| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Almalinux 9.1 |
| Webmin version | 2.021 |
| Virtualmin version | 7.7-3 |
| Related packages | Sudo User |
root was disabled and only one sudo user was created during the installation of Almalinux 9.1
Wheel Group shows ALL privileges.
How do I give access to sudo user within ssh?
So, if I’m understanding, you have a user with wheel group membership, and wheel group has sudo ALL privileges, correct? But, Webmin isn’t recognizing that as a root-capable user?
I guess Webmin probably isn’t aware of that possibility. @Jamie ?
Correct Sir!
Most vps services I use only allow creation of a sudoer with Authentic key login. They disable root during the installation process. I would like to keep it that way as well.
Webmin doesn’t look at the group membership to determine sudo capabilities - instead it runs the command sudo -l -S as the user, and checks the output for a line like :
(ALL) ALL
what does that command output on your system?
Do they allow root with key. What VPS so I can avoid every signing up with them 
(I’m not cyberndt, but wanted to give you mine)
(ALL : ALL) ALL
(ALL) NOPASSWD: ALL
I have the following:
(ALL) NOPASSWD: ALL
Some do Some don’t
That (ALL) NOPASSWD: ALL output should also be fine.
But do you mean it doesn’t happen for all users?
It does not pickup the main sudoer in the Wheel group that was created during Almalinux 9 installation.
I have not created any other users.
Note: That is the same user that was used to install Virtualmin.
Does anything get logged to /var/log/miniserv.error when you try to login as a sudo-capable user?
I have /var/webmin/miniserv.error only showing server stopping and reloading.
Edited to Add: /var/log/secure shows
Non-existent login as *rootuser* from *IP*
As always, we ended up creating a root password and syncing it with webmin to login.
sudo /usr/libexec/webmin/changepass.pl /etc/webmin root password
I created the Administrator group within webmin to convert the unix/sudoer user and restricted root login.
Would be nice if you could show a way to create an Administrator group and add the sudoer from within SSH/Terminal commands.
You don’t need to do that. If you have a system root user that has a password, Webmin will authenticate to it without need it to have a Webmin password. If you make both, now you have to worry about them either being in sync or keeping up with both.
Well obviously, I had to do it @Joe because your software didn’t pick up the sudoer and was unable to log into the gui. This is not the first time I had to go this route.
As per Webmin > Webmin Users > Convert Unix to Webmin Users has to option to sync passwords.
I restrict the root login so no need to worry about sync of passwords.
No, I mean, if you set a root password on the system, you can use root and that password to login to Webmin. That’s unrelated to the sudo issue you mentioned above.
Webmin can authenticate to system users. You do not need a Webmin password.
Well, it didn’t work, that’s why I have the command saved in my notes to set the password for root to login. Because this is not the first time this has happened even after I had rebooted the vps after creating the password for root.
That would mean authentication via PAM isn’t work, I think? That would be unusual, and would mean sudo isn’t the problem…
And this is also a result of Webmin not recognizing the sudoer that is described in the original post.
PAM is working fine, was one of my first places the check.
This has only started after Centos 8. With derivatives like Rocky and Alma.
I never have this issue with Ubuntu.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.