Webmin has always had the ability to support multiple users, each limited to
a subset of the available modules. This can be useful for delegating certain
administrative tasks to other people, but has been limited by the power of
even seemingly harmless modules. For example, a user with only access to the
Scheduled Cron Jobs module would still have access to the
entire system by creating cron jobs to be run as root.
Version 0.71 gives the master admin the power to further limit what other
users can do. When the name of a module assigned to a user in the Webmin
Users module is clicked on, a list of more fine-grained privileges for
will be displayed (if available). For example, the additional access control
options for the Scheduled Cron Jobs module allow the administrator
to limit which Unix users another Webmin user can manage cron jobs for.
Not all modules yet have additional access control options, mostly because
fine-grained control is not useful. Modules with additional controls are :
Users can be limited to configuring certain virtual servers.
BIND 4/8 DNS Server
Can limit which DNS zones users can edit records in.
Scheduled Cron Jobs
Can configure which Unix users cron jobs can be created and edited for.
Partitions on Local Disks
Users can be allowed to only partition certain disks.
Can configure the Unix user files are accessed as.
Bootup and Shutdown Actions
Can allow users to only reboot or shutdown the system.
Majordomo List Manager
Users can be limited to managing selected lists only.
Can configure the Unix user processes are started or killed as.
Can allow the configuration of quotas only for selected users or groups.
Users can be limited to certain sendmail features, aliases and domains.
Users, Groups and Passwords
The Webmin user can be allowed to edit only certain users and groups,
to assign users to selected groups only, and to create users with UIDs
above some minimum.