vQadmin

August 29, 2015 Roberto Puzzanghera12 comments

vqadmin is a web based control panel that allows system administrators to perform actions which require root access — for example, adding and deleting domains.

Install

The patch we are going to apply is addressed to solve several issues. You can get some of these individual patches in this folder. More info are inside the patch file itself.

cd /usr/local/src
wget http://notes.sagredo.eu/files/qmail/tar/vqadmin-2.3.7.tar.gz
wget http://notes.sagredo.eu/files/qmail/patches/vqadmin/vqadmin-2.3.7_20150829.patch
tar xzf vqadmin-2.3.7.tar.gz
cd vqadmin-2.3.7
chown -R root.root .
patch -p1 < ../vqadmin-2.3.7_20150829.patch
./configure \
        --enable-qmaildir=/var/qmail \
        --enable-cgibindir=/usr/local/www/htdocs/qmail/cgi-bin
make
make install-strip

vQadmin will be installed in /usr/local/www/htdocs/qmail/cgi-bin/vqadmin. Eventually adjust it to your apache htdocs directory

Setting up Apache

vQadmin will require it's own CGI-allowed, access-protected, directory to operate. Inside the virtual host you have to put

<Directory "/usr/local/www/htdocs/qmail/cgi-bin/vqadmin">
    deny from all
    Options ExecCGI
    AllowOverride AuthConfig
    Order deny,allow
</Directory>

And since if you install vqamin in something else than /cgi-bin it will not work because it’s hardcoded you have to define /cgi-bin as a ScriptAlias

ScriptAlias /cgi-bin/ "/usr/local/www/htdocs/qmail/cgi-bin/"

This is my virtual host, in which I have both vQadmin and qmailadmin. I will explain the alias /image later.

<VirtualHost *:443>
        ServerName yourdomain.net
        DocumentRoot /usr/local/www/htdocs/qmail
        ScriptAlias /cgi-bin/ "/usr/local/www/htdocs/qmail/cgi-bin/"
        ErrorLog  "/usr/local/www/logs/qmailadmin_error_log"
        CustomLog "/usr/local/www/logs/qmailadmin_access_log" common
        <Directory "/usr/local/www/htdocs/qmail">
            AllowOverride None
            Order allow,deny
            Allow from all
        </Directory>
        <Directory "/usr/local/www/htdocs/qmail/cgi-bin">
            AllowOverride None
            Options ExecCGI
            Order allow,deny
            Allow from all 
        </Directory>

        # QMAILADMIN
        Alias /qmailadmin_img/ "/usr/local/www/htdocs/qmail/qmailadmin/qmailadmin_img/"
        <Directory "/usr/local/www/htdocs/qmail/qmailadmin/qmailadmin_img">
            Order allow,deny
            Allow from all
        </Directory>

        # VQADMIN
        <Directory "/usr/local/www/htdocs/qmail/cgi-bin/vqadmin">
            deny from all
            Options ExecCGI
            AllowOverride AuthConfig
            Order deny,allow
        </Directory>
        Alias /images/ "/usr/local/www/htdocs/qmail/cgi-bin/vqadmin/images/"
        <Directory /usr/local/www/htdocs/qmail/cgi-bin/vqadmin/images>
            Order allow,deny
            Allow from all
        </Directory>
</VirtualHost>

Note that there are both qmailadmin and vqadmin on the same host

Setting up the access authorization

You can see that in the directory where vQadmin was installed there is an .htaccess file:

# cd /usr/local/www/htdocs/qmail/cgi-bin/vqadmin

# ls -la
total 148
drwxr-xr-x 4 vpopmail vchkpw   4096 2010-07-26 21:53 ./
drwxr-xr-x 3 root     apache   4096 2010-07-26 21:43 ../
-rw-r--r-- 1 nobody   apache    112 2009-08-04 17:32 .htaccess
drwxr-xr-x 2 vpopmail vchkpw   4096 2009-08-17 11:26 html/
-rw-r--r-- 1 vpopmail vchkpw    865 2009-08-17 15:03 vqadmin.acl
-rwsr-sr-x 1 root     root   122592 2010-07-26 21:53 vqadmin.cgi*

