historically accepted names.
- Save mount?
Provides options for whether to save the current mount point. Generally, when creating a new mount point, or modifying an old one, you will want to save and mount at boot. However, if the media is a removable media, like floppy disk or CD ROM, you will likely choose just to save the mount. Finally, if you are only creating a temporary filesystem, such as for mounting an ISO image as a filesystem, you'll have no need to save the mount point.
- Mount now?
Allows you to choose whether to mount or unmount the filesystem now. If Mount is selected, Webmin will attempt to mount the filesystem when you click the Create or Save buttons. Likewise, selecting Unmount will attempt to unmount the filesystem if it is mounted. If the filesystem is in use by any programs, the OS will refuse to unmount the filesystem.
- Check filesystem at boot
Selects whether the filesystem will be checked using fsck on system boot, and if so, what priority the check should receive. Note that some filesystem types, such as journaled filesystems like ReiserFS and XFS, do not usually need to be checked. Also, read only filesystems, such as those of CD ROMs, should not be checked. Under Linux, the ext3 filesystem will quietly skip the fsck, even when the fstab entry specifies a priority here, unless the user specifies otherwise manually during a boot after an unclean shutdown. As it is a journaling filesystem, this is reasonable behavior, but may not be immediately obvious from the documentation.
- Linux Native Filesystem
Allows you to choose the device that will be associated with the mount point. Some modern Linux distributions use labeled devices for this, while others simply identify the device directly. The drop-down menu provides access to all of the known disk devices. You may also enter a device or ISO filename directly in the text entry field by clicking the Other devices radio button.
The lower table on this page displays the advanced mount options and indicates which are enabled Figure 5.4, “Advanced Mount Options”.
- Read-only?
Sets the read only flag for the filesystem. If Yes, the filesystem will not allow writing, even by the root user. CD ROM drives, floppy disks mounted with the write protect tab enabled, and some other media will always have this flag enabled, regardless of the setting in fstab. This option correlates to the ro mount option.
- Buffer writes to filesystem?
Allows you to disable write buffering for this device. By default, disk I/O is buffered in UNIX, to improve responsiveness and increase overall disk throughput. In some circumstances, buffering can be detrimental to the reliability of a system. Some database or email server software may be more reliable on a filesystem that has buffering disabled. Ordinarily, this change is unnecessary, as most software that requires this behavior forces a flush to disk after every transaction, thus disabling buffering for only the application that requires it. In most situations, altering this will only slow down the system without providing any tangible benefit. This option enables the sync mount option switch.
- Allow device files?
This option dictates whether a file can be treated as a device on this filesystem. Device files are a special type of file that does not map to a portion of the disk, but instead directs I/O to another physical or virtual device, such as a printer, a modem, or a console display. In general, only the root user should be allowed to mount filesystems containing device files. This option enables the nodev switch.
- Allow execution of binaries?
When this option is enabled, no file contained on the filesystem will be treated as an executable file. It could be useful when mounting a filesystem that contains binary executables for another architecture, such as PPC executables from Yellow Dog Linux on an x86 system running FreeBSD. This option correlates to the noexec switch.
- Disallow setuid programs?
A program that is setuid will be treated by the system as though it were executed by the user to which it has been set to. For example, a program that has been setuid root will be executed with the permissions of the root user, thus it can be very dangerous. Since a program that is setuid root could be very dangerous, there must be a means to prevent users from being able to introduce setuid programs into the system from outside sources such as CD ROM or floppy disks. This option correlates to the nosuid directive.
- Allow users to mount this filesystem?
If users need to be able to mount the filesystem, this option can be selected. In general, most filesystems will be mounted at boot time and will thus always be available to users. But in the case of removable media like floppy disks, USB drives, and CDROM disks, the user is likely to need to access their own disks on occasion. This option corresponds to the user mount switch.
- Action on error
When mounting the filesystem, errors may occur. This option allows you to choose how the system should behave in response to mount errors. The default is set in the filesystem super block, and can be configured using the tune2fs utility. When set to Continue the filesystem will be mounted and the filesystem will be marked as being in an erroneous condition. When set to Remount read-only, the system will attempt to remount the filesystem as a read-only filesystem. This can provide some level of safety and help maintain the ability to recover data from the disk if the errors were due to a failing disk. The Panic option halts the system with a filesystem mount error. This option corresponds to the errors mount option.
![[Caution]](http://swelltech.com/support/webminguide/images/caution.png)
Caution When attempting to recover data from a damaged disk, or a disk with data that has been accidentally deleted, it is vital that no additional data be written to the disk. Because of the design of most UNIX filesystems in use today, including Linux ext2 and the BSD systems UFS, a files contents are not usually removed from disk until the space is required by the OS for new storing new data. Thus, if you immediately remount your filesystem read-only, your ability to restore deleted data is greatly improved. A better choice, of course, is to make good use of a reliable backup utility and a regular backup schedule. It is impossible to guarantee recovery of deleted files or files lost due to a failing drive without a recent backup of the files.
- Files inherit parent directory GID?
When new files are created on a UNIX filesystem, they usually have user and group ownership matching the creator of the file. If a directory must be shared by a number of users, it may be desirable to have the group membership of the files set to a specific GID. When this option is enabled, new files will have group membership set to the GID specified by the containing directory. This option corresponds to the grpid or bsdgroups mount options, and defaults to no.
- Use Quotas?
If quotas should be used to manage disk usage for this filesystem, you may select the type of quotas to be applied. This option corresponds to the grpquota, noquota, quota, and usrquota option switches and defaults to applying no quotas.
