Project

General

Profile

Actions

Bug #4140

closed

Password protect console menu setting not preserved on upgrade

Added by Phillip Davis almost 10 years ago. Updated almost 10 years ago.

Status:
Resolved
Priority:
Normal
Category:
Console Menu
Target version:
Start date:
12/22/2014
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.2
Affected Architecture:

Description

1) Select "Password protect the console menu" from System->Advanced, Admin and press Save. The console now prompts for login in real time.
2) Reboot to confirm the setting is preserved - yep, all good - the console prompts for login at the end of the boot output.
3) Upgrade to latest snapshot.
4) Console is no longer password protected. (but config.xml has <disableconsolemenu/> correctly in it)
5) Reboot (any number of times) - console is never password protected.
6) Go to System->Advanced, Admin and press Save. Now the password protect is implemented.

The underlying cause seems to be that pfsense-utils.inc/setup_serial_port() is only called by config.lib.inc/reset_factory_defaults() and directly from system_advanced_admin.php

setup_serial_port() modifies /etc/ttys to implement the required settings on the appropriate tty entry/s.

On a nanoBSD upgrade, that needs to be done to the new /etc/ttys on the new slice. But there does not seem to be any code that does it during or after the upgrade. I looked on 2.1.5 also, and it looks like there is nothing there either and that an upgrade from an earlier version to 2.1.5 might have this same issue.

I do not know about a full upgrade - perhaps /etc/ttys will be overwritten by the upgrade file, or perhaps it will be left in place and thus will work.

I made this very high priority because it effects a user-selected security setting.

Forum topic: https://forum.pfsense.org/index.php?topic=85624.0

Actions

Also available in: Atom PDF