# more .htaccess
AuthType Basic
AuthUserFile /usr/local/etc/httpdpwd/vqadmin.passwd
AuthName "Authentication required"
require valid-user
satisfy any

/usr/local/etc/httpdpwd/vqadmin.passwd is the file where you have to store the account that is going to have access to vQadmin dir via httpd. Create an user:

# mkdir -p /usr/local/etc/httpdpw
# chown apache.apache /usr/local/etc/httpdpw
# /usr/local/apache/bin/htpasswd -bc /usr/local/etc/httpdpwd/vqadmin.passwd admin [password]

# more /usr/local/etc/httpdpwd/vqadmin.passwd
admin:xxxxxxxxxxxxxx

That's it. Open the browser and look for https://yourdomain.net/cgi-bin/vqadmin/vqadmin.cgi

The "Invalid language file" problem

The patch we applyed should have fixed this language file issue.

On some browsers you can face an "Invalid language file" error message. This is because vqadmin looks for a language folder based on the browser language setting. For example, the vqadmin's italian language file is it, but the browser's language setting is it-it. To solve this issue locate the /vqadmin/html folder and create a symbolic link as follows:

cd /usr/local/www/htdocs/qmail/cgi-bin/vqadmin/html
ln -s it it-it
queue-repair
ezmlm-browse
qmail | vpopmail | vqadmin
add a comment

Comments

vQadmin

Ivelin Topalov February 6, 2018 17:19

vQadmin cgi and virtual host file are not seen in browser - color ? - only seen when marked text

before adding password - /usr/local/etc/httpdpwd dir does not exists - must be created and chown apache.apache

Reply | Permalink

vQadmin

Roberto Puzzanghera February 6, 2018 18:20

> vQadmin cgi and virtual host file are not seen in browser - color ? - only seen when marked text

Thank you. This is another issue caused by the migration from the old drupal CMS

> before adding password - /usr/local/etc/httpdpwd dir does not exists - must be created and chown apache.apache

ok, I'm going to correct it

Reply | Permalink

I followed your

Anonymous April 26, 2014 14:19

I followed your instructions,everything goes well,but when I access from web broswer by http://www.domain.com/cgi-bin/vqadmin/vqadmin.cgi

I get the following errors:


vQadmin was unable to determine your username, which means your webserver is improperly configured to run with this CGI. For security reasons, this script will not run without Apache htaccess lists.
 

Can you help me to solve this problem,many thanks.

Reply | Permalink

supposing that you actually

roberto puzzanghera April 26, 2014 14:51

supposing that you actually have apache configured in this way

Options ExecCGI
AllowOverride AuthConfig

did you modified, for some reason, the .acl and .htaccess files under the vqadmin dir?

Reply | Permalink

in my vhosts.conf file

Anonymous April 27, 2014 04:18

in my vhosts.conf file,I added the following code,just copied from your instructions:

       # VQADMIN
        <Directory "/www/htdocs/qmail/cgi-bin/vqadmin">
            deny from all
            Options ExecCGI
            AllowOverride AuthConfig
            Order deny,allow 
        </Directory>

        Alias /images/ "/www/htdocs/qmail/cgi-bin/vqadmin/images/"
        <Directory /www/htdocs/qmail/cgi-bin/vqadmin/images>
            Order allow,deny
            Allow from all
        </Directory>

my .htacces in /www/htdocs/qmail/cgi-bin/vqadmin:

AuthType Basic
AuthUserFile /usr/local/etc/httpdpwd/vqadmin.passwd
AuthName "Authentication required"
require valid-user
satisfy any

Reply | Permalink

what about the .acl file? I

roberto puzzanghera April 27, 2014 11:15

what about the .acl file? I would try to restore it as the original. Double check  /usr/local/etc/httpdpwd/vqadmin.passwd as well

Reply | Permalink

i used the default

Anonymous April 27, 2014 14:59

i used the default vqadmin.acl,and didn't edit it ,just the original file:

#

# Default group contains permissions for all users
# not listed under any groups
#
# If the default group is not defined, users not
# listed under any other groups will have no
# permissions.
#
# Examples follow...
#

default - ...

