Can't Create Users or Groups - No Permissions

Started by mestafin, November 15, 2018, 02:57:00 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 15, 2018, 02:57:00 PM
I am running version 18.7.7 in HA cluster

We use the local database for authentication of users

When logged in as root on the primary fw, it is not possible to create a new User or a new User Group.

The error message is:

You do not have permission to perform this action.

What am I missing here?
November 16, 2018, 09:56:48 AM #1
Anybody with any help or advice?

Where can I search for log files or other help to debug this problem?
November 16, 2018, 01:18:58 PM #2
I think I have a bigger problem with the permissions.

When logged in as root,  I can create a Backup, but I can't restore a backup configuration

Any help on where to look?
November 16, 2018, 06:32:25 PM #3
Sure, this is a security fix of 18.7.7 in action:

https://github.com/opnsense/changelog/blob/master/doc/18.7/18.7.7#L5-L11

Your root user, for one reason or another, has the "deny-config-write" privilege which prevents you from doing these things.

If you have another admin, simply remove that from the root user or the offending group...


Cheers,
Franco
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
November 17, 2018, 10:09:25 AM #4
I don't have another admin user.

How and where do I remove the "deny-config-write" privilege to be able to add more users and user groups?
November 19, 2018, 06:32:24 PM #5
Gentlemen,

I desperately need to fix this issue to allow me to add users and user groups.

The suggested solution does not help me at all.

I have no idea where and how to remove the "deny-config-write" privilege.

Can someone please explain to me how to do this, given that I don't have another user with admin privileges?
November 20, 2018, 06:17:19 AM #6
Do you have SSH access?
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
Print
Go Up Pages1
User actions