Annoyed by niggling differences between Linux distributions? Try Webmin, a consistent web-based tool for system administration.
If you work with multiple Linux distributions, or different flavours of Unix, you’ve probably come across frustrating little discrepancies between them. Commands often use different flags, filesystem locations can vary, and you often end up hunting through man pages just to get basic jobs done. Some distributions offer text-based or GUI administration tools (such as OpenSUSE’s Yast) to mitigate this problem somewhat, but you still end up with every Linux OS having its own way to configure things.
Webmin is one solution – and a very fine one. It’s a web-based interface for system administration on Linux and other Unix-like systems, providing a consistent way to manage users, run services, configure firewall settings, set up email, and perform many other tasks. Webmin has been in development for almost 20 years, having seen a number of interface revamps along the way, and today it runs on a huge range of platforms – see www.webmin.com/support.html for a list. Along with the usual suspects among Linux distributions, Webmin also runs on the various *BSD flavours, IBM AIX, Solaris and other Unix platforms.
You may find Webmin in your distribution’s package repositories; if not, download the tarball from www.webmin.com (see the TAR link in the top-left), then perform the following commands as root to extract it into /usr/local and run the setup script:
tar xfv webmin-1.730.tar.gz -C /usr/local
Webmin will ask you where it should save its configuration and log files (the defaults are fine), and then ask you to specify the Linux/Unix system you’re using. You’ll see a list of many distros – but if yours isn’t there, choose 95 for “Generic Linux”. In the following step, you’ll be asked to configure the web server port, username and password that you’ll use to log in. Webmin is written in Perl, and if you have the Perl SSLeay library installed, you’ll be able to log in over HTTPS.
Finally, the installer will ask you if Webmin should be started at system boot, and you’ll be able to log in by going to http://<hostname>:10000 in a web browser (eg http://127.0.0.1:10000 to administer the local machine). Enter the username and password you specified before, and you’ll arrive at the main Webmin page, with a panel of system information in the middle and a tree of administration tasks down the left hand side.
You may also see a warning box at the top which states that some modules are out of date. Webmin is not a monolithic tool; its functionality is provided in the form of modules. For instance, there’s a module for configuring the Apache web server, another module for configuring MySQL, and so forth. Webmin can update these modules with a single click, so it’s a good idea to make sure they never get out of date.
Webmin’s front page shows information about the system, including CPU load average, RAM usage, free disk space and the all-important server uptime duration.
To find out what Webmin is capable of, click on System on the left to open the tree of items. You’ll see options for changing passwords, managing filesystem partitions, making backups, killing/restarting/reniceing processes, scheduling commands, managing users and groups, and other common tasks. Try clicking some of the options and exploring the panels that come up – they’re very useful, even if they don’t have checkboxes for every single parameter used by the equivalent command line tools. For day-to-day jobs, though, Webmin does a sterling job.
Under the Servers, Networking and Hardware links on the left, you’ll find more modules for administering the machine. You’ll also see a section called Unused Modules; this contains modules that haven’t started because they believe that a certain piece of software isn’t installed on your machine. But the detection methods aren’t perfect here – for instance, in the case of the Apache module. You may have Apache installed, but the module complains with “server executable /usr/local/apache/bin/httpd does not exist”.
Chances are that your httpd binary will be in a different place, so click on the Module Configuration link and change the paths to match your installation. You’ll see that Webmin can try to guess the location of your apache2.conf file, but it’s better to specify it directly (it may be /etc/httpd/conf/httpd.conf on your system). Click Save at the bottom to reload the module, and all being well you’ll now be able to administer Apache – see the Global Configuration tab for the majority of the tweakable settings. Next
time you use Webmin, the Apache module will move from Unused Modules to the Servers section.
Helpfully, most Webmin modules also provide direct access to configuration files, so you don’t need to SSH in manually if you need to make a quick change. It’s also possible to enter single commands under the Others tree on the left: click on Command Shell, which also provides a history of previously entered commands. Under the Upload and Download section you can transfer files to the machine, which is mightily useful if you can’t use SCP. There’s also a file manager, although you need Java installed to use it.
Some of the modules, such as for OpenSSH, have a GUI-like approach with chunky icons to click.
An army of admins
If you decide to use Webmin in large deployments, you might need to create multiple user accounts so that other administrators can log in. Click the Webmin tree icon in the top left and then Webmin Users. Next, click Create A New Webmin User and fill in the details. It’s possible to limit access by IP address, and choose specific modules that the user can access. This is important if you want a certain admin to do work on Apache and MySQL, for instance, but not be able to change anything else on the system. You can also restrict Webmin users to logging in on certain days, or even certain times of the day.
And there’s more: after clicking on a module, go to the View Module’s Logs link (it’s in the bottom of the left-hand tree) to view recent activity. You can, for instance, see what changes have been made by Webmin users, so you can point the blame if someone damages the configuration.
Webmin itself is highly customisable. Go to Webmin > Webmin Configuration in the left-hand tree menu, and you’ll see that you can tweak the appearance, change login settings (such as blocking hosts if they have repeatedly failed to log in) and even upgrade Webmin in place. It’s also possible to add third-party modules here, many of which you’ll find on the Webmin website at www.webmin.com/cgi-bin/search_third.cgi?modules=1. If you’re familiar with Perl, you can create your own Webmin modules by following the guide at http://doxfer.webmin.com/Webmin/Module_Development.
On the whole, Webmin is a mature and reliable tool that, when deployed across many different Linux distributions and Unix flavours, can save you a lot of time. Having a single interface for configuration – regardless of operating system – and the ability to provide restricted accounts for other admins will make your life easier when looking after a large number of boxes.
As you explore Webmin, you may see some functionality that could be useful for normal users on the system, and not just administrators. The Webmin developers have recognised this and created Usermin, a stripped-down version of Webmin with a handful of modules appropriate for typical users. These include user management tools (eg changing your password), reading mail and performing scheduled commands. The goal of Usermin is to provide a friendly configuration panel for user accounts, so that users can change their settings and do simple tasks without requiring command line knowledge.
To enable it, go to Unused Modules in the left-hand tree and choose Usermin. You’ll see that the module isn’t installed on the system, but there’s a button to download it. Usermin will be automatically extracted, so read the text that’s displayed and go to http://<hostname>:20000 in another tab. There you can log in as a normal user account on the Linux/Unix system, and explore the different options in the left-hand tree. Like Webmin, Usermin is highly configurable and you can enable and disable modules at will (click the Available Modules button).