- Reserve space for user, Reserve space for group,
Most UNIX filesystems implicitly set aside a small amount of space for emergency use by an administrator. This space will remain available even if the normal users of the system have filled the rest of the disk. By default this user will be the root user, however, in ext2 and ext3 filesystems the reserved space may be used by the user or group specified here. This option configures the resuid and resgid options.
Solaris has a few of its own additional options beyond the traditional UFS options. This section will cover the options that diverge from the Linux options discussed already.
- UFS Disk
This option is only moderately different from the similar option on Linux and other systems. Disks are identified by type, SCSI or IDE, system device numbers, and the partition number. RAID devices may be specified by Unit number, and other devices may be specified by pathname.
The Solaris UFS implementation provides a few special features differentiating it from the previously documented Linux advanced mount options, specifically, Repair Delay, Update access times?, Force direct IO?, Allow large files?, and Enabled logging? are available, while Allow execution of binaries?, Allow device files?, Allow users to mount this filesystem?, File inherit parent GID? and the reserved space options that were available in Linux are not.
- Allow user interrupt?
This option configures whether a user will be permitted to interrupt a process that is blocked waiting for a disk operation on this filesystem. This option corresponds to intr and nointr, and defaults to yes (intr).
- Repair Delay
Because it is possible for the server to reboot on a failed mount attempt, the system needs a protective mechanism to prevent it from going into a repair/reboot cycle, which might do more harm to an already damaged filesystem. This option specifies the minimum amount of time between repair attempts. If the system reboots within this time frame and attempts to repair the disk a second time within the time specified, it will simply halt. This option correlates to the toosoon mount directive, and is only available in Solaris versions older then 7. It is unnecessary and ignored on later Solaris revisions.
- Update access times?
This option specifies whether the access time, or atime, value of a file will be updated when accessed. Immediately means that a files access time will be updated immediately every time the file is accessed. Deferred means the access time will be updated, but only during the course of other filesystem activity. Finally, No means that access time will never be updated on a file. On ordinary filesystems, it is desirable to leave atime enabled. Alternatively, when using a filesystem exclusively for an application that does not require access time updates, like an NNTP news spool or a web cache, disabling atime updates can provide a small performance boost as the number of disk transactions required is reduced. This option correlates to the noatime, and dfratime and nodfratime switches.
- Force direct IO?
This option is functionally the same as the Buffer writes to filesystem? described previously. In its simplest terms it disables buffering between processes and the filesystem. For programs that use very large contiguous files without frequent random access, forcing direct I/O can improve overall throughput. This option correlates to the forcedirectio and noforcedirectio. By default, direct I/O is not enabled, and all disk I/O will be buffered.
- Allow large files?
Maximum file size on Solaris, as on most operating systems, has throughout its history gone through changes. In simple terms, this option dictates whether a filesystem will permit files over the size of 2GB (currently). Because there are a number of programs, operating systems, and other filesystems that cannot support files larger than 2GB this limit can be imposed to maintain reliable operation between those differing parts. For example, if a filesystem is to be exported via NFS to operating systems that cannot handle large files, it is wise to enforce this limit on the exporting machine as well. This option corresponds to the largefiles and nolargefiles mount switches.
- Enabled logging?
Logging, when enabled, stores filesystem transactions in a log before applying the transaction to the filesystem. In other words, before making an I/O transaction permanent, it must successfully complete. The result of this is that in the event of a unclean shutdown of the system, the filesystem will remain in a consistent state, eliminating the necessity of running fsck on the filesystem. This option correlates to the logging and nologging mount switches.
This page (Figure 5.5, “System Documentation”) provides access to the extensive help that is available on most UNIX systems through man pages, in addition to the Webmin help files, installed package documentation files, Perl module documentation, as well as results from the Google search engine.
Using the module is as simple as entering a search term and clicking Search. If you choose to Match any in your search, the module will return a list of all pages that it can find that match your query. You may specify which types of documentation you'd like to search, including man pages, Webmin help files, documentation for installed packages, Perl module documentation, and The Book of Webmin either locally or remotely. It will also provide a simple gateway to a Google search.
Man pages are divided into numbered sections, in order to clearly distinguish programming documentation from user command documentation, etc. When performing a search of the man pages, you will likely see multiple results matching your search term. In some cases, there will be more than one entry precisely matching the command or term you're looking for, in different manual sections. The sections are roughly divided as described below:
User commands that may be run by all users.
System calls, or functions provided by the kernel.
Library Functions.
Devices, or special files in the /dev directory.
File format descriptions, for such files as /etc/passwd and sendmail's /etc/aliases file.
Games.
Miscellaneous, macro packages, and conventions. Examples include bootparam and unicode.
System administration tools that only root can execute. Examples include ifconfig and halt.
OS Specific kernel routine documentation. Not always available on all systems.
Also available on some systems are a few lettered sections. They are: n for New documentation, which may be moved in the future to a new location, o for Old documentation, which will likely be phased out, and l for Local documentation specific to this particular system.
This page also provides the configuration for searching from within the other modules. In most Webmin modules, there will be a Search docs... link in the upper right corner of the page. When clicked, Webmin will search all of the available documentation that has been selected and present links and short excerpts from the documents. If your system will be disconnected from the Internet, you may wish to disable Google searchs. Likewise, if you do not want package documentation or similar types of documentation to be searched you may unselect them here.
![[Tip]](http://swelltech.com/support/webminguide/images/tip.png) | Tip |
|---|---|
In recent versions of Webmin, it is possible to search the contents of this book, if the corresponding module is installed. To obtain the Webmin module for this book, visit the Projects page at Swell Technology for downloads in .wbm and .rpm packages. It is not included in the base Webmin package, due to its large size. | |
The Process Manager is accessed by clicking the Running Processes icon (Figure 5.6, “Running Processes”). This page provides a list of all running processes grouped by lineage. Clicking on a Process ID will provide more complete information about the process, including the command that was run, the parent process, the CPU usage, run time, size, niceness level, and more.
Niceness level is configurable. Niceness is a measure of how much processor time the process will be allowed compared to other processes on the system, and its values go from -20 (highest priority) to +20 (lowest priority).
Clicking on the Files and Connections button provides a list of the files that are being used by the process, as well as a list of open file descriptors and details about each. The open files will often contain a number of shared libraries, configuration files, and possibly user files that have been open by the user of the process if it is a user application. Open network connections will provide information about what network connections exist for this process. In many cases, this list will only contain local loopback connections from 127.0.0.1, or this section of the page may not be present if the application has no network connections.
The module also offers several alternative views of the data, including sorting by user, memory usage, and CPU usage. Clicking the Search link provides the ability to filter on a given aspect of the process. Finally, the Run.. link provides a simple method of running a command, with optional arbitrary command-line input.
Similar information can be gained from the standard UNIX command ps on the command line. Niceness level of a process can be set from the command line using the nice command. Sending a signal to a process, or terminating a process, is achieved using the kill command. The list of files and connections is gathered using the lsof command.
The at command provides a simple means to execute a specified command at a specified time. Its usage is simple, made even simpler by the Webmin interface. It can be very useful for a number of tasks, such as running one-time CPU intensive tasks at off-hours, notifying you of appointments, etc.
To create a new at job, simply fill in the details. Specifically, the Run as user option dictates the user under which the command will be run. Run on date and Run at time specifies the date and time at which the command will run. The Run in directory option specifies where the at command will be run from, as a change directory command will be run before the command is executed. This directory must be accessible by the user under which the command is run. Finally, the Commands to execute is where you may enter the commands to be run by at at the specified time. Any number of linefeed separated commands may be entered and they will be executed in sequence.
| Note |
|---|---|
If you have a repetitive task that needs to be executed at a specified time daily, or weekly, or monthly, at is not the best tool for the job. There is another command call cron that is more appropriate. cron is covered in the next section. | |
The Cron Jobs module is used for editing the crontab on your system. Cron is a daemon that runs constantly on most UNIX systems, and allows users and the adminstrator to run specified tasks automatically at selected times. Ordinarily, crond is configured from the system-wide crontab as well as one or more configuration directories in /etc/cron.d, and on Red Hat Linux systems and some other Linux distributions crond draws its configuration from /etc/cron.hourly, /etc/cron.daily, /etc/cron.weekly, and /etc/cron.monthly. Note that even on Red Hat and similar systems, /etc/cron.d and /etc/crontab still exists and can be used just as on any other UNIX system.
Configuration of crond is much simplified by use of the Webmin module. To create a new cron job, click Create a new cron job. The Create Cron Job page (Figure 5.7, “Create Cron Job”) allows you to select the user that the cron job will run as, thereby limiting its permissions to those of the selected user. As in all permissions situations, it is best to choose a user with the least permissions required to actually accomplish the task needed. There are fields for entering the Command you want to be executed, as well as for any Input to command you might have. The Active option dictates whether the command is enabled or disabled by commenting it out with a hash mark at the beginning of the line.
In Figure 5.7, “Create Cron Job”, I've created a cron job that is run as a user named backup (a user I've created just for such tasks). The job is Active, so it will run at the specified times. The command that is being run is a simple tar command line to backup my complete /etc directory to a tarball in /home/backup. While this is not a terribly sophisticated backup system, it gets the job done without much complexity. Furthermore, a simple periodic backup of important files is far better than no backup at all. In this case, it is made slightly more effective by the fact that /etc and /home are partitions on two different hard disks.
The Software Packages module allows an administrator to perform software upgrades and package maintenance via a quite friendly interface. Alhough the actual implementation can vary quite a lot depending on which software packaging system your operating environment uses, Webmin masks most differences and the overall usage of each is very similar.
Most modern UNIX systems feature a package manager. The concept of a package manager may be foreign to new users migrating from Windows operating systems, in which software is installed by one of a number of installation processes. There is usually no record kept of the locations of installed files, and no easy way to remove all of them if the software is no longer needed. While some installation utilities are more effective and reliable than others, all of them have difficulty making wise decisions about software dependencies and available library versions. The lack of a unified package manager has led to an entire product category devoted to removing old software installations because of these problems.
A package manager solves this problem, and quite a few other problems that aren't obvious until you've lived with one for a while. With a package managed system, you never have to wonder where a given file originated, or whether a given library or system component is installed. Finding the version of any installed package is quick and easy, and upgrading old packages to new versions can usually be done without fear of overwriting configuration details. So, now that it is clear why package managers are great, it is a good time to talk about how you can use your package manager from Webmin.
Webmin provides a mostly consistent frontend to most major OS package managers. The supported operating systems include RPM-based Linux distributions, like Red Hat, SuSE and Mandrake, deb-based systems like Debian, systems using the pkg style tools like Solaris, Slackware Linux, and SCO Unixware and OpenServer, as well as the HP/UX and IBM AIX package managers. A notable exception to the list of support operating systems is Irix. Though it has a package manager, it is not currently supported by Webmin.
Webmin presents a simple interface that provides the ability to install packages, search currently installed packages, view the installed packages, and remove packages (Figure 5.8, “Software Package Management on Solaris”). Additionally, it is possible to identify the package from which a specified file was installed.
