An Introduction to Webmin10/25/2000
Before starting today's article, I'd like to thank Jim Housley, the eagle-eyed reader who reminded me that
^H is the control character to backspace, not to highlight, as I mentioned in Read The Friendly Manpage! -- Part Two. The backspace allows your terminal driver to doublestrike the previous character, which results in the highlighted text. Thanks, Jim.
In the next two articles, I want to spend some time in the Webmin utility, which can be built from the ports collection. This week, we'll do a bit of background to see why you would want this utility, and what issues to be aware of before building it. In next week's article, we'll look at configuring Webmin for secure access and at the powerful options that come with the Webmin utility.
Admit it: When you think of using pretty GUI administrative utilities, Unix is usually not the first operating system that springs to mind. However, the operating systems that do provide nice-looking utilities usually don't let you configure the system any deeper than the vendor wants you to. Fortunately, with FreeBSD and the ports collection, you can have the best of both worlds.
One of the reasons I love FreeBSD is that the only limitation to what I'm allowed to configure on my systems is my own willingness to learn how to do what I'd like to do. FreeBSD's built-in commands are efficient and powerful; Webmin provides a graphical interface to many of these built-in commands.
When you build the Webmin port, you are actually installing the Webmin server, which can only be installed on Unix machines. The Webmin server contains Perl modules that let you view and manipulate processes, users, groups, networking configurations, disk quotas, cron jobs, logs, system daemons, and much more.
Once the Webmin server is installed, you can use any web browser from any operating system to access these modules in order to actually configure your FreeBSD computer. In other words, you install the Webmin port on the FreeBSD computer you wish to administer; you then use a web browser to connect to the computer running the Webmin server.
This is actually a powerful concept as it allows both local and remote administration of your FreeBSD computer using a familiar graphical interface. Configurable aspects of your computer will appear as icons and hyperlinks from within your web browser.
Since we will be using a utility with such great functionality, there are a few things we need to consider before building this port. Keep in mind that these considerations are actually good practice for any type of system administration.
When you build the Webmin port, you will be prompted for the following information:
- a port number the Webmin server will accept requests on
- your computer's host name
- a user name for accessing the Webmin server
- a password
- confirmation that you already have Perl 5 installed
- confirmation that you wish to use SSL
Let's go through this checklist one point at a time.
Any port in a storm
Since the Webmin server will be waiting for requests from Webmin clients, it must be given a TCP/IP port number to listen on. Normally when you type a URL into a web browser, you type something like this:
However, your web browser is actually assuming this:
That is, your browser assumes that the Web server software on a host named www.freebsd.org is listening for web requests on port 80, which is the default listening port for web servers.
However, when you use your web browser to access your Webmin server, you want to configure your FreeBSD computer, not access a web page; therefore, you must tell your web browser what port the Webmin server listens on by typing this instead:
The default Webmin port number is 10000, but I strongly recommend that you change this to prevent unauthorized users from trying to access your Webmin server. When deciding on a port number, pick a number between 1024 and 65,535. You'll want to choose a number that is not potentially being used by another service; to doublecheck, do this:
grep -w your_number /etc/services
For example, If I try:
grep -w 10101 /etc/services
I will just receive my prompt back, meaning this port number is probably not being used by another service. However:
grep -w 8668 /etc/services
will show that 8668 is the listening port that is used by
natd, so I
should probably try another port number.
Once you've settled on a port number, either commit it to memory or record it in a safe place, as you'll need it to access your Webmin server.
Next on the checklist is your computer's host name. If you will only be using Webmin locally, meaning your web browser and the Webmin server are on the same computer, type in either your computer's private IP address or the host name you created when you installed your FreeBSD computer. (Forget how to do this? Read my recent column, Networking with TCP/IP.) If you wish to access your computer remotely over the Internet, you will need to use the FQDN (fully qualified domain name) that you've purchased or the static IP address issued to you by your ISP.
User name and password
Next is the user name. Webmin will offer to use the default user name of "admin." Please change this to a more non-intuitive name. Whenever someone tries to contact your Webmin server, they will be prompted for a user name and password. If these check out, that user will have unlimited access to your FreeBSD computer, so it is important to choose a user name that no one else would think of using.
The same goes for the password. Webmin's default password is blank, meaning there is no password. You definitely want to change that default. You'll be glad you did when we start going through the powerful features built into the Webmin server.
Perl 5 and SSL
Next on the checklist is confirmation that you have the Perl 5 interpreter installed. If you are using FreeBSD 3.0 or higher, you should have the right version of Perl. To double-check, type in
And you should get the reply:
This is perl, version 5.005_03 built for i386-freebsd
If for some reason you don't have Perl 5, you'll have to build the port contained in
/usr/ports/lang/perl5, as the Perl 5 interpreter is not
The last thing the install utility will ask is if you wish to use SSL. If you will be accessing your computer remotely, you should. SSL will encrypt all the data passing between the computer hosting Webmin and the computer you are sitting at with your browser. This is a very good thing, as this data is passing over the Internet, which is a very insecure network. If you are running FreeBSD 4.0 or higher, SSL is part of the base system. If you build Webmin without SSL support and change your mind later, you can easily configure SSL support without rebuilding the Webmin port; we'll look at how next week.
Pages: 1, 2