Frequently Asked Questions

This FAQ is also available in German, in Indonesian and in Bulgarian.

  • I think I have found a bug in Webmin!

    First of all, try upgrading to the latest version. Many bugs in older releases are fixed in the latest version.
    The second place to check is the Webmin updates page, on which bugfixes for the current version are posted. The easiest way to install all the latest updates is to use the second and third forms on the Webmin Modules page in the Webmin Configuration module.
    If you really have found a new bug, go to the bug tracking system page to report it.

  • How do I change my Webmin password if I can't login?

    Included with the Webmin distribution is a program called changepass.pl to solve erecisely this problem. Assuming you have installed Webmin in /usr/libexec/webmin, you could change the password of the admin user to foo by running

    /usr/libexec/webmin/changepass.pl /etc/webmin admin foo
  • What effect will Webmin have on my existing configuration files?

    Just installing Webmin will not cause any config file changes to be made. When you start to use it, only the config files related to the changes that you make in Webmin will be modified. For example, using the Apache Webserver module would not effect your Sendmail configuration.

  • My browser reports Document contains no data after turning on SSL

    If you are using SSL, make sure you connect to a URL like https://myhost:10000/ instead of http://myhost:10000. Without the https, your browser won't use SSL mode and thus will display this error.

  • How do I run setup.sh?

    After extracting the Webmin tar file, cd into the webmin-1.710 directory and type ./setup.sh. Because the root user on many system does not have the current directory in his path, just typing setup.sh will not work.

  • Where can I get the Perl Digest::MD5 module from?

    The Webmin Users and Groups module supports the encryption of passwords with the MD5 algorithm, if your system supports it. However, this depends on the Perl Digest::MD5 module. The simplest way to install it is with the command : perl -MCPAN -e 'install Digest::MD5'

  • How do I install new modules?

    Once you have downloaded a new module as a .wbm file, enter the Webmin Configuration module and click on the Webmin Modules button. Then use the form at the top of the page to install the module either from the local filesystem of the server Webmin is running on, or uploaded from the client your browser is on.

  • Can I run Webmin or Usermin under Apache?

    Yes, this can be done with some configuration. See this document for details on running Webmin under Apache, or this page for details on running Usermin.
    You can also run Webmin under the Zeus webserver in a similar way. See this documentation for instructions.

  • Why do I get the error message ERROR: Perl crypt function does not work under Slackware?

    On some people's Slackware systems, the Perl crypt() function does not work because the descrypt.tgz package has not been installed. To solve this problem, install the package from your Slackware CD or FTP site.

  • How do I install Perl on systems that do not have it as standard?

    You need to download and compile the latest Perl source from http://www.cpan.org/src/stable.tar.gz. Or if you have Solaris or HPUX you can download pre-built packages that avoid the need to compile Perl yourself.

  • How do I log Webmin actions and the files they have changed?

    By default, basic logging is enabled in Webmin. To turn on full logging, go into the Webmin Configuration module, click on the Logging icon and turn on the Log changes made to files by each action option. This will record all file changes and commands run by Webmin. Once logging is enabled, all actions performed from then on can be viewed in the Webmin Actions Log module.

  • When I download the .tar.gz version of Webmin, why do I get a .tar file? Or why is the file so much larger than the size shown on the download page?

    Your browser has automatically gunzipped the file for you. Just rename it to webmin-1.710.tar (if it hasn't been already) and skip the gunzip step in the install instructions.

  • My browser complains about the Webmin certificate when in SSL mode

    This happens because the default SSL certificate that is generated by webmin is not issued by a recognized certificate authority. From a security point of view, this makes the certificate less secure because an attacker could theoretically redirect traffic from your server to another machine without you knowing, which is normally impossible if using a proper SSL certificate. Network traffic is still encrypted though, so you are safe against attackers who are just listening in on your network connection.

    If you want to be really sure that the Webmin server you are connecting to is really your own, the only solution is to order a certificate from an authority like Verisign that is associated with your server's hostname and will be recognized web browsers. This certificate should be placed in the file /etc/webmin/miniserv.pem and be in the same certifcate+key format as the existing miniserv.pem file.

    To request a certificate, follow these steps :

    • Run the command openssl genrsa -out key.pem 2048 . This will create the file key.pem which is your private key.
    • Run the command openssl req -new -key key.pem -out req.pem . When it asks for the common name, be sure to enter the full hostname of your server as used in the URL, like www.yourserver.com. This will create the file req.pem, which is the certificate signing request (CSR)
    • Send the CSR to your certificate authority by whatever method they use. They should send you back a file that starts with -----BEGIN CERTIFICATE----- which can be put in the file cert.pem.
    • Combine the private key and certificate with the command cat key.pem cert.pem >/etc/webmin/miniserv.pem.
    • Re-start webmin (making sure it is in SSL mode) to use the new key.
  • In the Users and Groups module, how can a script set in the Command to run after making changes option find out what user was just added?

