Giters

webmin / authentic-theme

Official theme for the best server management panel of the 21st Century

Home Page:https://authentic-theme.com

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Left pane of the File Manager not functioning

tahder opened this issue · comments

commented

The left pane of the File Manager doesn't work (with big X) and displays an error message (see bottom right)
image

Based on the logs got related to authentic-theme on the file-manager library.

[01/Sep/2023:17:19:45 +1200] miniserv.pl started

[01/Sep/2023:17:19:45 +1200] Using MD5 module Digest::MD5

[01/Sep/2023:17:19:45 +1200] Using SHA512 module Crypt::SHA

[01/Sep/2023:17:19:45 +1200] PAM authentication enabled

[01/Sep/2023:17:19:46 +1200] Restarting

[01/Sep/2023:17:19:47 +1200] miniserv.pl started

[01/Sep/2023:17:19:47 +1200] Using MD5 module Digest::MD5

[01/Sep/2023:17:19:47 +1200] Using SHA512 module Crypt::SHA

[01/Sep/2023:17:19:47 +1200] PAM authentication enabled

Error: You are not allowed to access `/home/students/home/10000401/.usermin`. The only allowed directories are: `/home/students/home/10000401`. <sup class="ui_help" aria-label="/usr/libexec/usermin/authentic-theme/extensions/file-manager/file-manager-lib.pl (line 76)" data-tooltip><samp>?</samp></sup>

Error: You are not allowed to access `/home/students/home/10000401/.usermin/filemin`. The only allowed directories are: `/home/students/home/10000401`. <sup class="ui_help" aria-label="/usr/libexec/usermin/authentic-theme/extensions/file-manager/file-manager-lib.pl (line 76)" data-tooltip><samp>?</samp></sup>

Error: You are not allowed to access `/home/students/home/10000401/.usermin/mailbox`. The only allowed directories are: `/home/students/home/10000401`. <sup class="ui_help" aria-label="/usr/libexec/usermin/authentic-theme/extensions/file-manager/file-manager-lib.pl (line 76)" data-tooltip><samp>?</samp></sup>

[01/Sep/2023:17:20:48 +1200] Restarting

[01/Sep/2023:17:20:51 +1200] miniserv.pl started

[01/Sep/2023:17:20:51 +1200] Using MD5 module Digest::MD5

[01/Sep/2023:17:20:51 +1200] Using SHA512 module Crypt::SHA

[01/Sep/2023:17:20:51 +1200] PAM authentication enabled

Using the 'Frame Theme' got no displays of errors. However, the user much prefer the default theme (Authentic themee). as they accustomed to it and no idea what really cause it perhaps when upgrading the usermin/webmin as currently using the 2.002 version.
image

commented

Downgraded the usermin to 1.791, seems the File Manager is stable on this theme.

Got issues on 1.8xx and 2.xxx.

commented

Hello,

Is this Virtualmin created user? If not, how exactly did you create the user with which you're having this issue?

Did you perhaps change ACLs for this user you're having an issue with?

Are you logging in to Webmin (port 10000) or Usermin (port 20000).

commented

Hi @iliajie

Virtualmin not installed on this server and no ACLs been altered, the user is authenticated via mysql_pam. On the current setup only admin users able to use the webmin (port 10000) and the rest via Usermin (20000) as limit the functionality to use specific modules (even though possible to webmin).

As per tested again and allowed 1 user to use webmin, it doesn't have such an issue. Referring to Webmin 2.102, Authentic theme version 21.05.

image

In other words, only Usermin version above 1.791 have an issue with the File Manager.

commented

To streamline the troubleshooting process and save both time and effort, could you please provide detailed steps to reproduce the issue you're encountering? I recommend starting by creating a new Unix user named usermin-test. Document each step you take so that the issue can be reproduced consistently. Once you've done this, kindly share the steps with me. As I mentioned earlier, I have not been able to replicate the problem on my end.

Before we proceed further, could you please manually restart both Webmin and Usermin? After doing so, test to see if the issue persists when using a different browser in private or incognito mode.

Thank you!

commented

Restarting both webmin/usermin been tested previously and even using different browsers or it's privacy mode but still no avail.

These are the steps for further testing:

  1. I tried to create a new user as per suggested, still using the Usermin 1.791, & Authentic theme version 19.45
    useradd test101 passwd test101

  2. As I used jailed environment
    jk_jailuser -m -s /usr/bin/bash -j /home/students test101

  3. Login to usermin - works as expected (able to browse using the left pane in the file manager)

  4. Upgrade the usermin, as got in the repo (anyways can do via web dashboard directly to the webmin site)
    dnf update usermin

  5. Login to usermin using test101 (in this upgraded to Usermin 2.002, Authentic theme version 21.05), it works then logout. Try to login old users/accounts - it doesn't works

  6. Restart usermin/webmin - login back test101, this time left pane malfunctions and displays those errors, same as those old accounts.

As per observation it created in the url https://example.com:20000/filemin/index.cgi?path=home%252Fstudents%252Fhome%252Ftest101%252F.usermin&xnavigation=1
You are not allowed to access /home%2Fstudents%2Fhome%2Ftest101%2F.usermin. The only allowed directories are: /home/students/home/test101.

By removing any path (after index.cgi) will refresh the File Manager - https://example.com:20000/filemin/index.cgi

image

Further observation on the old File Manager using Usermin 1.791, you can specify the accessible directories.
image

But for the new one (latest one), it doesn't have similar options (configurations), which I think this caused the issue.
image

Hope this helps.

Currently downgrading back (so user's not notice it :-) )
dnf downgrade usermin-1.791-1

commented

Further observation on the old File Manager using Usermin 1.791, you can specify the accessible directories.

Yes, I remember we decided to remove this option.

You are not allowed to access /home%2Fstudents%2Fhome%2Ftest101%2F.usermin. The only allowed directories are: /home/students/home/test101.

You may want to edit/create /etc/webmin/filemin/test101.acl file with the following configuration:

noconfig=1
work_as_user=test101
allowed_paths=/home/students/home/test101
work_as_root=0

.. it should work then, I think.

commented

You may want to edit/create /etc/webmin/filemin/test101.acl file with the following configuration:

noconfig=1
work_as_user=test101
allowed_paths=/home/students/home/test101
work_as_root=0

.. it should work then, I think.

I tried it's working well on webmin, and add the same configuration on the /etc/usermin/filemin/test101.acl, need to create that file. Thanks.

Are there any general configurations? as got more than 300 users which I need to recreate, even though can run a script. Tried using allowed path using a generic acl file using allowed_path=/home/students/home/$USER or add the work_as_user=$USER but not working as expected.