View logs in shell
-
SSH'ed into pfSense with an admin user that can configure everything in the GUI but
[2.6.0-RELEASE][admin@pfSense.local]/: cat /var/log/filter.log cat: /var/log/filter.log: Permission denied
[2.6.0-RELEASE][admin@pfSense.local]/: ls -l /var/log/filter.log -rw------- 1 root wheel 301615 Mar 16 16:05 /var/log/filter.log
[2.6.0-RELEASE][bisadmin@pfSense.local]/: id uid=2000(admin) gid=65534(nobody) groups=65534(nobody),1999(admins)
Apparently admin-level in GUI is not part of the wheel group?
[2.6.0-RELEASE][admin@pfSense.local]/: sudo sudo: Command not found.
-
Hmm. Can you access them if you login as root?
admin should have access to that though unless you have changed the permissions somewhere.
-
@peterlecki said in View logs in shell:
sudo
That's a package :
But :
cat /var/log/filter.log
works fine for me, as admin member of the wheel group, so has root rights.
I can login 'ssh' into pfSense using 'root' or 'admin', I'll be 'root' at the console (checked with whoami).
-
@stephenw10
I'm unable to ssh as root. I reset their password since I don't remember setting it up originally and while I can "su" into root and view logs then, I cannot ssh as root. Is this expected?@Gertjan
Thanks for the tip to install the sudo executable. I can see the logs now if I sudo from the admin user, though I still get denied as just myself. It doesn't seem as though my admin user is in the wheel group as the "id" output shows.Anyway, I can see the logs now so thank you guys. My questions above are only because me trying to understand the "why".
-
@peterlecki
My admin user hast shell access to the logs with these privileges:
-
Yes, admin should have the ssh privilege by default but looking back it looks like yours doesn't for some reason.
In pfSense admin and root are effectively the same account. There is no root account in the user manager. If you manually changed the root password that could cause other problems.
Steve
-
@stephenw10 @Gertjan
Doh! User error. I always disable the default "admin" and create another admin user, hence why I was not able to ssh as root. This is probably why my NewAdmin is not in the "wheel" group but instead in the "nobody" group.I can't add NewAdmin into wheel group due to
usermod: command not found
But now that I have "sudo" and I understand the cause for this workaround, I'm fine with it.