Using PHP, I’d like to programmatically pull a list of domains using list-domains.pl with the Remote API to display on an authenticated web page. However, I don’t want to store the root password on that server, for security reasons.
According to the documentation, “Only the master administrator can access the remote API though, as it can be used to perform almost any action in Virtualmin, and thus would be unsafe for server owners or resellers to use.” (https://www.virtualmin.com/documentation/developer/http)
Can I create a second master administrator to do this? Preferably, I’d like to create a user that DOESN’T have ssh access to the server, and limit their permissions to only accessing list-domains.pl.
What is the best approach to doing this?