This article describes the CLI clear command options not included with clear command privileges.
When creating a user with clear privileges, some clear commands are not allowed.
For example, the clear permissions include the following:
snmp - Clear Simple Network Management Protocol information.system - Clear system information.
Clear privileges do not include:
clear logs - Clear contents of the log file.clear lacp - Clear Link Aggregation Control Protocol information.clear services - Clear services information.clear security - Clear security information.clear passive-monitoring - Clear passive monitoring statistics.clear unified-edge - Clear unified-edge commands.
This situation occurs in all Junos OS versions on all devices, and is an expected behavior.
In order to allow the missing clear options, you can add them by running the clear services with the following commands:
lab@juniper# set system login class clear-privilege allow-configuration "clear services"
lab@juniper# set system login class clear-privilege confallow-commands "clear services"
[edit system login]
+ class clear-privilege {
+ permissions clear;
+ }
[edit system login]
+ user clear-user {
+ class clear-privilege;
+ authentication {
+ encrypted-password "$ABC123"; ## SECRET-DATA
lab-admin@Juniper# show system login class clear-privilege
permissions clear;
lab-admin@Juniper# show system login
user clear-user {
uid 2028;
class clear-privilege;
authentication {
encrypted-password "$ABC123"; ## SECRET-DATA