vQadmin

Info: http://www.inter7.com/vqadmin-sysadmin-webcontrol/
Download (local copy): vqadmin-2.3.7

vqadmin is a web based control panel that allows system administrators to perform actions which require root access — for example, adding and deleting domains.

Install

The patch we are going to apply is addressed to solve several issues. You can get some of these individual patches in this folder. More info are inside the patch file itself.

cd /usr/local/src
wget http://notes.sagredo.eu/files/qmail/tar/vqadmin-2.3.7.tar.gz
wget http://notes.sagredo.eu/files/qmail/patches/vqadmin/vqadmin-2.3.7_20150829.patch
tar xzf vqadmin-2.3.7.tar.gz
cd vqadmin-2.3.7
chown -R root.root .
patch -p1 < ../vqadmin-2.3.7_20150829.patch
./configure \
        --enable-qmaildir=/var/qmail \
        --enable-cgibindir=/usr/local/www/htdocs/qmail/cgi-bin
make
make install-strip

vQadmin will be installed in /usr/local/www/htdocs/qmail/cgi-bin/vqadmin. Eventually adjust it to your apache htdocs directory

Setting up Apache

vQadmin will require it's own CGI-allowed, access-protected, directory to operate. Inside the virtual host you have to put

<Directory "/usr/local/www/htdocs/qmail/cgi-bin/vqadmin">
    deny from all
    Options ExecCGI
    AllowOverride AuthConfig
    Order deny,allow
</Directory>

And since if you install vqadmin in something else than /cgi-bin it will not work because it’s hardcoded you have to define /cgi-bin as a ScriptAlias

ScriptAlias /cgi-bin/ "/usr/local/www/htdocs/qmail/cgi-bin/"

This is my virtual host, in which I have both vQadmin and qmailadmin. I will explain the alias /image later.

<VirtualHost *:443>
        ServerName yourdomain.net
        DocumentRoot /usr/local/www/htdocs/qmail
        ScriptAlias /cgi-bin/ "/usr/local/www/htdocs/qmail/cgi-bin/"
        AddHandler cgi-script .cgi .pl
        ErrorLog  "/usr/local/www/logs/qmailadmin_error_log"
        CustomLog "/usr/local/www/logs/qmailadmin_access_log" common
        <Directory "/usr/local/www/htdocs/qmail">
            AllowOverride None
            Order allow,deny
            Allow from all
        </Directory>
        <Directory "/usr/local/www/htdocs/qmail/cgi-bin">
            AllowOverride None
            Options ExecCGI
            Order allow,deny
            Allow from all 
        </Directory>

        # QMAILADMIN
        Alias /qmailadmin_img/ "/usr/local/www/htdocs/qmail/qmailadmin/qmailadmin_img/"
        <Directory "/usr/local/www/htdocs/qmail/qmailadmin/qmailadmin_img">
            Order allow,deny
            Allow from all
        </Directory>

        # VQADMIN
        <Directory "/usr/local/www/htdocs/qmail/cgi-bin/vqadmin">
            deny from all
            Options ExecCGI
            AllowOverride AuthConfig
            Order deny,allow
        </Directory>
        Alias /images/ "/usr/local/www/htdocs/qmail/cgi-bin/vqadmin/images/"
        <Directory /usr/local/www/htdocs/qmail/cgi-bin/vqadmin/images>
            Order allow,deny
            Allow from all
        </Directory>
</VirtualHost>

Note that there are both qmailadmin and vqadmin on the same host

Setting up the access authorization

You can see that in the directory where vQadmin was installed there is an .htaccess file:

# cd /usr/local/www/htdocs/qmail/cgi-bin/vqadmin

# ls -la
total 148
drwxr-xr-x 4 vpopmail vchkpw   4096 2010-07-26 21:53 ./
drwxr-xr-x 3 root     apache   4096 2010-07-26 21:43 ../
-rw-r--r-- 1 nobody   apache    112 2009-08-04 17:32 .htaccess
drwxr-xr-x 2 vpopmail vchkpw   4096 2009-08-17 11:26 html/
-rw-r--r-- 1 vpopmail vchkpw    865 2009-08-17 15:03 vqadmin.acl
-rwsr-sr-x 1 root     root   122592 2010-07-26 21:53 vqadmin.cgi*

# more .htaccess
AuthType Basic
AuthUserFile /usr/local/etc/httpdpwd/vqadmin.passwd
AuthName "Authentication required"
require valid-user

/usr/local/etc/httpdpwd/vqadmin.passwd is the file where you have to store the account that is going to have access to vQadmin dir via httpd. Create an user:

# mkdir -p /usr/local/etc/httpdpw
# chown apache.apache /usr/local/etc/httpdpw
# /usr/local/apache/bin/htpasswd -bc /usr/local/etc/httpdpwd/vqadmin.passwd admin [password]

# more /usr/local/etc/httpdpwd/vqadmin.passwd
admin:xxxxxxxxxxxxxx

That's it. Open the browser and look for https://yourdomain.net/cgi-bin/vqadmin/vqadmin.cgi

The "Invalid language file" problem

The patch we applyed should have fixed this language file issue.