#
# Access permissions:
#M Modify user information

# U Modify domain information
# C Create user
# A Create domain
# D Delete user
# X Delete domain
#
# These features will still appear in the HTML templates
# if the user doesn't have access to them, however, they will
# get a permission denied error if they try to make use of
# them.
#

tech VI tech1user
admin VIMUDCA admin1user

#
# An asterisk in the features field specifies that you
# want all users in this group to have access to
# all features.
#

senior * admin

Reply | Permalink

your vqadmin seems ok, but

roberto puzzanghera April 27, 2014 21:12

your vqadmin seems ok, but deeper investigation is needed also in your apache. Let me know if you solve

Reply | Permalink

I have not solve this

Anonymous April 28, 2014 03:57

I have not solve this problem,but there's another more important problem.When I enable CHKUSER by:

# This enables chkuser
export CHKUSER_START=ALWAYS

I can just send email,but I can't receive email,and if diabled it ,everthing is ok,I don't know why?

Reply | Permalink

It's not easy to troubleshoot

roberto puzzanghera April 28, 2014 09:37

It's not easy to troubleshoot without details, but If you are strictly following my guide feel free to contact me in private; in that case post your tcp.smtp and run files

Reply | Permalink

The "Invalid language file" problem

nerdworks October 15, 2012 13:12

Hi,

Is it possible to use the "ln" command instead of "cp -p"?

I am worried about maintenance when upgrading vqadmin.

 

Thanks,

Reply | Permalink

I think that's even better

roberto puzzanghera October 15, 2012 14:14

I think that's even better

Reply | Permalink

add a comment
qmail notes

General notes

daemontools

ucspi-tcp6

qmail

vpopmail

Patching

Configuring

Testing

autorespond

ezmlm-idx

qmailadmin

Add-ons

RBL

Greetdelay

tcprules

DKIM

SURBL

Limiting per user/domain/IP outgoing emails

Installing a valid SSL certificate

qmail-taps-extended

moreipme

qmHandle

queue-repair

vQadmin

ezmlm-browse

ezmlm-web

rblsmtpd

qmail-rblchk

Dovecot

Running

Testing

Filtering

Expunging

Roundcube

Plugins

Spamassassin

Userprefs

ClamAV

simscan

Testing

fail2ban

Need help?

ChangeLog

Pay me a coffee:

PayPal - The safer, easier way to pay online.

Other contents

Linux-vserver on Slackware

Running two php on the same server

rsync backup via ssh

Securing proftpd

Installing mariaDB

Setting up MySQL

SEO friendly URLs with apache mod_rewrite

Building your ownCloud

Building your own mozilla-sync server

Setting up Tex on Mediawiki

Slackware RSS feeds

English
Italiano
Recent comments

Thanks a lot. I found the same problem
December 8, 2018 14:10

Updated qmail-queue-custom-error.patch to work with netqmail-1.06
December 7, 2018 21:20

Access denied on textfile2
December 4, 2018 22:35

Access denied on textfile2
December 4, 2018 19:27

Access denied on textfile2
December 4, 2018 03:23

rcptcheck with starttls
December 3, 2018 21:27

rcptcheck with starttls
December 2, 2018 20:43

Dovecot vpopmail userdb and passdb without SQL backend.
December 2, 2018 12:55

Dovecot vpopmail userdb and passdb without SQL backend.
December 2, 2018 12:45

rcptcheck with starttls
November 30, 2018 14:13

Tags

apache clamav dkim dovecot ezmlm fail2ban hacks lamp letsencrypt linux linux-vserver mariadb mediawiki mozilla mysql owncloud patches php proftpd qmail qmailadmin rbl roundcube rsync sieve simscan slackware spamassassin ssh ssl surbl tcprules tex ucspi-tcp vpopmail vqadmin

Recent posts

Installing and configuring Spamassassin

Configuring DKIM for qmail

Patching qmail

ezmlm-web

ClamAV

autorespond

ucspi-tcp6

daemontools

Configuring qmail

ChangeLog

RSS feeds