Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: Plcstenberg on September 10, 2024, 09:56:27 AM

Title: 'This account is currently not available' even after wipe
Post by: Plcstenberg on September 10, 2024, 09:56:27 AM
I recently moved country's and tried booting my router back up and couldn't log in via the GUI.  When I consoled in I got this error message.

All the initial troubleshooting and searching alluded to either the log files completely filling up my drive or a problem with SSH.  I wasn't getting slow performance and it was relatively empty before the move but I went with it and just wiped the router and started over.   I even went one config file back before I set up SSH just in case.   

Well I tried logging in and I still get this error message in the console.  What am I missing?  What else could be happening that I've messed up?

----------------fix-------------------
So as was pointed out below the issue was my accounts were set to use nologon as the shell.  I had disabled root (rookie mistake) so I needed to restart in single-user mode and reenable the root user
To save you some searching:
/sbin/mount -u /
/sbin/zfs mount -n
opnsense-shell password
{type a new password twice}
reboot
I could log in as root via console but for some reason the GUI was still timing out, so in console I added the same IP address to the same interface and rebuilt the self-signed cert for the webUI and bam, login with my standard user worked again.
I added /sch to the authorized shell for good measure.  It looks like with the new update for 24.7 the opnsense-shell is limited to root user only

Hope this helps someone else and thanks again to the guys parsing through the code to help me find what I needed.
Title: Re: 'This account is currently not available' even after wipe
Post by: Patrick M. Hausen on September 10, 2024, 10:00:08 AM
Can you log in to the web UI and examine the account's settings? Possibly the shell is set to "nologin".
Title: Re: 'This account is currently not available' even after wipe
Post by: doktornotor on September 10, 2024, 10:07:35 AM
Yeah, that's pretty much the only place with that string.

https://github.com/opnsense/src/blob/stable/24.7/usr.sbin/nologin/nologin.c#L32
Title: Re: 'This account is currently not available' even after wipe
Post by: Plcstenberg on September 10, 2024, 04:47:57 PM
Quote from: Patrick M. Hausen on September 10, 2024, 10:00:08 AM
Can you log in to the web UI and examine the account's settings? Possibly the shell is set to "nologin".

I tried logging into the GUI. It just hangs or says unavailable
Title: Re: 'This account is currently not available' even after wipe
Post by: Plcstenberg on September 10, 2024, 04:51:33 PM
I'm still not super great at reading code.  Is this saying im giving a null login?
Title: Re: 'This account is currently not available' even after wipe
Post by: doktornotor on September 10, 2024, 05:10:05 PM
You are trying to login with user account that has nologin as shell. And on another note, only admin group can use SSH and shell.
Title: Re: 'This account is currently not available' even after wipe
Post by: Plcstenberg on September 11, 2024, 04:51:00 PM
Quote from: doktornotor on September 10, 2024, 05:10:05 PM
You are trying to login with user account that has nologin as shell. And on another note, only admin group can use SSH and shell.

thank you for the help.  I chased this down and i can log in again.
im going to update the main for my fix action
Text only | Text with Images