Ok check out this commit : Enable password recovery in Webmin, and disable old module · virtualmin/virtualmin-gpl@e4f1d26 · GitHub
1 Like
Thanks, I’ll comment on it.
where do you set the root email address ?
I guess I’m not sure what you are getting at with all of this.
I installed the newest Ubuntu with an .iso, and ran only the curl command to install Virtualmin and the command to install the plugin. Everything else was just generic Virtualmin wizard questions and making a test domain and user.
I send forgot password links to Outlook 2019, outlook.com, and gmail, checked with Mail (macOS, and iPhone) and always got 3D in the link and the id error when clicking it.
You disagree that this plugin is broken “out-of-the-box” with the current Ubuntu?
I honestly can’t wait to retire this plugin once the new Webmin comes out. We’re not going to fix it, because starting with Webmin 2.304, password recovery will be built in and working properly.
At “Webmin → Webmin Users” page.
I don’t see any evidence it is broken.
All I saw was an image of an email that re-encoded an already encoded email.
Virtualmin did not do that. So I guess you did it.
You are missing the point.
Changing the plumbing is not going to ‘fix’ a non existent problem when the behaviour is the same.
Please add in a documented ADDITIONAL feature to allow admins to get the correct link from the command line through copy and paste when their Postfix is not functional yet or they are not interesed in having a functional Postfix. That is the only ‘fix’ that is required.
Even better, please provide a way for admins to list in the UI outstanding generated password recover links together with a way to cancel them early. That way an admin can easily and correctly copy/paste a link and email another way.
It is worth pointing out that many providers place a ban on outgoing TCP port 25 to new customers, so their Postfix is not going to work.
I’m glad we made it here and finally ended up with a clear, simple, and actually great feature request. Thanks!
@Jamie, are you okay with creating Virtualmin and Webmin CLIs to list all active password reset links?
It’s not publicly available yet. If you want to try it early, you’ll need to install the latest unstable development versions of Webmin.
Sure, but let’s do this in the UI.
Actually, what would be really cool would be a way for the admin to generate a password reset link.
Sure, we can do all that. I like the idea. Do you want me to take a look, or are you on it?
I’ll take a look at it.
Got it, thanks!
That video looks really promising. I can’t figure out how to actually install a bleeding-edge version though.
The link you provided advises thusly:
And if I do that it seems to add a:
/etc/apt/sources.list.d/webmin-unstable.list
Containing:
deb [signed-by=/usr/share/keyrings/ubuntu-webmin-developers.gpg] https://download.webmin.dev webmin main
Running apt update doesn’t seem to give me access to any extra builds though (at least in the places I am checking).
(I am sure that I am betraying some obvious ignorance here but I like the “Password failed, now show the button” model for sure.)
I think you do have it install, e.g.:
Ah right, sorry I was confused by the announcement about 2.310 (I thought that I was looking for a .31 alpha).
I do have:
And this:
But I don’t get the turn-around on password fail like the video, I just get the usual (having restarted Webmin):
LOL! Oh Lord, some test code got leaked! Just go ahead and update the latest development Webmin build once again to fix it.
@Ron_E_James_D.O Thanks for the heads up! 
Yeah, you’ll need to first disable and then re-enable the “Webmin login” feature on the “Edit Virtual Server” page.
@Jamie, should we also handle this in Virtualmin post-install? I mean to make sure the existing users’ emails are actually added to miniserv.users file without toggling the feature.
Two questions:
Suppose I install unstable version of virtualmin, instead of webmin, with
curl -fsSL https://software.virtualmin.dev/install | sh -s -- virtualmin unstable
as per instruction on https://software.virtualmin.dev/
- Are updates of unstable builds notified the same way as updates of stable builds? Such as ui indicates an update is available and provides a button to initiate an update?
- What if I wanted a LEMP unstable build with Nginx instead of a default LAMP unstable build with Apache? Is this safe?
apt update
apt remove virtualmin-lamp-stack
apt install virtualmin-lemp-stack
Those aren’t the same. But if you want to run development tests, you should have both repos set up ideally.
Yes, it is, however, development builds will always be ahead of stable.
No, not really—there are a lot more moving parts involved. The best way is to do a clean install using the development version of the installation script (you can find it in the same development Virtualmin repo), and then run it with a new --branch param to set up and install from the development repos right from the start:
sh virtualmin-install.sh --bundle LEMP --type full --branch unstable
Don’t know what repo this is. However virtualmin-install/virtualmin-install.sh at master · virtualmin/virtualmin-install · GitHub has a script that takes the parameters.
Raw download from:
wget https://raw.githubusercontent.com/virtualmin/virtualmin-install/refs/heads/master/virtualmin-install.sh
Is this the correct one to use?