User/Group Privilege Issue



  • I am running the following pfSense version:

    2.4.4-RELEASE-p3 (amd64)
    built on Wed May 15 18:53:44 EDT 2019
    FreeBSD 11.2-RELEASE-p10

    Facing a weird issue.

    1. I have two groups LAN and VPN.
    2. LAN group is the following two privileges:
      a. User - Services: Captive Portal login and b. WebCfg - System: User Password Manager
    3. The VPN group has the following privilege:
      a. WebCfg - OpenVPN: Client Export Utility

    Now, I add a user and make him/her a member of both the groups. When the user logs in, they are only able to view the system_usermanager_passwordmg.php screen. The vpn_openvpn_export.php screen does not appear.

    When I remove the VPN group and manually add WebCfg - OpenVPN: Client Export Utility as a user privilege, it works. It's just that it does not work when it is in a different groups and a user is member of both the groups.

    I also checked by adding WebCfg - OpenVPN: Client Export Utility in the LAN group, and the user still faces the same issue.

    Tried adding other privileges and they all worked well. It's just the WebCfg - OpenVPN: Client Export Utility that is not working in either a single group or multiple groups.

    Thanks and Regards,
    -=Srijan Nandi


  • Rebel Alliance Developer Netgate

    There is no dedicated menu entry for the OpenVPN client export package, so a user with only that privilege has no way to reach it directly.

    It works by chance when it's first in the list because that's where users are automatically directed when they attempt to access a page for which they do not have privileges.


Log in to reply