This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Hugo_vd_Kooij
Advisor
‎2023-11-01 01:49 AM
Jump to solution

Segmentation fault on `show configuration user`

I ran  into Segmentation fault on `show configuration user` on a customer.

Which breaks also the `show configuration` command as a whole.

I started tick 6-0003764714 as the issue was not on any of the normal users I investigated as part of sk181503 .

But Check Point support found the issue with the cpsho_user which was lacking a homedir. And that user was totally unknown to me. But then I stumbled into sk181305 .

I found the issue on multiple customers that have been upgraded to R81.10 or R81.20 so far.

 

<< We make miracles happen while you wait. The impossible jobs take just a wee bit longer. >>
1 Solution

Accepted Solutions
Tal_Paz-Fridman
Employee
Employee
‎2024-01-07 05:32 AM
In response to ptuttle_2
Jump to solution

Please refer to sk181626 "show configuration user" command fails with "Segmentation fault" on the Security Management Server:

https://support.checkpoint.com/results/sk/sk181626

 

It should be fixed in JHF listed in the SK

View solution in original post

12 Replies
PhoneBoy
Admin
Admin
‎2023-11-01 10:59 AM
Jump to solution

There have been a few posts on this topic also.
Checking the configuration of the cpsho_user seems like an easy thing to do if you encounter the error.

0 Kudos
the_rock
Legend
Legend
‎2023-11-01 08:05 PM
Jump to solution

Interesting...will test this Thursday in my lab and report back, as I have everything on R81.20 jumbo 38.

Regards,

Andy

0 Kudos
the_rock
Legend
Legend
‎2023-11-02 12:19 PM
Jump to solution

Just tested, R81.20 jumbo 38, tested 6 machines, none had a problem.

Output from the mgmt server.

Andy

 

CP-management> show configuration user
set user admin shell /bin/bash
set user admin password-hash $6$rounds=10000$DcYQF3mR$7DC.LH6mWOTD0whVsqZNGacWzUFgdw/Hvs4RhbE8IYkIrTJtVkmRz3VPQskBQYhQY/OanpB8nzqQNugZQEIT11
set user monitor shell /etc/cli.sh
set user monitor password-hash *
CP-management>

0 Kudos
JozkoMrkvicka
Mentor
Mentor
‎2023-11-02 03:46 PM
In response to the_rock
Jump to solution

any hit within /etc/passwd or /etc/shadow ?

Is web SmartConsole working fine ?

sk181305 says that the platform is Smart-1 only. It might be that such a user is created only on physical Smart-1 appliances and not on VMs ?

Also not sure if running SMS vs. MDS might be the difference here...

Kind regards,
Jozko Mrkvicka
0 Kudos
JozkoMrkvicka
Mentor
Mentor
‎2023-11-02 04:03 PM
Jump to solution

interesting discussion (or fight) already opened:

https://community.checkpoint.com/t5/General-Topics/cpsho-user-config-pushed-from-Check-Point/m-p/187...

Kind regards,
Jozko Mrkvicka
the_rock
Legend
Legend
‎2023-11-02 04:49 PM
In response to JozkoMrkvicka
Jump to solution

Agree...definitely related.

Andy

0 Kudos
Itai_Minuhin
Employee
Employee
‎2023-11-07 06:06 AM
Jump to solution

Hello, 

I'm happy to update that this issue has a fix, ready to be released.

The fix will be released as part of the next R81.10 and R81.20 jumbo hotfixes.   

R81.20 JHF is expected to be released during this month, and R81.10 JHF towards end of 2023. 

If a private fix is required, please refer to sk181626 to get a hotfix.

 

Best Regards, 

Itai

0 Kudos
ptuttle_2
Contributor
‎2024-01-05 12:54 PM
Jump to solution

yup,  We just ran into this.  Upgraded all 4 of our Managers from Jumbo 110 to 130.  Could not do several commands or even a show configuration on any of them without segmentation error.  Put the directory for cpsho_user. now all commands work including our back product.  

0 Kudos
Tal_Paz-Fridman
Employee
Employee
‎2024-01-07 05:32 AM
In response to ptuttle_2
Jump to solution

Please refer to sk181626 "show configuration user" command fails with "Segmentation fault" on the Security Management Server:

https://support.checkpoint.com/results/sk/sk181626

 

It should be fixed in JHF listed in the SK

ptuttle_2
Contributor
‎2024-01-09 05:49 AM
In response to Tal_Paz-Fridman
Jump to solution

Thanks for the SK, but in our case our R81.20 Managers were fine, and this user (cpsho_user) was not added by Check Point.  The problem happened because Check Point added this user (cpsho_user) in our R81.10 Managers. By the way our NERC-CIP auditors are going to have a good time with this one!!!

The SK should be a bit clearer. For example, it should maybe mention that even if the user you're logging in with has everything correct it still does not matter and still produces this segmentation fault.  ALL users in the system need to be correct with all the correct configuration information.  In our case cpsho_user was added by some Check Point jumbo or process without adding a home directory.  There does not seem to be a jumbo take for R81.10 that addresses this?

-pat

 

0 Kudos
Tal_Paz-Fridman
Employee
Employee
‎2024-01-10 01:39 PM
In response to ptuttle_2
Jump to solution

Hi Pat,

I have sent this to the relevant owners in R&D.

Thanks

0 Kudos
Tal_Paz-Fridman
Employee
Employee
‎2024-01-11 12:25 AM
In response to Tal_Paz-Fridman
Jump to solution

Talked to R&D and TLM owners. It should also be fixed in the upcoming R81.10 JHF, probably in January.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events