CheckPoint - Issue with command: show users

LM_51 · ‎2023-06-20

Hello all,

We are facing a problem when using a (service user - with admin rights) that connects via Radius server for a Checkpoint Device 1 and after execute the command (in clish mode): show users it logout with any error message.

Checkpoint device is on Version R81.10 Kernel: 3.10.0-957.21.3cpx86_64.

Also, on this Checkpoint Device 1 if we log wiht our regular Radius users (with admin rights), and we execute the same command (in clish mode): show users, it list the users but we get a "Segmentation fault" message at the end of the users list.

On the other hand, we have other Checkpoint Device 2 with exactly the same version and same Kernel, and it works with the same (service user - with admin rights) and with our regular Radius users.

Any ideas/solutions ?

We will appreciate.

PhoneBoy · ‎2023-06-20

Recommend a TAC case here: https://help.checkpoint.com

Chris_Atkinson · ‎2023-06-20

How does the installed Jumbo (JHF) take differ between the two machines if at all?

CCSM R77/R80/ELITE

nehakakar · ‎2023-06-23

The issue you're facing with the "show users" command on Checkpoint Device 1, causing a logout and segmentation fault, may be related to configuration or permission settings. I recommend checking the service user's configuration, verifying the Radius server settings, and comparing the configuration between Device 1 and Device 2. If the problem persists, contact Check Point support for further assistance.

LMartins · ‎2023-08-16

Hello nehakakar,

I think I found the problem regarding this link on Check Point: https://support.checkpoint.com/results/sk/sk153952

clish -c "show users" -d 5 > users_debug.txt

queryFPCandLOU(user=halt, loutoo=1)
FPC results: exp=n adm=n pol=n days=90
LOU results: exp=n adm=n pol=n tal=n non=n
Segmentation fault

The user that was causing the problem is the user "halt" /sbin/halt, my question is:

We can't delete and create this user again, right ?

Any ideas ?

Thanks in advance.

PREVI

the_rock · ‎2023-06-23

I think what @nehakakar said makes perfect sense.

Andy

LMartins · ‎2023-08-21

Hello,

I think I found the problem regarding this link on Check Point: https://support.checkpoint.com/results/sk/sk153952

clish -c "show users" -d 5 > users_debug.txt

queryFPCandLOU(user=halt, loutoo=1)
FPC results: exp=n adm=n pol=n days=90
LOU results: exp=n adm=n pol=n tal=n non=n
Segmentation fault

The user that was causing the problem is the user "halt" /sbin/halt, my question is:

We can't delete and create this user again, right ?

Any ideas ?

Thanks in advance.

PhoneBoy · ‎2023-08-21

"halt" is one of our default users that cannot be disabled/removed: https://support.checkpoint.com/results/sk/sk98678
As I suggested earlier, please consult with the TAC: https://help.checkpoint.com

LMartins · ‎2023-08-22

Thank you for your answer.

G_W_Albrecht · ‎2023-08-22

sk153952 is only valid for EOL R80.10, so contacting CP TAC is the right suggestion here...

CCSE CCTE CCSM SMB Specialist

Are you a member of CheckMates?

CheckPoint - Issue with command: show users