- Installed Packages
To search for a package, enter the package name here. A package name is the name of the file that was installed, without the version number or filename extension. For example, on a Red Hat system, the Postfix mail server package is simply called postfix. When searching, Webmin will return all packages that have the search term as part of the package name or as part of the package description. This usually makes it easy to find what you're looking for even if you don't know the exact package name.
To view a list of all installed packages, click the Package Tree button. When applicable, packages will be divided into their appropriate categories as designated by the packager.
- Install a New Package
To install a new package (Figure 5.9, “Install Package”), specify its location, either a local file path, a URL or by uploading it from your local machine using the Browse... option. The package will be identified, the title and description will be displayed, and the installation path may be specified for relocatable packages.
It may also be possible to specify options regarding dependencies, installation scripts, documentation, filesystem size, etc. Generally, the default options will work fine.
- Identify a File
Often it is useful to know which package provided a particular file on the filesystem. Simply enter the path to the file you would like to find information about into the text field and click the Search for: button.
- Edit Package
Clicking on a package name provides access to the Edit Package page (Figure 5.10, “Edit Package”). This page includes package details such as the description, the category of class of the package, the date of installation, etc. Here you can list the files contained in the package as well as uninstall the package.
System Logs provides a method for controlling the syslogd daemon used on most UNIX system to provide standard logging functions. The module opens with a list of all currently existing logs. By clicking on the Log destination of a log file, you can edit the logging properties, as shown in Figure 5.11, “System Logs”. On the editing page there is also a View log button, that allows you to view a configurable number of lines from the end of the log file. It also allows a constantly refreshing log view if selected.
This module edits the /etc/syslog.conf file, and provides a pretty easy way to check up on your logs remotely. And even though the module is designed primarily for syslogd logs only, it is flexible enough to allow you to view other types of logs as well. For example, the web-caching proxy Squid doesn't use standard syslog facilities, so doesn't fall under the control of syslogd. Nonetheless, I like to be able to check up on a running Squid, so I add an entry on all of the boxes I administer to allow me to watch those logs in Webmin. To create a new syslog entry, click the Add a new system log link.
The Add System Log page is divided into sections labeled Log Destination and Message types to log.
- Log to
This option configures the destination of the log file. Syslog can log to a file, a named pipe, a remote syslog server, or to the console of some or all local users.
- File
The log entries will be appended to the filename specified. A complete path should be given. Historically, system logs are stored in /var/log. The Sync after each message? option will cause the syslog daemon to flush to disk after every entry, therefore overriding the disk I/O buffering provided by the operating system. This can be detrimental to performance in circumstances in which logging occurs at a very rapid rate, such as the mail log on a very busy mail server. In most circumstances, the integrity of the log is far more important than avoiding the small amount of disk activity system logs generate.
- Named pipe
The concept of pipes is fundamental to the UNIX Way, or the philosophy of combining small tools to perform large jobs efficiently and flexibly. Most UNIX users are familiar with the standard command line pipe which allows the output of one command to be the input of another command. A named pipe expands upon that, and allows output to be sent to a pipe that is located within the normal filesystem under a normal filename. Or, to put it another way, the output of syslog will go to whatever program is accepting input from the named pipe. While named pipes and their usage is beyond the scope of this book, I will point out a few resources to get you started on the subject. Many modern UNIX systems, including Linux systems, include a command called mkfifo which creates the FIFO special file connected to a named pipe. Reading the man page, as well as reading about named pipes in your favorite general UNIX reference should give you a good overview of the topic.
- Syslog server on
The syslogd daemon can log to local files, pipes, and users, as well as direct its output to a remote server running syslogd. However, the remote server must be configured to permit remote logging from your server. When using remote logging, the address of the server is entered here.
- Local users, All logged-in users,
When one or more users, or all users, are specified here, the log entries that match the description will be written to all open consoles of the users specified. For example on most systems, all messages of priority .emerg, or emergency, are sent to all user consoles. Most systems are configured to send shutdown and reboot messages at this priority.
- Logging active?
This is a simple yes or no question, with obvious meaning. However, what may not be obvious is that a disabled log is simply commented out in the /etc/syslog.conf file with a hash mark, and so the configuration details remain in the file even though it is no longer an active logging entry.
Here the types of messages to log to the configured log destination can be specified. Any given log entry has two identifiers: its facility, and its priority. The facility specifies the type of program generating the log, such as mail, daemon, cron or locally definable facilities, named local0 through local7 on many Linux systems and similarly defined on other UNIX variants. The priority is the level of message on a scale of debug to emergency. The priority level used by any given program for any given message is somewhat arbitrary, as it is chosen by the author(s) of the program. However, it is safe to say that debug level messages will be incredibly verbose and unnecessary in all but the most complicated troubleshooting situation, while emergency is reserved for messages of the utmost importance. Generally, you'll want to configure the priority of logs somewhere in the middle of this, somewhere around warning or err.
UNIX is, at its very core, a multi-user operating system. It was built from the ground up to provide services to a number of simultaneous users. Because of these features, UNIX provides a simple, but effective, method for restricting users to only the parts of the system they should have access to. The Users and Groups module in Webmin attempts to provide a nice front-end for those features of the system. Each version of UNIX has differences in how users and groups are implemented. However, Webmin hides those details quite effectively so that you never have to think about it. The Webmin Users and Groups module edits several system files, depending on your OS. Usually, the files are /etc/passwd and /etc/shadow, for user names and passwords, and /etc/group and /etc/gshadow, for groups and group passwords. Note that the shadow versions of the preceding files are far more secure than standard passwd files because they are only accessible by the root user. Shadow passwords are standard on most Linux distributions today, and many other systems as well.
