Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Create user with only backup permissions

    Scheduled Pinned Locked Moved webGUI
    3 Posts 3 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rbflurry
      last edited by

      Following the guide on here I have an account setup with a cron job to download my configs off all my pfsense boxes. The only thing i dont like is that this account has both backup and restore permissions.

      Is there a way to prevent the restore permissions?

      Thanks

      1 Reply Last reply Reply Quote 0
      • K
        kejianshi
        last edited by

        What could they possibly do?  Other than restore a configuration that gives them 100% admin access?  I mean…  Besides that, its all good.

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          There is a "deny config write" permission but I believe the restore process ignores that because it doesn't actually write the config in the traditional way.

          If that already doesn't work, then someone could probably add a few lines of code to the backup/restore page to deny restore if they have that permission bit set.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.