Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    User / group gone after reboot

    Development
    3
    4
    896
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Sander88 last edited by

      Hi,

      I have a custom package that creates a system user and group in the 'mypackage_custom_php_install_command':

      function mypackage_custom_php_install_command()
      {
      conf_mount_rw();

      exec("/usr/sbin/pw groupadd mygroup");
      exec("/usr/sbin/pw useradd myuser -c "My user" -g mygroup -d /nonexistent -s /usr/sbin/nologin");

      …

      conf_mount_ro();
      }

      This works, but the user and group are gone after a reboot. It worked fine on PFSense 2.0.1, but I just upgraded to the latest version 2.2.4 .

      Does someone know what's changed related to the user / group creation on PFSense (between version 2.0.1 and 2.2.4)?

      Thanks,
      Sander

      1 Reply Last reply Reply Quote 0
      • H
        heper last edited by

        i would think that it would be better to write to the config, using already created functions.

        https://github.com/pfsense/pfsense/blob/master/src/usr/local/www/system_usermanager.php#L192

        1 Reply Last reply Reply Quote 0
        • S
          Sander88 last edited by

          Thanks for your reply.

          I don't want to use the user manager functions as I'm creating a service user/group (users should not see/edit this through the web interface.) But your anwser helped me finding out what's causing the issue. I came across this function: https://github.com/pfsense/pfsense/blob/master/src/etc/inc/auth.inc#L348 . The function 'local_sync_accounts' removes my user and group after a reboot. I solved it by changing my uid/gid to a value below 2000 .

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned last edited by

            This is used in lots of packages without any problem. Yeah, keep those package accounts outside the reserved range.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post