• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

How to add another user as root in pfsense?

Scheduled Pinned Locked Moved General pfSense Questions
3 Posts 3 Posters 3.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • V
    vahid
    last edited by Sep 2, 2017, 5:50 AM

    Hey there,

    I want to have two root users.
    Reason? I have a remote shell script which will connect to pfsense and call the changepassword php script inside the pfsense but since the root user is executing the rc.init at his login phase it doesn't let me to run my script. So my idea is having another root user without any shell menu and do the rest of the work.
    I'm using kitty as ssh connection tool and following is my shell command :

    kitty -ssh 192.168.20.1 -l admin2 -pw qwerty -cmd "pfSsh.php playback /etc/phpshellsessions/changepassword\nvahid\n1234\n1234\n"

    I also add the admin2 to wheel group but yet I can't change password and shell says :

    pw: you must be root

    Is there anyway to make my admin2 a real root? or should I remove the rc.init from root user?

    1 Reply Last reply Reply Quote 0
    • G
      Gertjan
      last edited by Sep 2, 2017, 8:43 AM

      So, I rephrase : you want "root only task" to be done by another "root" ?
      Remember, this is not some FreeBSD or Linux box, but a 'simple' firewall.
      Maybe adding another root is possible, but this is pfSense. Changing systems files do not persist during upgrade (so people tend NOT to upgrade anymore ….  >:(), etc etc etc.

      Having the web server, whose is executing the php code, modify root files .... well ....  many have been shot last century for trying to do just that. It was decided that these kind of thoughts were considered as "design flaws" at best. Still, do this for a company and will get you fired.

      But ok.
      What about a cron script, running with root access, that runs every, let say : 1 minute, and checks if "a file" exists. This file will be created by the web server running on pfSense. You (the php script user / visitor)  puts in the file the name and password or what ever you want.
      Your cron will test the file for existence, and if exists, read it - delete it, and modify the user + password accordingly.
      Your php code will just create the file 'somewhere'. Remember that changes would be applied within 1 minute max.

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by Sep 2, 2017, 8:50 AM

        Install the sudo package and use sudo. That's what everyone does, instead of creating another root.

        1 Reply Last reply Reply Quote 0
        1 out of 3
        • First post
          1/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received