Project

General

Profile

Actions

Bug #7883

closed

Aliases can only be deleted by some users

Added by Felix Wolfsteller about 7 years ago. Updated about 7 years ago.

Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
09/21/2017
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

We have following setup:
- pfsense 2.3.4-RELEASE-p1
- one default admin user
- one user with all privileges assigned and admin group membership

When using the Diagnostics DNS lookup an firewall alias is created (why?), however only the "admin" admin user can delete these aliases.

Actions #1

Updated by Felix Wolfsteller about 7 years ago

So, new insights (and the bug in that form can be closed):
- alias generation was not automatic but user triggered
- the user in question was member of a second group
- although ALL priviledges were assigned manually (and inherited by the admin group), apparently the more restrictive permissions of the second group seem to have interfered with the effective privileges (although this was not reflected in the GUI).
- A similar issue arose when editing dhcp pools. The GUI presented a success-message, although the values were not changed.

I believe a follow-up issue would be advisable.

Actions #2

Updated by Jim Pingle about 7 years ago

  • Status changed from New to Not a Bug

Most likely they had the 'deny config write' privilege which will do exactly this, and it's expected. On 2.4 it will log an error in that case.

Actions

Also available in: Atom PDF