Ubuntu 22 LTS - Existing admin❌117:

I am trying to install hestia on a fresh install of Ubuntu 22. Following lines are giving an error:

hst-install.sh

Check admin group

if [ ! -z “$(grep ^admin: /etc/group)” ] && [ -z “$1” ]; then
echo “Error: group admin exists”
echo
echo ‘Please remove admin group before proceeding.’
echo ‘If you want to do it automatically run installer with -f option:’
echo “Example: bash $0 --force”
exit 1
fi

hst-install-ubuntu.sh

Checking admin user account

if [ -n “$(grep ^admin: /etc/passwd /etc/group)” ] && [ -z “$force” ]; then
echo ‘Please remove admin user account before proceeding.’
echo ‘If you want to do it automatically run installer with -f option:’
echo -e “Example: bash $0 --force\n”
check_result 1 “User admin exists”
fi

There exists admin:x:117: in the group file. I do not understand why the installer should check this and throw an error, if there is no entry in /etc/passwd.

Solution:
Remove from the above code /etc/group.

It checks if there is an admin group as it might conflict with permissions

Add -f to the installer and it will resolve it self

Hello Eris,

Your solution is a wrong solution. You cannot have a check in the default installation as there are Ubuntu 22 images around with admin group as a default.

To use the term admin in username is an extremely stupid idea. I would have had something like vadmin in vesta or hadmin in hestia.

Correct solution is to remove /etc/group from above. There is no reason to make such a lot of fuss of check with groups. This was a default in the fresh installation of Ubuntu.

By the way, I do not care if you change this. I have modified the Hestia installer because I only use a modified local installer. The solution is for others, who will have default admin /etc/group in their fresh installation.

I know

Should change it

Hello Eris!

Yes, very correct and extremely necessary. This is actually the most urgent thing, of changing the admin as user name.

The best is to allow an admin to choose the username of admin user. Then it is more secure.

Alternatively, it would be good to generate one username and enter in the hestia.conf dynamically with a GLOBAL for e.g. —> ADMINUSER=xXySdcX67h. Then in the script user $ADMINUSER.

In the fresh installation of Ubuntu 22, the group number 113 with the name was admin but there was no user admin. Hence, I could not install. In the default installer, it gave an error, that there is a user with name admin. But there was not any.

The “admin” user is used for 3 things:

  1. The admin user for login. With extra permissions and capable of editing all users
  2. Hestia runs for the web panel also under the same reason
  3. Cronjob are currently run under the admin user.

The PR I linked will solve the following issues:

Run Hestia under a new user called “Hestia-web” ssh and login is by default disabled

On new installs:

Give the option to the user to “pick” their own username and password and create a the new “user” without any admin permissions. This would mean users are not able to login as their admin user and run commands as v-list-user and so on.

Cronjob are created as file on the user. Still need to find a solutions to edit / change them

See Improve security by running Hestia under a new user by jaapmarcus · Pull Request #2835 · hestiacp/hestiacp · GitHub