Clicking on a user name or group name will take you to an Edit User page, allowing you to edit all facets of the account. Note that changing the user or group ID at some point in time after the account is created is risky, as permissions are set by ID, not user/group name. While the module will change these for you on the home directory, there may be user programs or even system programs that rely on the UID to remain the same. Also note that on some systems (Red Hat and probably other Linux distributions) the user and the users primary group are always the same name by default. Red Hat Linux includes the adduser command, which will create a group of the same name and ID as the user, and therefore Webmin can do the same. You should not change this behavior, unless you really know what you're doing, as the system relies on this for much of its access control flexibility. Unlike some traditional UNIX variants, Linux users can have many secondary groups active at all times, which can be set to any group(s) you need.
Unlike most module configuration pages, the Users and Groups module configuration contains a number of options that impact the usage and usefulness of the module significantly. While most other modules only use the module configuration to specify paths to files, display characteristics, etc., the Users and Groups module specifies many defaults that are used when creating new users.
This section includes fields for specifying commands you want to run before and after changes are made. This option allows things like a NIS make to be run after adding a user. If more than one command needs to be run, it is trivial to write a simple shell script to execute any commands that you need to run.
Webmin provides access to a number of variables within the local environment in which the command is run. This allows you to construct a command that includes the user name, UID, generated password, etc. For example, to email a notice to the system administrator when a new user is created, which contains the user name and password, you could use the following:
[ "$USERADMIN_ACTION" = "CREATE_USER" ] && echo "Created user $USERADMIN_USER with password $USERADMIN_PASS" | mail -s "New User" root
While shell scripting is beyond the scope of this book, I will point out a few things about how this script works. Using the environment variables set by Webmin when the user is created, the comparison within the test operators ([ and ]) checks to see if the command is being executed after a user creation, rather than a change to an existing user. If it is a newly-created user, an email will be sent to root and contain the contents of the variables for the user name and password. Below is a list of the variables exported and what they contain:
Environment variables exported when saving a user
- USERADMIN_USER
The username of the user being edited. A user must have a username, and it must be unique.
- USERADMIN_UID
The user ID of the user being edited. Every user must have a UID. The UID is not required to be unique, but there is rarely any reason for it not to be unique. Permissions are applied to files based on UID rather than username, so changing this will effectively change a users permissions to that of the new UID.
- USERADMIN_REAL
The real name of the user. This is not a necessary field in the passwd file, and so may be empty.
- USERADMIN_SHELL
This variable contains the path and name of the shell for this user.
- USERADMIN_HOME
The path to the users home directory.
- USERADMIN_GID
This variable will contain the primary GID of the user.
- USERADMIN_SECONDARY
This variable will contain a comma-separated list of secondary groups the user belongs to.
- USERADMIN_PASS
If the password has been changed by entering a plain text password into the password field, the new password will be contained in this variable. If the password is unchanged or pre-encrypted, the variable will be empty.
- USERADMIN_ACTION
This variable contains the Webmin action being run that led to a user change. If the user is a new user being created, the variable will contain "CREATE_USER", while if it is an existing user being altered the value will be "MODIFY_USER".
- Permissions on new home directories
New directories for users will be created with the permissions specified here. The default is 0755, which means the owner of the file can read, write and execute files in the directory assuming permission on the file itself, while the group and all other users on the system, can read and execute within the directory. In a web-hosting environment, this looseness is often necessary to permit the web server to have access to a users document root. However, in most business environments, these permissions are unacceptably lax. A better choice would be 0700, or 0711. The former disallows all users, other than UID 0, from being able to list the contents of the directory or read anything within the directory, while the latter permits other users to change directory into the directory, but not necessarily to read or execute files within it. It is useful to permit other users to pass through the current directory to a directory within which is intended to be shared with other users.
- Copy files into new home directories from
When creating new UNIX users, it is customary to provide a base set of configuration files to set up sensible defaults for the shell, desktop settings, path and other environment variables, and any local configuration details that would make the users life more convenient. For example, on a machine used primarily for development, it is likely that the CVSROOT environment variable will be set on login. Similarly, a desktop machine will have icons to make it easier for the user to locate the files they need to use in day to day work. This file is usually called /etc/skel, where skel is short for skeleton, but it can be any directory name.
- Automatic home directory base
Webmin can automatically set the home directory path for you if automatic directory creation is selected. This option allows you to specify the location of the home directory. There is rarely a good reason to stray from the tradition of using /home for this purpose.
- Automatic home directory style
In most environments, the traditional home directory naming scheme of /home/username is perfectly acceptable, but in some large scale networks, the number of users would make managing such a directory cumbersome. So administrators have resorted to breaking down the user name distribution in various ways to permit easier home directory maintenance. Webmin supports several such alternate name distributions, specifically: /home/u/username, /home/u/us/username and, /home/us/username.
- Lowest UID for new users, Lowest GID for new groups,
Most UNIX systems use lower numbered user ID and group ID numbers to specify special system users like the root user, syslog and nobody. Because these users usually have special permissions it would be dangerous to assign a new user to one of the special UID numbers accidentally. Many older UNIX systems use UID and GID numbers from 0 to 100 for the system user and group IDs. Most modern Linux distributions use 0 through 500 for this purpose. Specifying the appropriate number here makes it impossible to accidentally specify a special UID or GID for a new normal user. Some environments may have other numbering schemes for which this feature can also be helpful.
- Create new group for new users?
