Webmin Terminal is logged in as root when i log in with my SUDO user

SYSTEM INFORMATION
OS type and version Ubuntu Linux 22.04.3
Webmin version 2.105
Usermin version 2.005
Virtualmin version 7.8.2
Theme version 21.09.5
Package updates All installed packages are up to date

Background

When you install Ubuntu, it makes you create another user that is not root, a user with full SUDO permissions.

I also enabled the root account so I could use it for installing Virtualmin.

The issue

  • I log into Webmin with my SUDO user, lets call it testuser
  • I then go to the terminal in Webmin and it is logged in as root
    image

Expecting

I thought the terminal would log in with the user I logged into Webmin with, i.e. testuser

Questions

  • is this normal behaviour?
  • If I log in with a SUDO user the terminal will always be root?
  • Is the Webmin terminal always run as root?
  • Should i create a Webmin account for my SUDO user as one was never created for it?
  • Why can I log in with testuser when there is no Webmin account for it?

Thanks for any help

After a stroke of luck I found this setting:

Webmin —> Webmin Users → Configure Unix User Authentication → Allow users who can run all commands via sudo to login as root

Does it? really
not on any of my 22.04.3 boxes
of course there is nothing there stopping you setting up SUDOers

Ubunutu Server, Minimal setup. I don’t use desktop version or the GUI for installing. I am pretty sure this is not optional because the root account is “disabled” until I enable it by giving it a password after installation.

Debian uses the root account and does not force you to create a second account, but I can’t remember if it offer you the ability to do it during the install.

Not on any install I have done locally or on a vps… no idea why you have this issue. That said nothing to do with webmin but your installation

root might not be disabled but it has an expired password which prevents you from logging into it until you set a password. In particular according to Joe a password hash is used starting with a ! creating an invalid hash. To most people in the world this = disabled.

Also if you read my second post :smile:

and

swelljoe Now you should be able to login as any user that has ALL sudo privileges. This feature was added to accommodate systems like Ubuntu that do away with having a “root” account, by default (Ubuntu has a root account, but it has no password and the first user created gets added to the sudoers file automatically).

Wow how come you didn’t set up the enviroment correctly ? I guess this to be your inexperience with linux which you openly admit is not an os you know very little about and come froom a windows background. Advice here is to learn how to use linux rather than windows … they are totally different

and what did I not setup correctly? I am interested. I will add it to my notes.

I am 100% with @jimr1 on this.

I don’t know where you are getting your Ubuntu image from but I have 5 boxes all in different countries and all using Ubuntu 22.04.3

I have root access to all of them with a password. I also have a SUDOer account on all of them with a password. So there is no “forcing” by Ubuntu. Perhaps you are using some weird image with a non-typical setup. ie not really Ubuntu. I have not come across a “Minimal install” and cannot see why I would ever want to.

It doesn’t “make you”, but the default installation of Ubuntu offers to create a new user during installation and that user will be added to sudoers with ALL privileges, and no root password will be set.

This is a very reasonable thing for the installer to do (one of the few cases where I think Ubuntu made a good decision ahead of the curve…they’ve been doing this for at least a decade, and maybe more, and many other distros were later to do so, though most can do it during install now, as well).

1 Like

Calm down, this is not something to fight about. If you perform an installation of Ubuntu from an ISO on bare metal hardware, and you follow the defaults, you will end up with no root password set and a first user with sudo ALL privileges. That’s not controversial or difficult to prove. You can set a root password. A root user obviously exists on any Linux system, but many distros will not set a root password during install unless you tell it to; the first user will be a sudo-capable user. This is a pretty good security practice.

1 Like

Not fighting about - just completely opposite to my experience.

I have not installed on my own personal “bare metal” always on physical boxes provided (either by corporate IT rooms or by VM services) In such cases I do not have physical access to either the box or obviously the ISO used. (though when offered to reinstall from ISO, I trust that they do so and have requested that on a number of times).

I have never used anything other than Ubuntu in the past (since about 2006) and have always been asked for a root password. The creation of a SUDOer is optional. I have no problem with that and usually do so. (but not always and certainly not “forced” to do so as declared by the OP “it makes you”) Perhaps that statement should have been less aggressive and been “it suggests you”.

If someone has their root account "disabled I would suggest that it is time to revert to ISO.

I was, after all, only agreeing with @jimr1.

Not on any install I have done locally or on a vps… no idea why you have this issue.

Your providers opted to set a root password, because I guess that’s simpler than explaining to their customers the alternative. But, it’s not the default.

OK I am prepared to accept that as an explanation. There has always been a third party involvement. Mark this one up as “The new fact I learned today”!

I hope @shoulders will accept my apology for my misunderstanding and finds a solution to the problem.

@Stegan thanks for you words. I too am always learning :smile: .

@Joe thanks for the clarification of this issue.

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.