OPNsense Forum

English Forums => 18.7 Legacy Series => Topic started by: mestafin on November 15, 2018, 02:57:00 pm

Title: Can't Create Users or Groups - No Permissions
Post by: mestafin on November 15, 2018, 02:57:00 pm
I am running version 18.7.7 in HA cluster

We use the local database for authentication of users

When logged in as root on the primary fw, it is not possible to create a new User or a new User Group.

The error message is:

You do not have permission to perform this action.

What am I missing here?
Title: Re: Can't Create Users or Groups - No Permissions
Post by: mestafin on November 16, 2018, 09:56:48 am
Anybody with any help or advice?

Where can I search for log files or other help to debug this problem?
Title: Re: Can't Create Users or Groups - No Permissions
Post by: mestafin on November 16, 2018, 01:18:58 pm
I think I have a bigger problem with the permissions.

When logged in as root,  I can create a Backup, but I can't restore a backup configuration

Any help on where to look?
Title: Re: Can't Create Users or Groups - No Permissions
Post by: franco on November 16, 2018, 06:32:25 pm
Sure, this is a security fix of 18.7.7 in action:

https://github.com/opnsense/changelog/blob/master/doc/18.7/18.7.7#L5-L11

Your root user, for one reason or another, has the "deny-config-write" privilege which prevents you from doing these things.

If you have another admin, simply remove that from the root user or the offending group...


Cheers,
Franco
Title: Re: Can't Create Users or Groups - No Permissions
Post by: mestafin on November 17, 2018, 10:09:25 am
I don't have another admin user.

How and where do I remove the "deny-config-write" privilege to be able to add more users and user groups?
Title: Re: Can't Create Users or Groups - No Permissions
Post by: mestafin on November 19, 2018, 06:32:24 pm
Gentlemen,

I desperately need to fix this issue to allow me to add users and user groups.

The suggested solution does not help me at all.

I have no idea where and how to remove the "deny-config-write" privilege.

Can someone please explain to me how to do this, given that I don't have another user with admin privileges?
Title: Re: Can't Create Users or Groups - No Permissions
Post by: franco on November 20, 2018, 06:17:19 am
Do you have SSH access?