Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    View logs in shell

    General pfSense Questions
    4
    7
    196
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      peterlecki last edited by peterlecki

      SSH'ed into pfSense with an admin user that can configure everything in the GUI but

      [2.6.0-RELEASE][admin@pfSense.local]/: cat /var/log/filter.log
cat: /var/log/filter.log: Permission denied

      [2.6.0-RELEASE][admin@pfSense.local]/: ls -l /var/log/filter.log
-rw-------  1 root  wheel  301615 Mar 16 16:05 /var/log/filter.log

      [2.6.0-RELEASE][bisadmin@pfSense.local]/: id
uid=2000(admin) gid=65534(nobody) groups=65534(nobody),1999(admins)

      c30f61bd-409d-4d03-806e-c34189140e0c-image.png

      Apparently admin-level in GUI is not part of the wheel group?

      [2.6.0-RELEASE][admin@pfSense.local]/: sudo
sudo: Command not found.
      Gertjan 1 Reply Last reply Reply Quote 0
      • stephenw10
        stephenw10 Netgate Administrator last edited by

        Hmm. Can you access them if you login as root?

        admin should have access to that though unless you have changed the permissions somewhere.

        P 1 Reply Last reply Reply Quote 0
        • Gertjan
          Gertjan @peterlecki last edited by Gertjan

          @peterlecki said in View logs in shell:

          sudo

          That's a package :

          52fe1c04-838e-4aaf-bd05-8c40c2ea0310-image.png

          But :

          cat /var/log/filter.log

          works fine for me, as admin member of the wheel group, so has root rights.

          I can login 'ssh' into pfSense using 'root' or 'admin', I'll be 'root' at the console (checked with whoami).

          No "help me" PM's please. Use the forum.

          1 Reply Last reply Reply Quote 0
          • P
            peterlecki @stephenw10 last edited by

            @stephenw10
            I'm unable to ssh as root. I reset their password since I don't remember setting it up originally and while I can "su" into root and view logs then, I cannot ssh as root. Is this expected?

            @Gertjan
            Thanks for the tip to install the sudo executable. I can see the logs now if I sudo from the admin user, though I still get denied as just myself. It doesn't seem as though my admin user is in the wheel group as the "id" output shows.

            Anyway, I can see the logs now so thank you guys. My questions above are only because me trying to understand the "why".

            V 1 Reply Last reply Reply Quote 0
            • V
              viragomann @peterlecki last edited by

              @peterlecki
              My admin user hast shell access to the logs with these privileges:
              e3608c4e-f0df-42f4-9ef6-a96b54d85ac2-grafik.png

              1 Reply Last reply Reply Quote 1
              • stephenw10
                stephenw10 Netgate Administrator last edited by

                Yes, admin should have the ssh privilege by default but looking back it looks like yours doesn't for some reason.

                In pfSense admin and root are effectively the same account. There is no root account in the user manager. If you manually changed the root password that could cause other problems.

                Steve

                P 1 Reply Last reply Reply Quote 0
                • P
                  peterlecki @stephenw10 last edited by

                  @stephenw10 @Gertjan
                  Doh! User error. I always disable the default "admin" and create another admin user, hence why I was not able to ssh as root. This is probably why my NewAdmin is not in the "wheel" group but instead in the "nobody" group.

                  I can't add NewAdmin into wheel group due to

                  usermod: command not found

                  But now that I have "sudo" and I understand the cause for this workaround, I'm fine with it.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post