Virtual Server and MySQL User Permission Password Bug

Hello. I thought I should make you aware of an apparent bug in Virtualmin.

When ever you use WHMCS to create a virtual server or even do it manually, the database password doesn’t get set correctly. If I create test.com, and get a user test, on group test then when I try to access database test, i get a denied error.

If I go to user permissions in MySQL Database Server, and manually set the password on user test, I do notice the MySQL pass hash changes and I am able to access that database.

Please fix this as we have to manually do this for every client and it is very annoying especially with keeping passwords in sync.

Thank You.

Howdy,

That’s not a problem that we’ve noticed before. On a test WHMCS system I have here, that problem doesn’t occur.

If you create a Virtual Server from within Virtualmin, using the same Server Template that WHMCS passes in – does the MySQL password get set correctly?

Also, if you look in the server templates (the one that WHMCS is using when this user is being created) – in the Administrative User section, what is “Store clear text passwords” set to?

-Eric

No, thats what i am referring to. I have to manually set their password or they cant use their database. And clear text is disabled (No).

And I AM doing this in WHMCS…

Would you consider doing a little experiment? :slight_smile:

Could you, temporarily at least, enabling the clear text passwords?

That is, go into your Server Templates, and in the section Administration User, set “Store clear text passwords” to “Yes” for the template(s) that you’re using when generating a user from WHMCS.

When that’s set to yes, does the MySQL password get set correctly?

-Eric

Just did and created a test server via virtualmin and it worked perfectly.

Also is there any way to have a database created with pre-setup data? Like we have a free forum service but we have to set the database up. Is there anyway that 1 or more databases can be auto-created with the script pre-setup or at least have a script be created to do that on creation to be ran?

Thanks :slight_smile:

Well, one way to do that would be to setup your forum as an install script, so that it can be installed in one click.

But once it’s an install script, you can go into the Server Templates and configure it to be installed automatically with certain templates.

Another way to do that would be to go into System Settings -> Virtualmin Config -> Actions upon user and server creation, and you can use “Command to run after making changes to a server” to run a script whenever a account is created.

-Eric

i can also confirm that creating users with the hashed passwords turned on sets a different hash for the mysql user…

current workarounds are to either turn off password hashing in the server templates section, or to manually set the password again within mysql

(affects virtualmin 3.90)

Jamie reminded me that when the passwords are set to hashed – MySQL passwords are set to a different, and random, password. The MySQL passwords are stored in clear text on the filesystem, so in order to keep the system passwords secure, a different MySQL password is chose.

You can obtain that MySQL password by looking in Edit Databases -> Passwords.

-Eric