Fedora Core 5 - New Install of Webmin

7 posts / 0 new
Last post
#1 Sun, 02/25/2007 - 12:59
IanBattison

Fedora Core 5 - New Install of Webmin

I have also posted this in the Webmin section.

This is a bit more involved.

Silly question? - Why is Webmin not firing up?

I am running a virtual server through a hosting company.

With the same company, I had FC2 and Webmin running fine.

I have now been upgraded to FC5, at my request.

They want me to install Webmin myself, as they have fallen out with it after security issues at the end of last year.

I am happy to have webmin on the server.

I have installed and all seems well, Webmin recognises FC5 when installing.

Files seem to be in the correct place, as before.

I have ammended IPtables to enable port 10000.

When I fire up the browser and try connecting, the browser times out, as opposed to saying it can not find the page.

This gives me the impression that it has got throught the firewall, but after this I am stuck.

I need a pointer as to what to look for next.

I really need to get this sorted, as I have spent all weekend on it now.

Is there a clash with Apache running at the same time as the miniserver. Do I have to turn of the miniserver and re-configure Apache?

Help - before I pull all my hair out in frustration

Sun, 02/25/2007 - 13:35
Joe
Joe's picture

Howdy Ian,

No need to pull out even a little bit of your hair. I'm sure it's something simple. There's really not a lot that can go wrong on a fresh installation.

First up, check both https and http protocols. Depending on whether you have the perl Net::SSLeay module installed or not, Webmin will use regular HTTP or HTTPS. (e.g. https://www.virtualmin.com:10000 or http://www.virtualmin.com:10000 )

Next up, make sure it's really running and really listening.

ps auxc | grep miniserv.pl

You should see at least one if you have only Webmin, and at least two if you have Webmin and Usermin.

Then see if it's listening:

sudo netstat -l | grep -e 10000 -e ndmp

(Some systems will list it with a service name of ndmp, while others will list it with the port number.)

Note that this will also tell you what IP it's listening on, if it is a specific IP (for some reason). Normally it'll be *:10000 or *:ndmp.

Finally, whether all of that looks good or not, check the miniserv.error log. If you don't know what to make of the contents, post the last few lines here and I'll see if I can help.

--

Check out the forum guidelines!

Tue, 02/27/2007 - 09:51 (Reply to #2)
IanBattison

Correct me if wrong but is the following true.

miniserv.pl is a seperate mini server that listens to port 10000 (default setting), which is also known as ndmp port.

It runs alongside the apache server.

It is there to process requests from the user to change various settings on the server.

The reason I am asking is that from Joes previous post, I understand that my server is working and the script miniserv.pl is running as a process.

Port 10000 or ndmp as it is listed on my system, is open and accepting TCP and UDP traffic.

Files have been installed in the normal locations and I appear to have all the relevant files to run the perl scripts (apart from Net::SSLeay, which I know about).

WHY therefore am I not able to log on. I do not think it is a password issue, because surely I would still see the login screen, even if the password files (or the acl files) were wrong. I am not able to get any response from this program.

FAO Joe. I know it probably is really easy. If you can give me some advise to get it working, I can arrange for a UK mirror for your webmin.com site. Based on a 10GB space/50 GB traffic (per month) site.

If you can only sort via root access, I would be prepared to go down that route.

I just can't see what is going wrong, as it should be working fine.

Ian

Tue, 02/27/2007 - 11:58 (Reply to #3)
Joe
Joe's picture

Hey Ian,

<i>miniserv.pl is a seperate mini server that listens to port 10000 (default setting), which is also known as ndmp port.</i>

Yes.

<i>It runs alongside the apache server.</i>

Yes, or not. The two are wholly unrelated.

<i>WHY therefore am I not able to log on. I do not think it is a password issue, because surely I would still see the login screen, even if the password files (or the acl files) were wrong. I am not able to get any response from this program.</i>

No obvious reason, but I'm betting on &quot;firewall&quot;, either on the box itself, or at your hosting provider between you and the server.

Run a port scan on your box, and see if port 10000 is being filtered. You can use nmap to do that:

nmap address.of.server

You can move Webmin around, if there are other ports that aren't being filtered that you don't need to use for their original service (and if they're specifically anti-Webmin they may be filtering port 10000, though that seems unlikely, and I suspect they would have mentioned that to you when you asked them about Webmin).

