- Products
- Learn
- Local User Groups
- Partners
- More
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
Join our TechTalk: Malware 2021 to Present Day
Building a Preventative Cyber Program
Be a CloudMate!
Check out our cloud security exclusive space!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Hi Checkmates,
We able to see "bashxx" instead of "Expert with hostname".
In clish mode its showing as per the expectation 👍
Able to run Expert related command👍
1. For testing we change the shell to /bin/bash/ but no luck 👎
Reboot is Pending for test but can't because its a live environment.
Please help if any one face this kind of issue or anyone have any suggestion.
"/etc/passwd" of FW1 :
admin:x:0:0::/home/admin:/bin/bash
monitor:x:102:100:Monitor:/home/monitor:/etc/cli.sh
root:x:0:0:root:/root:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
postfix:x:1001:1001:Postfix:/home/postfix:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
pcap:x:77:77::/var/arpwatch:/sbin/nologin
halt:x:7:0:halt:/sbin:/sbin/halt
cp_postgres:x:1008:0:Postgres:/home/cp_postgres:/bin/sh
cp_extensions:x:8086:1:CP Extensions:/home/cp_extensions:/bin/sh
bsphcl:x:0:0:Bsphcl:/home/bsphcl/:/etc/cli.sh (Additional Line which not available on FW2 which showing bash)
cpep_user:x:1500:1500::/home/cpep_user:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
_nonlocl:x:96:100:Non-local user:/home/_nonlocl:/etc/cli.sh
sshd:x:74:74:Privilege-separated:/var/empty/sshd:/sbin/nologin
"/etc/passwd" of FW2 :
admin:x:0:0::/home/admin:/bin/bash
monitor:x:102:100:Monitor:/home/monitor:/etc/cli.sh
root:x:0:0:root:/root:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
postfix:x:1001:1001:Postfix:/home/postfix:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
pcap:x:77:77::/var/arpwatch:/sbin/nologin
halt:x:7:0:halt:/sbin:/sbin/halt
cp_postgres:x:1008:0:Postgres:/home/cp_postgres:/bin/sh
cp_extensions:x:8086:1:CP Extensions:/home/cp_extensions:/bin/sh
cpep_user:x:1500:1500::/home/cpep_user:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
_nonlocl:x:96:100:Non-local user:/home/_nonlocl:/etc/cli.sh
sshd:x:74:74:Privilege-separated:/var/empty/sshd:/sbin/nologin
Your admin shell is set to bash: admin:x:0:0::/home/admin:/bin/bash, that's why.
Set to cli.sh, similar to "monitor" user. It is most probably was changed manually.
That's not the problem. The problem is the prompt is showing 'bash-4.4#', which happens when the /etc/bashrc isn't run for some reason.
With the user's shell set to /bin/bash, BASH should be launched as an interactive shell and a login shell. Both of those should cause the /etc/bashrc to be run. When the user's shell is set to /etc/cli.sh and they elevate to expert, BASH is launched as an interactive shell (so /etc/bashrc still runs) but not a login shell. Since it clearly isn't working as expected, maybe /etc/bashrc isn't readable?
Did not know that, learned something new.
Yes correct explanation about my issue.
Only I need to know solution and the difference between them like Expert and bash name as per the screenshot.
@_Val_ is 100% right, as usual. You need to change the shell...so /bin/bash is to expert mode right away and /etc/cli.sh is regular shell.
Andy
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY