do /home/$USER/** changes persist across reboots?

mcarifio

I created a new user nu using the gui, added nu to the sudo group and made sudoers passwordless. I also added /home/nu/.ssh/**. Then rebooted. It looks like the changes disappeared. I'm new to pfsense (2.4.5-p1 installed). It seems like some configuration stuff is reconstituted on boot and some disappears. For example, chsh -s /usr/local/bin/bash disappears because /etc/password is reconstituted on boot(?).

What's preserved? What's overwritten? I want bash to be the shell throughout. I want ~/.ssh to stick around. Please advise. Thanks.

stephenw10

All of pfSense's config is stored in the central config file. That is used to generate the various conf files required at boot.
If you need to use sudo you should use the package for that:
https://docs.netgate.com/pfsense/en/latest/packages/sudo.html

Of course many, many things are not used by pfSense at all so are not created/re-created. You can modify those but they may be lost at upgrade and would not be retained across a backup/restore.

Steve

mcarifio

Thank you.

Is there a log of what /conf/config.xml generates? I guess it makes some sense that config.xml is authoritative and would overwrite changes made outside of it. But one of pfsense's attractions is command line access and looking "under the covers" at what the router is doing.

I'm a little less sanguine about losing changes during an upgrade or restore, making it less likely that I'll do either. I've installed over zfs, which means I could do some kind of "snapshot" before an operation and perhaps diff changes. I don't know all that much about zfs either. I guess now's the time to learn.

stephenw10

I don't think there is a log beyond what's written to the console and system log at boot.

Steve

mcarifio

Ty @stephenw10 for the quick response(s).

mcarifio

For the next guy/gal: to retain (the illusion of) bash as the login shell across reboots, I did the following:

• I installed the shellcmd package via the webui.
• I added the following "command line" as a "shellcmd": test -x /usr/local/bin/bash && for u in root nu; do chsh -s /usr/local/bin/bash $u; done

I don't touch the default shells /bin/sh and /bin/tcsh. I think the one-liner above is executed by /bin/sh which is very similar to bash (except for differences, which I've never memorized). The one-liner is tested (I did a reboot).

According to the documentation, I could have created something like /usr/local/etc/rc.d/bash-again.sh, made it executable and it would execute on boot. I'm pretty sure I'll go there next, since I want to re-establish other things on boot. In particular, I dislike that ~{root,nu}/.profile seems to be overwritten on startup. I'll be reverting my changes back, ty very much.

If this reads a little hacky to you, well, yes, yes it is. Being new to pfsense, I guess there are some good reasons (control, repeatability) to change the login scripts. I realize this a "router appliance" first and a FreeBSD box second, regardless of my insistence to make it more like the later. But it also surprised the heck out of me. So indulge the noob for talking out of school and bloviating about his hopes and dreams.