Many modern UNIX systems use a groups system wherein every user has primary group named after themselves. In a system that supports a large number of simultaneous secondary users, this makes it possible to use permissions in very flexible ways. If your system supports this, it is useful to select Yes here, and Webmin will automatically create the new group for you. Older-style UNIX systems may use a generic users group for this purpose. In which case this option should be set to No.
- Don't use MD5 passwords if missing perl MD5 module?
If MD5 passwords are the default on your system, Webmin can use them for both authentication and when creating new users or changing passwords. If this is set to Yes, Webmin will not use MD5 passwords for users if the MD5 perl module is not installed. It will use instead the older, less secure, crypt function to encrypt the passwords.
- Check for sendmail alias clashes?
When creating a new user, it is possible that there might already be an alias for the new user name in the sendmail aliases file. The result of this clash would be that the new user would not receive mail; instead, the mail would be delivered to whatever user or program to which the alias pointed to. If this option is selected, Webmin will warn about any clashes that exist.
- Only delete files owned by user?
When removing a user, Webmin can remove the user's home directory and all of its contents. If this option is enabled, it will remove only those files that are owned by the user. If any files exist in the user's home directory that are owned by another user on the system, it will not be removed and the home directory and any subdirectories containing the files not owned by the user will be retained. This option may be useful if the user shares a portion of his or her home directory for use by others in group projects.
- Maximum user and group name length
Here you may specify the longest a user and group name may be. If user names must be exportable to a system with strict length requirements, you may have to place a limit here. For example, some old UNIX systems, and legacy print and file sharing systems had eight- or even six- character user name limits. Most modern systems have much larger hard limits, and so this is rarely necessary.
- Default primary group for new users
Normally, Webmin will create a user with a primary group appropriate for your system, and based on the configuration of the earlier option Create new group for new users?. But if this is specified, Webmin will set the group specified as the primary group for the user. It may be appropriate to use this feature in some web-hosting environments. Usually, however, if your system supports flexible secondary groups, you shouldn't need to use this option.
- Default secondary groups for new users
You may add any number of secondary groups here, separated by spaces. Modern UNIX systems support multiple simultaneous secondary groups, although some older systems have more primitive support for secondary groups.
Note Secondary groups are a very flexible way to utilize UNIX filesystem permissions to provide limited access to parts of the system. For example, if I needed to provide access to a shared ftp directory to all users, so everyone could drop off files in the directory but couldn't delete or modify each others files, I could create an ftpusers group. Then I would set the public FTP directory to be owned by ftp:ftpusers, with write access by both the owner and the group and world read access. Finally, any user who needed to be able to drop files into the directory could be added to the ftpusers group. Each user would be able to write and delete their own files but no one else's files.
- Default shell for new users
Most UNIX systems usually have at least two user shells available. The most common are bash, Bourne sh, cshell, ash, and kshell. While experienced users always have a preference, for most users any reasonably functional shell will be fine. The system default is probably what your users will expect, so it is the best choice in most cases. On Linux systems bash is usually the standard shell, while on Solaris the Bourne sh is the default. Because most shells are available on most operating systems, you have much flexibility in your choice if you need it.
- Default minimum days for new users, Default maximum days for new users,
If password timeouts are supported on your system, this option allows you to specify the default minimum and maximum number of days between password changes. As discussed earlier, a policy enforcing password timeouts are an important part of a good security policy. If your OS supports them, it is wise to use them.
- Default warning days for new users
The system can warn users when they login through a terminal if an enforced password change is approaching within the number of days specified here.
- Default inactive days for new users
If a user is inactive for the specified number of days after the maximum days specified above is reached, the account will be disabled. Only a system administrator will be able to re-enable the account.
- Maximum number of users to display
If there are more users than the number specified here, Webmin will display a search dialog allowing you to see only the users you need to see.
- Sort users and groups by
Webmin will sort the users and groups according to the selection here. The default is not to sort the names, and simply list them in the order they appear in the passwd and group files.
- Number of previous logins to display
When viewing the login history of a user using the Display logins by option, this option specifies how many previous logins will be displayed. Unlimited means Webmin will display all logins that exist in the log file. Because logs are rotated at some interval, you will never see logins older than the last log rotation.
- Display users and groups by
Depending on the number of users you have, and how much information you need to see on the front page, you may wish to display them by name only, or display them categorized by primary group. Displaying by name only can allow a much larger number of names to appear on screen at once and may be more convenient than the default in environments with hundreds or thousands of users.
- Conceal plain-text password?
If selected, the Normal password field in the Edit User and Create User pages will display * marks in place of the characters typed. If set to No, the typed characters will be displayed. It may be a security risk to leave this option disabled, if user passwords will be entered or changed in the presence of others.
- Get user and group info from
Webmin can usually gather user and group information using standard system calls. In some operating systems this may not work, or may not work as expected. In such cases, you can configure Webmin to draw the information from the appropriate files on the system. This doesn't need to be changed from its defaults by the vast majority of users, as the Webmin default is usually right for your system.
- Generate password for new users?
If selected, new users will be assigned a random password when created. This password will be visible in the password entry field on the Create User page if Conceal plain-text password? is set to No.
- Show office and phone details?
Webmin can use the comment field in the /etc/passwd to store phone numbers and office information. If this option is selected, it displays the information when you view the user details. Modern implementations of the finger command can also display this information.
- Display user email from
Webmin can be used to send and receive mail by users who have access to the mail module. This option should be set to your active mail server. If using postfix, choose the sendmail option, because it use the same mailbox format and locations.
- Minimum password length
When users change their passwords through the Webmin interface, it is possible for Webmin to enforce a minimum password length. It is recommended to enforce at least a minimum password length of six characters if security is at all a concern. Shorter passwords are easier to guess, and are weaker when assaulted with a brute force attack. Operating systems using the older crypt encryption mechanism are limited to passwords of eight characters or less, but MD5-based systems usually have no limit or a much larger limit.
