8. Installing Webmin and Usermin

Installing webmin is a separate chapter because it really is a bit of a pain in the butt. I don't know why, but for some reason webmin has been split up into several debian packages, and I have not ever once been able to use it like I would think it is supposed to be used. Upgrade functionality seems to be broken, the user interface does not look so nice as upon default install from the website etc etc... In short, I've give up on the debian packages of the webmin interface.

So, for now, let's just download and install webmin from the website, it's pretty easy anyway. Your ISP might expect you to set a proxy, like mine, but in case he doesn't you can skip the first line. The wget command uses an url that may be wrong by the time you read this, but you can easily find another location for the tar.gz file on the side of webmin, www.webmin.com, in the download section. You need the URL of the archive closest to you. For me that was a url pointing to the belnet mirror in Belgium, for you that may differ.

Code listing 8.1: Installing webmin

Use the proper wget url.  The current version of webmin may vary.
kristof@knoppixbox:~/$ wget http://belnet.dl.sourceforge.net/sourceforge/webadmin/webmin-1.130.tar.gz
kristof@knoppixbox:~/$ tar xvfz webmin-1.130.tar.gz
kristof@knoppixbox:~/$ cd webmin-1.130
kristof@knoppixbox:~/webmin-1.130$ sudo ./setup.sh /usr/local/webmin
kristof@knoppixbox:~/webmin-1.130$ cd ..
kristof@knoppixbox:~/$ rm -rf webmin-1.130
kristof@knoppixbox:~/$ rm webmin-1.130.tar.gz

The setup command will get you through a big deal of configuration options, but all the options have a very good guess at the default you would want, and thus can be readily accepted by just pressing return. As for the operating system type, you have a Debian Linux system (option 6) and the version is Debian Linux 3.0 (option 5). As a password you can use the same password as the root user, since using the webmin interface will give you the same privileges anyway.

Afterwards, we remove the downloaded archive and the installation directory.

Got there? From now on, we will be using mostly webmin to configure the server, since it is way easier to do than using the command line interface. Or, that's what I want you to think, because maybe it's just easier for me to explain to you what to do, of course.

Warning: Update: Since Knoppix 3.3 the error came that the perl slleay library is not installed. As a consequence, webmin runs over normal http instead of https. If you took a look at the previous section you saw a workaround for this by installing the needed libraries on the command line.

Let's test this. You have provided an admin password when the setup was run right? So, we should be able to connect to it using our web browser and play around with it already. Let's see. Take your Konquerer browser on the knoppixbox and point it to https://127.0.0.1:10000/. Make sure that you have set up the proxy configuration of your browser so that it does not go over a proxy for this local address. This will pop up the certificate warning that the authenticity of the server's certificate can not be verified. This is because webmin uses a self signed certificate, which is generated on your server and belongs to your server. Signing it by a trusted authority will cost you money and is under this configuration not necessary. So, we accept this certificate.

After logging in, using admin as username and the correct password and we are in. First off, it may be interesting to change the IP Access Control setting, to Only allow from listed addresses, and make sure the list is our local network, 192.168.1.0. You can find the IP Access Control setting in the Webmin main menu, subsection Webmin Configuration.

We can check the configuration of the network, like we configured it in one of the previous chapters. Going to the Networking section, Network Configuration -> Network Interfaces, we can verify the Interfaces Active Now and the Interfaces Activated at Boot Time. You should see that when browsing around on the interfaces activated at boot time, it is essentially laying out the configuration file we entered in the last chapter for you. In the mean time it also provides a nice interface for changing this configuration file, without any further need to use any text editor, and without even being at the computer itself.


Figure 8.1: Viewing the Network Configuration using Webmin

Fig. 1: Network Configuration

Installing Usermin

Absolutely the same process will get us to install usermin. The link we need now is http://www.usermin.com/ and from there we can go through the similar setup, just substituting /usr/local/webmin/ with /usr/local/usermin/, and webmin with usermin where necessary.

All we need to do now is to make sure usermin starts at boot time. All this can be done from the webmin interface. See the next section for that.

Configuring Webmin and Usermin

To start up Usermin, you can go to the Webmin interface, and check the Usermin configuration in the section Webmin -> Usermin Configuration, and at the bottom you should see buttons to change the settings to start Usermin at boot time, and also a button to immediately start it.


Figure 8.2: Starting Usermin at Bootup and Immediately

Fig. 2: Starting Usermin

Now, we should be able to connect to the same url, except on a different port, to connect to usermin. Take Konquerer to https://127.0.0.1:20000/ and log on as your normal unprivileged user. You can look around the interface and see what can be done. That's quite a lot, but we won't need it all.

From now on, I will not talk about URLs anymore to refer to the Webmin or the Usermin interface, since you should know them. Once you have your local network running you will be able to connect to it from anywhere on your local network, or, if you configure webmin like that, from anywhere on the internet.

Configuring Webmin and Usermin

You will have to admit to it that there are way too many modules available. You have three mailservers, you have two types of databases, you have things that are out of our scope, like clusters of Webmin boxes etc...

Luckily, you can show or hide the modules to your Webmin administrators. That's right, you can have various administrators too. Let's just keep to one for now though. In the Webmin section, in the Webmin Users section you can edit what modules the admin user is allowed to see. Mine are set like this.

Other things you may like to change is the network on which the webmin is reachable. To me, it would sound like a good idea to just enable Webmin and Usermin on the local network, even without taking into consideration the firewall we will install later on.

You do this by going to the Webmin -> Webmin Configuration -> IP Access Control panel. My configuration is to allow only from the local network.

Installing a Package using Webmin or Usermin

In the System section you will find a Software Packages entry which also allows for installation of debian packages. This will work, provided there is no input required from the user. However, it is never sure whether input will be needed or not, so I would advise to always use the way described in the package manager section to install a package.

For the remainder of this document we will just refer to installing a package for using sudo apt-get install ... from the command line.

line
Updated $LastChangedDate: 2004-11-05 23:24:59 +0100 (Fri, 05 Nov 2004) $
line
Kristof Van Landschoot
Author

line
Summary: How to get webmin and usermin installed on your system. Webmin is the administration tool we will use as much as possible to adminster the server. Usermin is the per user equivalent of webmin. It is the only exception to the rule that we will always use the package manger... so far.
line
Copyright 2003-2004 Coin-C bvba. Questions, Comments, Corrections? Email knoppix@coin-c.com.