--

Check out the forum guidelines!

Tue, 02/27/2007 - 12:08 (Reply to #4)
Joe
Joe's picture

Oh, yeah, another test to see if Webmin is actually answering queries is to connect locally using lynx or links. Webmin works in either (though some themes are harder to use than others in text-mode browsers).

--

Check out the forum guidelines!

Sun, 02/25/2007 - 14:04
IanBattison

First up, check both https and http protocols. Depending on whether you have the perl Net::SSLeay module installed or not, Webmin will use regular HTTP or HTTPS. (e.g. https://www.virtualmin.com:10000 or http://www.virtualmin.com:10000 )

** Only has http:// running. Was aware that Net::SSLeay was not there, but it should run without? Was going to sort this once I was up and running.

Next up, make sure it's really running and really listening.

ps auxc | grep miniserv.pl

** Response from this was
root 18412 0.0 0.1 7752 5948 ? Ss 18:33 0:00 miniserv.pl

You should see at least one if you have only Webmin, and at least two if you have Webmin and Usermin.

Then see if it's listening:

sudo netstat -l | grep -e 10000 -e ndmp

** Response from this is
tcp 0 0 *:ndmp *:* LISTEN
udp 0 0 *:ndmp *:*

(Some systems will list it with a service name of ndmp, while others will list it with the port number.)

Note that this will also tell you what IP it's listening on, if it is a specific IP (for some reason). Normally it'll be *:10000 or *:ndmp.

Finally, whether all of that looks good or not, check the miniserv.error log. If you don't know what to make of the contents, post the last few lines here and I'll see if I can help.

[[25/Feb/2007:13:53:57 +0000]] miniserv.pl started
[[25/Feb/2007:13:53:57 +0000]] Perl module Authen::PAM needed for PAM is not installed : Can't locate Authen/PAM.pm in @INC (@INC contains: /usr/local/webmin /usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.7/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl/5.8.7 /usr/lib/perl5/site_perl/5.8.6 /usr/lib/perl5/site_perl/5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.7/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.6/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.5/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.4/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.3/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.8 /usr/lib/perl5/vendor_perl/5.8.7 /usr/lib/perl5/vendor_perl/5.8.6 /usr/lib/perl5/vendor_perl/5.8.5 /usr/lib/perl5/vendor_perl/5.8.4 /usr/lib/perl5/vendor_perl/5.8.3 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.8/i386-linux-thread-multi /usr/lib/perl5/5.8.8 .) at (eval 2) line 1.
BEGIN failed--compilation aborted at (eval 2) line 1.

** At this point I installed Authen::PAM and then restarted webmin

[[25/Feb/2007:14:10:07 +0000]] miniserv.pl started
[[25/Feb/2007:14:10:07 +0000]] PAM test failed - maybe /etc/pam.d/webmin does not exist
[[25/Feb/2007:14:18:44 +0000]] miniserv.pl started
[[25/Feb/2007:14:18:44 +0000]] PAM test failed - maybe /etc/pam.d/webmin does not exist
[[25/Feb/2007:14:33:36 +0000]] miniserv.pl started
[[25/Feb/2007:14:33:36 +0000]] PAM authentication enabled
[[25/Feb/2007:15:01:49 +0000]] miniserv.pl started
[[25/Feb/2007:15:01:49 +0000]] PAM authentication enabled
[[25/Feb/2007:18:33:34 +0000]] miniserv.pl started
[[25/Feb/2007:18:33:34 +0000]] PAM authentication enabled

As I say at this point I do not know what to do next. I imagine it is something rediculously SIMPLE

Ian

Tue, 02/27/2007 - 16:24
IanBattison

Your advice about trying nmap and the address worked. I have found that the main server (where I am hosted as a virtual server) have got the service name of ndmp (the same port as 10000) still listed as available and connecting, but they have it blocked at a different level, due to another (non webmin) vulnerability.

SIMPLE - as you suggested, move the port for miniserv.pl to another free port, change config files and also update iptables. Stop and start webmin.

And guess what - Worked like a dream first time.

So glad to be able to get back to webmin.

As mentioned on previous post, I would like to set up a UK mirror for your Webmin site.

Does your email address still work on the webmin site. Let me know and I will send you the details you need to get a UK mirror for this excellent piece of software.

Thanks again for sorting this so fast. Speak soon via email.

Ian