Bug #9622: Changing admins membership does not replicate correctly to HA slave - pfSense - pfSense bugtracker

Actions

Copy link

Bug #9622

closed

Changing admins membership does not replicate correctly to HA slave

Added by Brian Candler over 5 years ago. Updated about 4 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Renato Botelho

Category:

XMLRPC

Target version:

2.5.0

Start date:

07/09/2019

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

Release Notes:

Affected Version:

Affected Architecture:

Description

To reproduce, on a pfSense 2.4.4-3 HA cluster

On the master: create a user which is not a member of the "admins" group
- it is created on both master and slave with /sbin/nologin as the shell in /etc/passwd, and *LOCKED* in /etc/master.passwd
On the master: move the user into the "admins" group and save
- on the master, the account works as expected
- however on the slave, the shell remains as /sbin/nologin and *LOCKED* remains in /etc/master.passwd
- as a result, the user cannot get a shell login on the slave

WORKAROUND: Delete and recreate the user with the admins group membership. But beware: this leaves the /home/USER/.ssh directory on the slave owned by the old UID, so you need to manually chown it to the new UID.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #9622

Changing admins membership does not replicate correctly to HA slave

Updated by Jim Pingle over 5 years ago

Updated by Jim Pingle over 5 years ago

Updated by Viktor Gurov over 4 years ago

Updated by Jim Pingle over 4 years ago

Updated by Renato Botelho over 4 years ago

Updated by Viktor Gurov over 4 years ago

Updated by Jim Pingle about 4 years ago