- Prevent dictionary word passwords?
Because a common method of attack against computer systems is to attempt logins using passwords pulled from a dictionary file, it is often wise to require passwords that do not match words in the system dictionary. This option will cause Webmin to display an error message if a user choose a password found in the dictionary.
- Perl regexp to check password against
Here you may enter any Perl regular expression against which you would like passwords to be compared. For example, if you fear your users will often choose the company name, or the name of a local sports mascot, for their password, you may create a regular expression to match those terms.
- Prevent passwords containing username?
Users have a bad habit of choosing really bad passwords. Some even choose their own user name as a password. If enabled, this option will prevent a user from such a mistake. Unfortunately, in current versions of Webmin, it will not make jokes about the lack of intelligence of the user.
- Password file
The password file is the location of the list of users, and contains information about their home directory, their login shell, and their primary group. Usually, this is /etc/passwd. On modern systems this file does not contain user passwords. Passwords usually reside in the shadow file.
- Group file
The group file is the location of the file that contains the names and membership information of groups on the system. Usually, this is /etc/group.
- Shadow password file
The shadow password file is the file that contains the actual passwords. It is only readable by users with root permissions, and therefore is a more secure location than the /etc/passwd file, because the password file must be readable by everyone in order to allow groups and commands like finger to work. Usually, this is /etc/shadow.
- BSD master password file
Much like the shadow password file on Linux and some other UNIX variants, the BSD master password file is only readable by root, and is usually the location of passwords on a BSD system rather than the /etc/passwd file. This is usually /etc/master.passwd.
- Shadow group file
If group passwords are in use on a system that supports shadow passwords, there will be a group shadow password file in addition to the shadow password file. This is usually named /etc/gshadow.
Creating a user with Webmin is a simple task. The steps can be simplified further through careful configuration of the module to setup users to suit your environment. Webmin can create a user manually, or it can import a text file list of new users or users to modify in an automated batch mode. This can be used, for example, to migrate an existing user list from a legacy system. Batch mode can also be useful for large organizations with a constantly shifting user base, such as a University or military installation.
To create a user manually, click the Create a new user link. Fill in the appropriate details. If you've chosen your defaults in the module configuration file wisely, you should be able to get away with entering just a few details for each user. In Figure 5.12, “Creating a new user” below, I've added a few extras just to make the example more interesting.
A user name is always necessary, and since our users name is Seymour, I've give him the user name seymour. I've let Webmin choose the UID for me, which is the next available UID on the system above the minimum that is set in the module configuration. I've also entered Seymour's real name and his work telephone number. The password that appears in the normal password text entry box was selected at random by Webmin. It appears secure enough to me, so we'll leave that one alone. In the password options section, I've specified some reasonable timeout information. Finally, I've selected for Seymour to be a member of the users group, because I think he will be involved in many group projects that require him to be able to share files with co-workers easily.
User Details
- Username
This is simply the username under which the user will login. UNIX has a long tradition of using all lowercase letters for user names, but capitalized names will work if you feel a strong urge to go against 30 years of tradition. User names may contain all alphanumeric characters, but no spaces or other special characters. Names must be unique and begin with a letter.
- User ID
The user ID is usually chosen automatically by Webmin, although you may enter a specific UID instead.
Note Recycling a UID or GID, i.e., reusing a deleted users old ID, can be dangerous, because file ownership is maintained at the OS level by the UID and GID number of the file rather than the name of the user. Thus if you create a new user with an old users UID or GID, and any files remain on the system owned by the previous user, the new user will have access to the files at the same level as the old user. There are reasonably reliable methods of locating such file permission problems using the find command, although it is beyond the scope of this book. A better choice is to never delete old users. Instead, disable their account by turning off logins, and if the user will never need to be re-enabled you may delete their home directory and other files. By doing this you insure that Webmin will never reuse an old ID, unless you force it to.
- Office, Work phone, Home Phone, Extra options,
The UNIX passwd file has a comment field that may be used for mostly free-form text entry. Many programs, however, have standardized on a few comma-separated field values for the comment. For example, running the finger command on a username that has provided these extra fields will result in these numbers being displayed in addition to the usual information, such as recent logins.
The Extra options field may be used on some systems to configure the initial umask, nice level, and ulimit values for the user.
- Home directory
Users on a UNIX system generally have a directory that belongs to them called their home directory. Within their home directory, a user may read, write, delete, or execute files with no permissions restrictions. Quotas may limit the amount of space available to the user, but the user can otherwise work unrestricted in their home directory. The UNIX tradition places home directories in a partition labeled /home, with each user having their home directory named after their own username within it. For example, if our system has a user named slim it would not be unreasonable to expect his home directory to be /home/slim. As discussed previously, if you let it, Webmin will select the home directory for you based on the policy selected in the module configuration.
- Shell
UNIX has a very long and diverse history, and has seen the rise of a number of similar tools for any given task. Nowhere is this more evident than in the proliferation of command shells that have been developed. Today, the most popular shells are bash or the Bourne Again Shell, csh or C shell, and kshell or the Korn shell. Many other shells are also in use, including traditional sh or the original Bourne shell, ash, zsh, and many others. The choice of what shell to use is highly personal, though most average users will never know the difference between them. Leaving this at the OS default is probably wise, barring any strong reasons to choose otherwise. New users will learn whatever shell is provided for them, while experienced users will know how to choose an alternate shell for themselves.
