Tag: Linux

Posted on

Checkpoint: Change the Default Shell for “admin” in Gaia and SecurePlatform

This article details how to change the default shell for both Gaia and SecurePlatform (SPlat) systems.

SecurePlatform

In SecurePlatform, all we need to do is log in to expert mode and use the change shell command – chsh:

myfirewall > expert
Enter expert password:
myfirewall # chsh -s /bin/bash admin<

Shell changed.

This permanently changes the shell and will survive a reboot.

Gaia

The above will also work in Gaia but will not survive a reboot – the shell will default back to clish. Doing a “cat” on /etc/shells in expert mode will show you what is available:

myfirewall> expert
Enter expert password:

Warning! All configuration should be done through clish
You are in expert mode now.

[Expert@myfirewall:0]# cat /etc/shells
/bin/sh
/bin/bash
/sbin/nologin
/usr/bin/scponly
/bin/tcsh
/bin/csh
/etc/cli.sh
[Expert@myfirewall:0]#

To effect the change we use the “set user” command, in this example we will set it to the bash shell:

myfirewall> set user admin <tab to show options:>
force-password-change - Force the user to change their password
gid - User's group ID
homedir - User's home directory
info - DEPRECATED synonym for 'realname'
lock-out - Unlock a locked out user
newpass - User's new password
password - User's password
password-hash - User's password hash
realname - User's real name or other informative label
shell - User's login shell
uid - User's numeric user ID
myfirewall> set user admin shell /bin/bash
myfirewall> save config
myfirewall>

 

** Don’t forget the “save config” at the end!! **

 

Related posts:

Posted on

Checkpoint: Object Filler and Object Dumper (ofiller)

This article offers a download of Martin Hoz’s (Checkpoint SE) Ofiller tool and describes basic usage.

The package software can be downloaded here:

ofiller_v2.4.tgz

There is full documentation in the package but a quick look at page 53 of the manual yields the following:

odumper -f file [-p file] -o file [-d] [-html] [-v]
-f specifies the path to the objects (Objects_5_0.C or objects.C) file you want to process
-p specifies the path to the rulebases (rulebases_5_0.fws) file you want to process - Optional
-o specified the path to the output formatted file you want to have
-d tells the program to also print the default objects - Optional
-html formats the output to HTML (instead of default CSV format) - Optional
file is a valid filename - such as output.txt, output.html or objects.C
Required parameters: -f and -o

** Important ** – Run this on copies of the files and not against the files on the live firewall!

  • To dump objects only:

odumper -f copy_of_Objects_5_0.C -o my_objects.csv

  • To dump rules only:

odumper -p Copy_of_rulebases_5_0.fws -o my_rules.csv

  • To dump both rules and objects to the same file:

odumper -f copy_of_Objects_5_0.C -p Copy_of_rulebases_5_0.fws -o my_objects_and_rules.csv

 

Note: If you are dumping these to re-import on another management centre then dump rules and objects individually as per the first two examples.

Related posts:

Posted on

Linux: How to Remove GNOME from a Debian Install

This article describes how to remove the Gnome desktop environment from a Debian install.

Sometimes, unless you run the gauntlet of Expert Install (which is unnecessary if all you want is a general purpose, vanilla machine) then the Gnome desktop will be automatically installed from the installation DVD.

The following commands will remove it (and free up about 1GB disk space!):

# sudo apt-get autoremove gdm3

# sudo apt-get autoremove --purge gnome*

# reboot

Related posts: