Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

system: manually select user login shell #2154

Closed
fichtner opened this issue Feb 1, 2018 · 1 comment
Closed

system: manually select user login shell #2154

fichtner opened this issue Feb 1, 2018 · 1 comment
Assignees
@fichtner
Labels
feature Adding new functionality

Comments

@fichtner
Copy link
Member

fichtner commented Feb 1, 2018
edited
Loading

via: https://forum.opnsense.org/index.php?topic=7035.0

TODO:
@fichtner fichtner added the feature Adding new functionality label Feb 1, 2018
@fichtner fichtner added this to the 18.7 milestone Feb 1, 2018
@fichtner fichtner self-assigned this Feb 1, 2018
fichtner added a commit that referenced this issue Feb 4, 2018
@fichtner
rc: recover all known shells, plus zsh, scponly and bash... #2154
e09dc8c
fichtner added a commit that referenced this issue Feb 4, 2018
@fichtner
system: allow shell selection for user, prepped a long time ago #2154
c8bdf3e
fichtner added a commit that referenced this issue Feb 4, 2018
@fichtner
system: remove the user-shell-access privilege #2154
5a9f6c4 
Eventually, the two remaining user privileges should be killed
as well in favour of similar approaches.  The ACL should be for
page access, not more, not less.
@fichtner
Copy link
Member Author

fichtner commented Feb 4, 2018

@Mausy5043 as discussed know good shells (now that includes bash, zsh and scponly) are preserved in /etc/shells upon reboot. Furthermore, you can select a login shell for each user separately and the old "shell access" privilege is scheduled for removal in 18.7.

We lose a little bit of flexibility, but shell access is delicate as discussed in a similar forum thread regarding piggybacked SFTP access, see https://forum.opnsense.org/index.php?topic=6994.15

Not entirely sure this is robust enough for 18.1.x yet so keeping this open for tweaking and feedback. :)

@fichtner fichtner removed this from the 18.7 milestone Feb 25, 2018
@pv2b pv2b mentioned this issue Aug 20, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fichtner fichtner

Labels
feature Adding new functionality
Milestone
No milestone
Development

No branches or pull requests
1 participant
@fichtner