This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
LM_51
Explorer
‎2023-06-20 03:08 AM

CheckPoint - Issue with command: show users

Hello all,

We are facing a problem when using a (service user - with admin rights) that connects via Radius server for a Checkpoint Device 1 and after execute the command (in clish mode): show users  it logout with any error message.

Checkpoint device is on Version R81.10 Kernel: 3.10.0-957.21.3cpx86_64.

Also, on this Checkpoint Device 1 if we log wiht our regular Radius users (with admin rights), and we execute the same command (in clish mode): show users, it list the users but we get a "Segmentation fault" message at the end of the users list.

On the other hand, we have other Checkpoint Device 2 with exactly the same version and same Kernel, and it works with the same  (service user - with admin rights) and with our regular Radius users.

 

Any ideas/solutions ?

We will appreciate.

 

  

0 Kudos
9 Replies
PhoneBoy
Admin
Admin
‎2023-06-20 02:45 PM

Recommend a TAC case here: https://help.checkpoint.com

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2023-06-20 06:24 PM

How does the installed Jumbo (JHF) take differ between the two machines if at all?

 

CCSM R77/R80/ELITE
0 Kudos
nehakakar
Participant
‎2023-06-23 04:42 AM

The issue you're facing with the "show users" command on Checkpoint Device 1, causing a logout and segmentation fault, may be related to configuration or permission settings. I recommend checking the service user's configuration, verifying the Radius server settings, and comparing the configuration between Device 1 and Device 2. If the problem persists, contact Check Point support for further assistance.

LMartins
Participant
‎2023-08-16 06:48 AM
In response to nehakakar

Hello nehakakar,

I think I found the problem regarding this link on Check Point:  https://support.checkpoint.com/results/sk/sk153952 

clish -c "show users" -d 5 > users_debug.txt

queryFPCandLOU(user=halt, loutoo=1)
FPC results: exp=n adm=n pol=n days=90
LOU results: exp=n adm=n pol=n tal=n non=n
Segmentation fault

The user that was causing the problem is the user "halt" /sbin/halt, my question is:

We can't delete and create this user again, right ?

Any ideas ?

Thanks in advance.

0 Kudos
the_rock
Legend
Legend
‎2023-06-23 06:03 AM

I think what @nehakakar said makes perfect sense.

Andy

LMartins
Participant
‎2023-08-21 01:47 AM
In response to the_rock

Hello,

I think I found the problem regarding this link on Check Point:  https://support.checkpoint.com/results/sk/sk153952 

clish -c "show users" -d 5 > users_debug.txt

queryFPCandLOU(user=halt, loutoo=1)
FPC results: exp=n adm=n pol=n days=90
LOU results: exp=n adm=n pol=n tal=n non=n
Segmentation fault

The user that was causing the problem is the user "halt" /sbin/halt, my question is:

We can't delete and create this user again, right ?

Any ideas ?

Thanks in advance.

0 Kudos
PhoneBoy
Admin
Admin
‎2023-08-21 07:49 AM
In response to LMartins

"halt" is one of our default users that cannot be disabled/removed: https://support.checkpoint.com/results/sk/sk98678
As I suggested earlier, please consult with the TAC: https://help.checkpoint.com 

LMartins
Participant
‎2023-08-22 01:21 AM
In response to PhoneBoy

Thank you for your answer.

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2023-08-22 01:47 AM
In response to LMartins

sk153952 is only valid for EOL R80.10, so contacting CP TAC is the right suggestion here...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top