CentOS Issues

Trying to setup CentOS, which isn’t my normal Linux, I found a number of issues.

      • Time drifts horribly. I tried installing the standard NTP package, but something about CentOS didn’t want to let it work properly. Since CentOS wants to use chrony, I guess I will use crony.
      • Webmin doesn’t correctly authenticate against the normal users.
      • Webmin doesn’t allow sudo users

To fix the time drift.  Unlike every other *nix, CentOS doesn’t use NTP, it uses something called “crony”.  To fix it follow these instructions.

To install webmin so that it works as cleanly as debian based distros:

      • sudo -i
      • yum -y update
      • yum -y install perl perl-Net-SSLeay openssl perl-IO-Tty perl-Encode-Detect
      • vi /etc/yum.repos.d/webmin.repo
      • then add the following block to the file

        [Webmin]
        name=Webmin Distribution Neutral
        #baseurl=http://download.webmin.com/download/yum
        mirrorlist=http://download.webmin.com/download/yum/mirrorlist
        enabled=1

      • rpm --import http://www.webmin.com/jcameron-key.asc
      • yum install -y webmin
      • vi /etc/webmin/miniserv.conf
      • add the following line to the file

        sudo=1

      • firewall-cmd --zone=public --add-port=10000/tcp --permanent
      • firewall-cmd --reload
      • chkconfig webmin on
      • service webmin restart

Let’s break this down,

“sudo -i” logs us in as root, dangerous but you will need to sudo everything if you don’t, so you might as well just login as root.

yum update , updates all the software on your machine.

yum install perl  perl-Net-SSLeay openssl perl-IO-Tty perl-Encode-Detect, installs all the prerequisites to enable logging in using unix users.   Why this isn’t marked as requirements in the RPM, I have no idea.

Creating the webmin.repo allows webmin to be installed, and kept up to date via yum.

The rpm import statement is there to get the GPG key that the software package is signed with.  This allows yum to validate that the software install package is what the publisher created. In truth, it is actually rpm that does the actual verification and install, while yum is used to check for updates and downloading the update.

Modification of the miniserv.conf file is essential to let users that can sudo to be able to login, otherwise you can only log in as root.

The firewall rules reconfigure firewalld to allow access to webmin, and reload the configuration.

The chkconfig, enables the service to start automatically on boot.

Finally, the “service restart” command starts, or restarts, webmin.