They have to be a system user.
vim /etc/webmin/miniserv.users
looks like:
ops:x:0:: blabla:password:0::
where:
x = uses the users system password
hashedpassword = the actual password for non-system user. (and no, I haven’t worked out how to calculate them)
Now you need to specify what they can access.
vim /etc/webmin/webmin.acl (if it doesn't exist, create it.)
root: acl at autorpm backup bsdexports burner cdbackup cpan cron custom dfsadmin dnsadmin download fdisk file firewall format fsdump hpuxexports inetd init inittab lilo logviewer man mount net nettools pam passwd proc quota raid rinetd servers sgiexports shell shorewall software status syslog time useradmin usermin webmin webminlog xinetd updown ops: backup init cdbackup burner passwd shell custom quota mount download xinetd file fsdump lilo firewall raid logviewer net nettools pam fdisk cpan proc at cron shorewall software inittab man syslog time status updown usermin useradmin webminlog webmin servers acl rinetd
Keep each user part on one line (no returns), single-spaced. Most of the modules are obvious, I gave ops complete access. Restart webmin for the new user(s) to take effect.