    The follow environment variables are set by Webmin before the script is called :

    • $USERADMIN_ACTION - This can be set to CREATE_USER, MODIFY_USER, DELETE_USER, CREATE_GROUP, MODIFY_GROUP or DELETE_GROUP depending on what was just done.
    • $USERADMIN_USER - The username of the Unix user who was just created, modified or deleted.
    • $USERADMIN_UID - The UID of the Unix user.
    • $USERADMIN_REAL - The real name of the Unix user.
    • $USERADMIN_SHELL - The shell of the Unix user.
    • $USERADMIN_HOME - The home directory of the Unix user.
    • $USERADMIN_PASS - The plain-text password of the Unix user, if one was entered by the admin.
    • $USERADMIN_GROUP - The name of the Unix group that was just created, modified or deleted.
  • When installing the Webmin RPM, I get the error message Unable to identify operating system

    This happens if Webmin cannot identify your OS by looking at your /etc/issue file, possibly because it has been changed from the default contents. The best solution is to install the .tar.gz version of Webmin, which asks for the OS name and version manually.

  • How can I create a Webmin user who can only configure one Apache virtual server or DNS domain?

    In the Webmin Servers module, create a new user and give him access to only the Apache Webserver module. After saving, click on Apache Webserver next to the user's name in the list of Webmin users and use the form that appears to deny him access to everything except one selected virtual server.

    Many other modules can also be configured in a similar way to restrict the access of a user to only certain DNS domains, Unix users or mail aliases.

  • Is there a version of Webmin for Windows?

    It is possible to install the ZIP package of Webmin on Windows using the included setup.pl script. However, this is extremely alpha-level code, and only a few of the Webmin modules work due to packages like Squid, Sendmail and so on not existing under Windows. In addition, the Windows security and permissions systems are quite different from Unix, so anything that deals with file ownership and modes may not work.

  • How can I change Webmin's list of allowed IP addresses from the shell?

    The file you need to modify is /etc/webmin/miniserv.conf , in particular the allow= or deny= lines. If the allow= line exists, it contains a list of all addresses and networks that are allowed to connect to Webmin. Similarly, the deny= line contains addresses that are not allowed to connect. After modifying this file, you need to run /etc/webmin/stop ; /etc/webmin/start for the changes to take effect. Naturally, the file can only be edited by the root user.

  • After logging into Webmin, I get the error message You do not have access to any Webmin modules

    I'm not sure how this error happens, but if it does you can follow these steps to fix it :

    • Login to your server via telnet or at the console as root.
    • Edit the file /etc/webmin/webmin.acl and make sure the line starting with root: or admin: (depending on which you use to login to Webmin) exists and looks like :
      admin: acl
    • Login to Webmin again, and go into the Webmin Users module, which will be the only one you have access to.
    • Click on your username in the list, grant yourself access to all the modules, and click Save.
  • Can Webmin be run from inetd?

    Yes, with some small changes to the config files. The steps you need to follow are :

    • Stop webmin with the command /etc/webmin/stop
    • Add the line inetd=1 to /etc/webmin/miniserv.conf
    • Remove the line session=1 from /etc/webmin/miniserv.conf
    • Edit /etc/services and add a line like :
         webmin 10000/tcp
    • Edit /etc/inetd.conf and add a line like :
         webmin stream tcp nowait root /usr/libexec/webmin/miniserv.pl miniserv.pl /etc/webmin/miniserv.conf
      If you have installed webmin somewhere else, you will have to change the /usr/libexec/webmin part of the path above.
    • Restart inetd to make the changes take effect. You should now be able to access webmin on port 10000 as normal.
    • Using the Bootup and Shutdown module, make sure that inetd is configured to start at boot time, and that webmin is not.

    If you are using xinetd instead of inetd, follow these steps instead :

    • Stop webmin with the command /etc/webmin/stop
    • Add the line inetd=1 to /etc/webmin/miniserv.conf
    • Remove the line session=1 from /etc/webmin/miniserv.conf
    • Edit /etc/xinetd.conf and add a section like : service webmin
      {
      user = root
      env = LANG=
      port = 10000
      socket_type = stream
      protocol = tcp
      wait = no
      disable = no
      type = UNLISTED
      server = /usr/libexec/webmin/miniserv.pl
      server_args = /etc/webmin/miniserv.conf
      }
      If you have installed webmin somewhere else, you will have to change the /usr/libexec/webmin part of the path above.
    • Restart xinetd to make the changes take effect. You should now be able to access webmin on port 10000 as normal.
    • Using the Bootup and Shutdown module make sure that xinetd is configured to start at boot time, and that webmin is not.

    To run Usermin from inetd or xinetd, follow the exact same steps but replace /etc/webmin with /etc/usermin and change the port to 20000.

  • How can I make a Webmin user always use the same password as Unix?

    This can be done by following these steps :

    • In the Perl Modules module of Webmin, install Authen::PAM from CPAN.
    • In the PAM Authentication module, add a new PAM service called webmin that uses Unix authentication.
    • In the Webmin Users module, click on the user that you want to symchronize with Unix and set his Password option to Unix Authentication.

    If PAM is not used on your operating system, the first two steps can be skipped. Webmin will instead read the /etc/passwd or /etc/shadow file directly to authenticate users who are using the Unix Authentication password mode.