On some browsers you can face an "Invalid language file" error message. This is because vqadmin looks for a language folder based on the browser language setting. For example, the vqadmin's italian language file is it, but the browser's language setting is it-it. To solve this issue locate the /vqadmin/html folder and create a symbolic link as follows:

cd /usr/local/www/htdocs/qmail/cgi-bin/vqadmin/html
ln -s it it-it

queue-repair

ezmlm-browse

add a comment

Comments

Use apache 2.4 with vqadmin

Erald February 26, 2019 17:15

Be aware when using apache 2.4 with vqadmin will give the error "Authentication Failed Username unknown"

change your .htccess to

AuthType Basic
AuthBasicProvider file
AuthUserFile /var/www/cgi-bin/vqadmin/vqadmin.passwd
AuthName vQadmin
require valid-user

and the apache config to

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
        AddHandler cgi-script .cgi .pl
        <Directory "/var/www/cgi-bin/vqadmin">
            Options ExecCGI
            AllowOverride All
            Require all denied
        
        Alias /images/ "/var/www/cgi-bin/vqadmin/images/"
        
            Require all granted

Reply | Permalink

Use apache 2.4 with vqadmin

Roberto Puzzanghera Erald February 26, 2019 17:38

Thank you. It's working again now.

Actually it was sufficient ro remove

satisfy any

from .htaccess. Infact AuthBasicProvider defaults to file while the AddHandler option is already inside the httpd.conf

Reply | Permalink

vQadmin

Ivelin Topalov February 6, 2018 17:19

vQadmin cgi and virtual host file are not seen in browser - color ? - only seen when marked text

before adding password - /usr/local/etc/httpdpwd dir does not exists - must be created and chown apache.apache

Reply | Permalink

vQadmin

Roberto Puzzanghera Ivelin Topalov February 6, 2018 18:20

> vQadmin cgi and virtual host file are not seen in browser - color ? - only seen when marked text

Thank you. This is another issue caused by the migration from the old drupal CMS

> before adding password - /usr/local/etc/httpdpwd dir does not exists - must be created and chown apache.apache

ok, I'm going to correct it

Reply | Permalink

I followed your

Anonymous April 26, 2014 14:19

I followed your instructions,everything goes well,but when I access from web broswer by http://www.domain.com/cgi-bin/vqadmin/vqadmin.cgi

I get the following errors:

vQadmin was unable to determine your username, which means your webserver is improperly configured to run with this CGI. For security reasons, this script will not run without Apache htaccess lists.

Can you help me to solve this problem,many thanks.

Reply | Permalink

supposing that you actually

roberto puzzanghera Anonymous April 26, 2014 14:51

supposing that you actually have apache configured in this way

Options ExecCGI
AllowOverride AuthConfig

did you modified, for some reason, the .acl and .htaccess files under the vqadmin dir?

Reply | Permalink

in my vhosts.conf file

Anonymous roberto puzzanghera April 27, 2014 04:18

in my vhosts.conf file,I added the following code,just copied from your instructions:

       # VQADMIN
        <Directory "/www/htdocs/qmail/cgi-bin/vqadmin">
            deny from all
            Options ExecCGI
            AllowOverride AuthConfig
            Order deny,allow 
        </Directory>

        Alias /images/ "/www/htdocs/qmail/cgi-bin/vqadmin/images/"
        <Directory /www/htdocs/qmail/cgi-bin/vqadmin/images>
            Order allow,deny
            Allow from all
        </Directory>

my .htacces in /www/htdocs/qmail/cgi-bin/vqadmin:

AuthType Basic
AuthUserFile /usr/local/etc/httpdpwd/vqadmin.passwd
AuthName "Authentication required"
require valid-user
satisfy any

Reply | Permalink

what about the .acl file? I

roberto puzzanghera Anonymous April 27, 2014 11:15

what about the .acl file? I would try to restore it as the original. Double check /usr/local/etc/httpdpwd/vqadmin.passwd as well

Reply | Permalink

i used the default

Anonymous roberto puzzanghera April 27, 2014 14:59

i used the default vqadmin.acl,and didn't edit it ,just the original file:

#

# Default group contains permissions for all users
# not listed under any groups
#
# If the default group is not defined, users not
# listed under any other groups will have no
# permissions.
#
# Examples follow...
#

default - ...

#
# Access permissions:
#M Modify user information

# U Modify domain information
# C Create user
# A Create domain
# D Delete user
# X Delete domain
#
# These features will still appear in the HTML templates
# if the user doesn't have access to them, however, they will
# get a permission denied error if they try to make use of
# them.
#

tech VI tech1user
admin VIMUDCA admin1user

#
# An asterisk in the features field specifies that you
# want all users in this group to have access to
# all features.
#

senior * admin

Reply | Permalink

your vqadmin seems ok, but

roberto puzzanghera Anonymous April 27, 2014 21:12

your vqadmin seems ok, but deeper investigation is needed also in your apache. Let me know if you solve

Reply | Permalink

I have not solve this

Anonymous roberto puzzanghera April 28, 2014 03:57

I have not solve this problem,but there's another more important problem.When I enable CHKUSER by:

# This enables chkuser
export CHKUSER_START=ALWAYS

I can just send email,but I can't receive email,and if diabled it ,everthing is ok,I don't know why?

Reply | Permalink

It's not easy to troubleshoot

roberto puzzanghera Anonymous April 28, 2014 09:37

It's not easy to troubleshoot without details, but If you are strictly following my guide feel free to contact me in private; in that case post your tcp.smtp and run files

Reply | Permalink