vQadmin
February 26, 2020 Roberto Puzzanghera 24 comments
- Info: http://www.inter7.com/vqadmin-sysadmin-webcontrol/
- Download (local copy): vqadmin-2.3.7
vqadmin is a web based control panel that allows system administrators to perform actions which require root access — for example, adding and deleting domains.
Install
The patch we are going to apply is addressed to solve several issues. You can get some of these individual patches in this folder. More info are inside the patch file itself.
cd /usr/local/src
wget https://notes.sagredo.eu/files/qmail/tar/vqadmin-2.3.7.tar.gz
wget https://notes.sagredo.eu/files/qmail/patches/vqadmin/vqadmin-2.3.7_20200226.patch
tar xzf vqadmin-2.3.7.tar.gz
cd vqadmin-2.3.7
chown -R root.root .
patch -p1 < ../vqadmin-2.3.7_20200226.patch
QMAILROOT=/var/www/qmail
./configure \
--enable-qmaildir=/var/qmail \
--enable-cgibindir=${QMAILROOT}/cgi-bin
make
make install-strip
vQadmin will be installed in /var/www/qmail/cgi-bin/vqadmin. Eventually adjust it to your apache directory.
Setting up Apache
vQadmin will require it's own CGI-allowed, access-protected, directory to operate. Inside the virtual host you have to put
<Directory ${QMAILROOT}/cgi-bin/vqadmin>
Require all denied
Options ExecCGI
AllowOverride AuthConfig
</Directory>
And since if you install vqadmin in something else than /cgi-bin it will not work because it’s hardcoded you have to define /cgi-bin as a ScriptAlias
ScriptAlias /cgi-bin/ ${QMAILROOT}/cgi-bin/
This is my virtual host, in which I have both vQadmin and qmailadmin. I will explain the alias /image later.
Define QMAILROOT /var/www/qmail
Define LOGDIR /var/log/apache
<VirtualHost *:443>
ServerName yourdomain.net
DocumentRoot ${QMAILROOT}
ScriptAlias /cgi-bin/ ${QMAILROOT}/cgi-bin/
AddHandler cgi-script .cgi .pl
ErrorLog ${LOGDIR}/qmailadmin_error_log
CustomLog ${LOGDIR}/qmailadmin_access_log common
<Directory ${QMAILROOT}>
AllowOverride None
Require all granted
</Directory>
<Directory ${QMAILROOT}/cgi-bin>
AllowOverride None
Options ExecCGI
Require all granted
</Directory>
# QMAILADMIN
Alias /files/ ${QMAILROOT}/qmailadmin/files/
<Directory ${QMAILROOT}/qmailadmin/files>
Require all granted
</Directory>
# VQADMIN
<Directory ${QMAILROOT}/cgi-bin/vqadmin>
Require all denied
Options ExecCGI
AllowOverride AuthConfig
</Directory>
Alias /images/ ${QMAILROOT}/cgi-bin/vqadmin/images/
<Directory ${QMAILROOT}/cgi-bin/vqadmin/images>
Require all granted
</Directory>
</VirtualHost>
Note that there are both qmailadmin and vqadmin on the same host
Setting up the access authorization
You can see that in the directory where vQadmin was installed there is an .htaccess file:
# cd /var/www/qmail/cgi-bin/vqadmin # ls -la total 148 drwxr-xr-x 4 vpopmail vchkpw 4096 2010-07-26 21:53 ./ drwxr-xr-x 3 root apache 4096 2010-07-26 21:43 ../ -rw-r--r-- 1 nobody apache 112 2009-08-04 17:32 .htaccess drwxr-xr-x 2 vpopmail vchkpw 4096 2009-08-17 11:26 html/ -rw-r--r-- 1 vpopmail vchkpw 865 2009-08-17 15:03 vqadmin.acl -rwsr-sr-x 1 root root 122592 2010-07-26 21:53 vqadmin.cgi* # more .htaccess AuthType Basic AuthUserFile /usr/local/etc/httpdpwd/vqadmin.passwd AuthName "Authentication required" require valid-user
/usr/local/etc/httpdpwd/vqadmin.passwd is the file where you have to store the account that is going to have access to vQadmin dir via httpd. Create an user:
# mkdir -p /usr/local/etc/httpdpw # chown apache.apache /usr/local/etc/httpdpw # /usr/local/apache/bin/htpasswd -bc /usr/local/etc/httpdpwd/vqadmin.passwd admin [password] # more /usr/local/etc/httpdpwd/vqadmin.passwd admin:xxxxxxxxxxxxxx
That's it. Open the browser and look for https://yourdomain.net/cgi-bin/vqadmin/vqadmin.cgi
The "Invalid language file" problem
The patch we applyed should have fixed this language file issue.