  • How can I uninstall Webmin?

    Just run the command /etc/webmin/uninstall.sh .
    If you have installed the RPM version of Webmin, you can also use rpm -e webmin, or if you have installed the Solaris package you can use pkgrm WSwebmin .

  • How can I allow any Unix user to login to Webmin?

    Follow these steps :

    • In the Perl Modules module of Webmin, install Authen::PAM from CPAN.
    • In the PAM Authentication module, add a new PAM service called webmin that uses Unix authentication.
    • In the Webmin Users module, create a new user called something like unixer, with access to the modules that you want all your Unix users to have access to.
    • In each of the modules unixer has access to, change the module access control to give your users rights only to their own accounts. For example, in the Change Passwords module you should select Only this user for the Users whose passwords can be changed so that Unix users logging in can only change their own passwords.
    • Click on Configure Unix user authentication below the list of Webmin users and choose Allow any Unix user to login with permissions of user unixer.
    • Any Unix user should now be able to login to Webmin on your system.

    Again, if your system does not use PAM the first two steps can be skipped, and Webmin will read /etc/passwd or /etc/shadow file directly to authenticate users.

    Another alternative to doing all this is to install Usermin, which allows all Unix users to login and access only settings belonging to them, using a similar interface to Webmin.

  • How can I download a file in the File Manager?

    Normally when you double-click on a file in the right-hand list, it is displayed in a separate browser window. However, if you hold down shift while double-clicking, your browser should prompt you to save the file instead.

    In Webmin versions 0.966 and above, you can also download by selecting the file and clicking on the Save button in the top-left corner of the file manager.

  • How do I upgrade the Solaris package version of Webmin?

    By default, Solaris doesn't allow packages to be upgraded. However, you can change this by editing the file /var/sadm/install/admin/default and changing the instance= line to instance=overwrite. An upgrade can then be performed by simply installing the new Webmin .pkg file.

  • In Usermin's Read Mail module, how can I set users' From addresses when my server hosts multiple virtual domains?

    By default, when a user composed email the From field contains username@systemhostname. This can be changed by following these steps :

    • Login to Webmin on the same server, and enter the Usermin Configuration module.
    • Click on Usermin Module Configuration.
    • Click on Read Mail.
    • In the Default hostname for From: addresses field, enter the domain or hostname that you want to appear after the @ in users' From addresses.
    • If you want to stop users from changing their From address (to prevent mail forging), set the Allow editing of From: address option to No.
    • If you have multiple virtual domains and want different users to have different domains in their From addresses, you will need to set the From: address mapping file to the name of a file that maps real email addresses to virtual domain email addresses. This must be a text file, with each line containing :
          username     fromaddress
      The username part of each line must be the user's Usermin login, and the fromaddress is the new From address to assign to that user. The username can also be the user's full email address as it currently appears, such as joe@yourserver.com.
  • In Usermin's MySQL Database module, how can I restrict the databases that each user can see and use?

    By default the module will list all of the databases on your system on the main page, even if some are not actually usable by the logged-in user. To change this, follow these steps :

    • Login to Webmin on the same server, and enter the Usermin Configuration module.
    • Click on Usermin Module Configuration.
    • Click on MySQL Database in the list.
    • In the Database access control list field, remove the existing *: * line and enter one line per user, containing the username, a colon and list of databases he is allowed to use. For example, you could enter : jcameron: database1
      fred: database2 database3
      joe: *
      A * in the database column means all databases, while a * in the username column means any user not listed so far.
    • Hit the Save button to activate the restrictions.
  • Why do reports for different logs generated in the Webalizer module come out the same?

    This often happens on Redhat Linux systems due to a bug (in my opinion) in the default Webalizer configuration. To fix it, do the following :

    • Edit the file /etc/webalizer.conf.
    • Change the line starting with HistoryName to HistoryName webalizer.hist.
    • Change the line starting with IncrementalName to IncrementalName webalizer.current.
    • Make the same change to any *.conf files in /etc/webmin/webalizer.
    • Re-generate all reports.
  • Why do downloads made from within Webmin fail, when other programs like wget work fine?

    If you have a firewall that transparently proxies outgoing HTTP requests (such as one by Sonicwall), this may cause requests made by Webmin to by timed out. Without going into the underlying protocol details, my investigation has shown that Sonicwall is making incorrect assumptions about the number of IP packets an HTTP request will be in, and is thus broken.

    The work-around is to disable the Enforce Host Tag Search option in the firewall, which turns off this broken feature.

  • What ports does Webmin RPC use>

    Webmin has two RPC modes - slow mode, that only uses the same HTTP port the webserver listens on (typically 10000), and fast mode which uses ports 10000 on up. The upper bound depends on the number of concurrent RPC operations, but opening the range 10000 to 10010 should be enough when configuring the firewall between two Webmin servers.

  • What does the error pam_ck_connector(webmin:session): cannot determine display-device mean?

    If you see this error in /var/log/auth.log , edit the file /etc/pam.d/webmin and change the line @include common-session to @include common-session-noninteractive . Then run /etc/webmin/restart .