[Spce-user] FIREWALL

[Andrew Pogrebennyk]

are you using su command to get root? In that case make sure that your
user is a member of group root otherwise he can't use su. This is not
even related to the firewall, may happen first time that you rebooted
the server after installation, so maybe it coincided with disabling the
firewall?

In fact NGCP installer enables hardened security by pam_wheel.so module

# cat /etc/ngcp-config/templates/etc/pam.d/su.tt2
#
# The PAM configuration file for the Shadow `su' service
#

# This allows root to su without passwords (normal operation)
auth       sufficient pam_rootok.so

# Uncomment this to force users to be a member of group root
# before they can use `su'. You can also add "group=foo"
# to the end of this line if you want to use a group other
# than the default "root" (but this may have side effect of
# denying "root" user, unless she's a member of "foo" or explicitly
# permitted earlier by e.g. "sufficient pam_rootok.so").
# (Replaces the `SU_WHEEL_ONLY' option from login.defs)
auth       required   pam_wheel.so

You can create a file su.customtt.tt2 and disable the line with
pam_wheel.so there if this is the problem. Hope this helps.

BR,
Andrew

On 09/01/2017 05:03 AM, MUNDOTEL wrote:
> hi, I have some question, I activate the firewall in  spce mr5.4,  and
> that let me outside server , cant' get tru ssh. now I  deactivate the
> firewall and never more let me get root, is like  any change I make  is
> not recording in the server,  but  I  make    ngcpcfg apply
> and commit,  rebuild , reboot  nothing happen
> can someboddy explaint how fix that,.  thanhkyou