On some browsers you can face an "Invalid language file" error message. This is because vqadmin looks for a language folder based on the browser language setting. For example, the vqadmin's italian language file is it, but the browser's language setting is it-it. To solve this issue locate the /vqadmin/html folder and create a symbolic link as follows:
cd /var/www/qmail/cgi-bin/vqadmin/html ln -s it it-it
qmail notes
Pay me a coffee:
Other contents
Recent comments
Custom Selector
October 4, 2022 17:57
Key too small – Workaround
October 1, 2022 13:35
Key too small – Workaround
October 1, 2022 13:32
Key too small
October 1, 2022 10:40
Key too small
October 1, 2022 08:18
Custom Selector
September 28, 2022 18:09
Fail2ban alternative
September 28, 2022 08:12
Fail2ban alternative
September 28, 2022 03:51
Custom Selector
September 27, 2022 22:46
Custom Selector
September 27, 2022 22:07
Tags
apache clamav dkim dovecot ezmlm fail2ban hacks lamp letsencrypt linux linux-vserver lxc mariadb mediawiki mozilla mysql openboard owncloud patches php proftpd qmail qmail to postfix qmail-spp qmailadmin rbl roundcube rsync sieve simscan slackware solr spamassassin spf ssh ssl surbl tcprules tex ucspi-tcp vpopmail vqadmin
Comments
Unknown Authz provider: valid-user
Kenny Lee September 9, 2020 06:42
Hi Mr Roberto,
i got this error message in my apache error.log file:
which area i need to look into?
thank you
Reply | Permalink
Unknown Authz provider: valid-user
Roberto Puzzanghera Kenny Lee September 9, 2020 09:23
did you enable mod_authz_user in your apache? look here https://serverfault.com/questions/737784/phpmyadmin-on-apache2-reload-unknown-authz-provider-valid-user-error
PS Can you take a look at the previous thread here?
Reply | Permalink
Unknown Authz provider: valid-user
Kenny Lee Roberto Puzzanghera September 9, 2020 09:48
Hi Mr Roberto,
thanks for the advise, it works now.
Reply | Permalink
vQadmin Patch Error
Tony Fung June 24, 2020 10:57
Hi Roberto
The following error occurred when apply the patch:
It is found that files in source directory //html/ contain CTRL-M (^M) characters at the end of lines that lead to error when apply the patch.
You can run the command as underneath in that directory to remove the CTRL-M characters:
Afterthat, the patch can apply successfully without error.
Reply | Permalink
vQadmin Patch Error
Roberto Puzzanghera Tony Fung June 24, 2020 18:25
Thank you, Tony. Corrected.
Reply | Permalink
patching vQadmin
Marco Varanda February 26, 2020 13:17
Hello Roberto
When I try to apply vQadmin patch, I got an error:
Could you help me ?
- varanda
Reply | Permalink
patching vQadmin
Roberto Puzzanghera Marco Varanda February 26, 2020 17:35
This new patch should be fine now...
Reply | Permalink
patching vQadmin
Marco Varanda Roberto Puzzanghera February 26, 2020 17:51
Hello again,
The problem changed:
Take your time
;-)
- varanda
Reply | Permalink
patching vQadmin
Roberto Puzzanghera Marco Varanda February 26, 2020 17:57
try to download the source again and patch please, because I cleaned that file and uploaded it
Reply | Permalink
patching vQadmin
Roberto Puzzanghera Marco Varanda February 26, 2020 15:04
Hi, there is a problem in my patch.
I'll fix it as soon as I can. In the meantime you can try to modify the file mod_user.html according to the html/mod_user.html.rej diff file, or compile as is, but the program will show the users' clear pwd.
Be aware that this program seems not work fine anymore. I don't remember what broke it at a certain point (perhaps it was the vpopmail upgrade to v. 5.4.33)
Reply | Permalink
Use apache 2.4 with vqadmin
Erald February 26, 2019 17:15
Be aware when using apache 2.4 with vqadmin will give the error "Authentication Failed Username unknown"
change your .htccess to
and the apache config to
Reply | Permalink
Use apache 2.4 with vqadmin
Roberto Puzzanghera Erald February 26, 2019 17:38
Thank you. It's working again now.
Actually it was sufficient ro remove
from .htaccess. Infact AuthBasicProvider defaults to file while the AddHandler option is already inside the httpd.conf
Reply | Permalink
vQadmin
Ivelin Topalov February 6, 2018 17:19
vQadmin cgi and virtual host file are not seen in browser - color ? - only seen when marked text
before adding password - /usr/local/etc/httpdpwd dir does not exists - must be created and chown apache.apache
Reply | Permalink
vQadmin
Roberto Puzzanghera Ivelin Topalov February 6, 2018 18:20
> vQadmin cgi and virtual host file are not seen in browser - color ? - only seen when marked text
Thank you. This is another issue caused by the migration from the old drupal CMS
> before adding password - /usr/local/etc/httpdpwd dir does not exists - must be created and chown apache.apache
ok, I'm going to correct it
Reply | Permalink
I followed your
Anonymous April 26, 2014 14:19
I followed your instructions,everything goes well,but when I access from web broswer by http://www.domain.com/cgi-bin/vqadmin/vqadmin.cgi
I get the following errors:
vQadmin was unable to determine your username, which means your webserver is improperly configured to run with this CGI. For security reasons, this script will not run without Apache htaccess lists.
Can you help me to solve this problem,many thanks.
Reply | Permalink
supposing that you actually
roberto puzzanghera Anonymous April 26, 2014 14:51
supposing that you actually have apache configured in this way
did you modified, for some reason, the .acl and .htaccess files under the vqadmin dir?
Reply | Permalink
in my vhosts.conf file
Anonymous roberto puzzanghera April 27, 2014 04:18
in my vhosts.conf file,I added the following code,just copied from your instructions:
# VQADMIN <Directory "/www/htdocs/qmail/cgi-bin/vqadmin"> deny from all Options ExecCGI AllowOverride AuthConfig Order deny,allow </Directory> Alias /images/ "/www/htdocs/qmail/cgi-bin/vqadmin/images/" <Directory /www/htdocs/qmail/cgi-bin/vqadmin/images> Order allow,deny Allow from all </Directory>my .htacces in /www/htdocs/qmail/cgi-bin/vqadmin:
Reply | Permalink
what about the .acl file? I
roberto puzzanghera Anonymous April 27, 2014 11:15
what about the .acl file? I would try to restore it as the original. Double check /usr/local/etc/httpdpwd/vqadmin.passwd as well
Reply | Permalink
i used the default
Anonymous roberto puzzanghera April 27, 2014 14:59
i used the default vqadmin.acl,and didn't edit it ,just the original file:
Reply | Permalink
your vqadmin seems ok, but
roberto puzzanghera Anonymous April 27, 2014 21:12
your vqadmin seems ok, but deeper investigation is needed also in your apache. Let me know if you solve
Reply | Permalink
I have not solve this
Anonymous roberto puzzanghera April 28, 2014 03:57
I have not solve this problem,but there's another more important problem.When I enable CHKUSER by:
I can just send email,but I can't receive email,and if diabled it ,everthing is ok,I don't know why?
Reply | Permalink
It's not easy to troubleshoot
roberto puzzanghera Anonymous April 28, 2014 09:37
It's not easy to troubleshoot without details, but If you are strictly following my guide feel free to contact me in private; in that case post your tcp.smtp and run files
Reply | Permalink
The "Invalid language file" problem
nerdworks October 15, 2012 13:12
Hi,
Is it possible to use the "ln" command instead of "cp -p"?
I am worried about maintenance when upgrading vqadmin.
Thanks,
Reply | Permalink
I think that's even better
roberto puzzanghera nerdworks October 15, 2012 14:14
I think that's even better
Reply | Permalink