Scattered amongst the real user shells are a number of shell replacements, which provide the ability to lock out a user, or the ability to create special users to perform certain tasks remotely. Depending on the OS, you may have a nologin or false shell option which simply closes the connection when the user attempts to login. Other possibilities include shutdown which will cause the system to shutdown when the user logs in, assuming the user has appropriate permissions to shut down the system. Similarly, the sync user will run the sync command to cause all disks to flush unwritten data. This could be used in anticipation of a shutdown, or as a means to insure some important data has been committed to disk. sync is not in common use today, because modern UNIX systems automatically sync disks when shutting down.
- Password
This option specifies whether password logins will be allowed, and can be used to set the password using a plain text or pre-encrypted password.
- No password required
This option means that the user need not provide a password to login. You don't want this option for any user that has shell access, as it means anyone that can reach a login prompt or the su command can become the user.
- No login allowed
If set to this option, the system will never allow a user to login under this username. This is often used for system users, like the syslog or nobody users. It is also used to lock an account, temporarily or permanently, without deleting it. This helps prevent accidental reuse of a user and group ID, which can have security implications.
- Normal password
Here you may enter a new password for the user in plain text. If creating a new user, and you have configured Webmin to generate a password automatically, it will be prefilled with the generated password. If the configuration is set to hide plain text passwords, the letters of the password will be replaced with asterisks. Existing passwords will never appear in this field, as the encryption used by the system is a one-way hash. There is no way, short of a brute force attack, to convert the encrypted password to a plain text password.
- Pre-encrypted password
If a password exists for this user, either in crypt or MD5 hash format, it will appear in this field. If you are importing UNIX users from an existing UNIX system, you may simply copy the password verbatim into this field. In most cases, the old password will continue to work on the new system. If importing many users, it may be more efficient to use the batch user creation feature instead of adding each user manually.
| Note |
|---|---|
As the Password Options and Group Membership options have already been covered in the module configuration section they will not be covered again here. | |
Upon Save...
- Move home directory if changed?
If selected, and you have modified the value of the Home directory field, the path of the users home directory will be altered to the new location. If unselected, the contents of the old home directory will remain unaltered. The default is Yes.
Note Webmin attempts to rename the home directory rather than copy its contents. Because of this, the change must occur on the same filesystem, otherwise the change will fail.
- Change user ID on files?, Change group ID on files?,
If you have altered the users User ID field and/or Group ID field, and these options are enabled, Webmin will change the user or group ownership of the files selected to the new UID or GID. If you have select Home directory, only files within the user's current home directory will have ownership altered, while the All files option will change ownership of all files on the system that are currently owned by the user. Changing all files may take a very long time, depending on the size of the filesystems to be searched.
- Modify user in other modules?
Because a UNIX system may maintain more than one user and password database for various services, Webmin provides a means to synchronize passwords and user creation across multiple files. For example, Samba and Squid may have their own user files and if configured to synchronize, Webmin will make changes to those files automatically when changes are made to system users. If this option is selected, changes made here will be made to all other modules that are configured for user synchronization.
Groups are used in UNIX to provide means of providing access to common resources to more than one user. For example, if a group of users is working on the same project, the directories and files for that project can be owned by a common group which has read and write access. Modern UNIX systems use a two-layered approach to groups, including a single Primary group and some number of Secondary groups, also called supplementary groups. When a user creates a new file, the ownership will probably default to the user and her primary group. The default group membership of newly created users varies quite a bit between OS vendors and versions. Most modern UNIX versions create a new group whenever a new user is created which shares a name with the user. This becomes the primary group of the user. Since modern systems support a large number of Secondary groups transparently, this provides a very flexible means of configuring permissions. Many UNIX variants that have been around longer than Linux, like Solaris and the BSD-derived systems, may set the Primary group of new users to a users group or something similar.
| Note |
|---|---|
Linux, and most other recent UNIX systems, support at least 32 groups per user. However, because the NFS protocol only supports 16 groups, most of them have imposed a soft limit of 16 groups. There are very rarely circumstances that require more than 16 groups, but it is usually possible to use more if the system will not be exporting or using NFS mounted filesystems. | |
Creating or editing a group (Figure 5.13, “Editing a group”) is performed by clicking on the Create a new group link or clicking the name of an existing group in group list.
Group Details
- Group name
Like the user name, this is a unique alphanumeric identifier. The name must follow the same rules as user names, so must start with a letter, and contain no non-alphanumeric characters. If editing the group, the name will be shown but cannot be edited.
- Group ID
This is the numeric identifier that the system uses to identify this group. It is not necessary for this ID to be unique, but there is very rarely a reason to have multiple groups with the same GID. When creating a new group, Webmin can select a new unused ID for you.
- Password
A little known and even less used feature of groups under most UNIX variants is that they can have a password just like users. When using this option, a user who normally is not part of a group can login to a group using the newgrp command and providing the password. Because of the flexibility now available with the supplemental groups system, this feature is rarely used, but is still widely available.
- Members
This field lists all current members of the group, and allows adding any number of new members. The ... browse button allows you to choose from a selector popup containing all existing users.
Upon Save...
- Change group ID on files?
Much like the similarly named option for users, this provides the option to change the group ownership of files in either home directories or all files on the system. Selecting Home directories will cause Webmin to search all user home directories for files owned by this group, and change the group ownership to match the new group ID. Choosing All files will search the entire system, which may take a very long time, depending on the size and speed of the mounted disks. This change does not impact the user ownership of files. A file owned by seymour:users will still be owned by seymour after the change (and still owned by users for that matter, just under a different GID).
Tidak ada komentar:
Posting Komentar