users: rip out the legacy ssh tunnel shell

Shell access is sufficient, I see absolutely no value in this.

users: rip out the legacy ssh tunnel shell
Shell access is sufficient, I see absolutely no value in this.
c48ba740 · Franco Fichtner · f0c9c1ca · c48ba740 · c48ba740
Commit c48ba740 authored Jun 10, 2015 by Franco Fichtner
Hide whitespace changes
Inline Side-by-side

Showing with 0 additions and 6 deletions

auth.inc src/etc/inc/auth.inc +0 -2

ACL_Legacy_Page_Map.json ...nse/mvc/app/models/OPNsense/Core/ACL_Legacy_Page_Map.json +0 -4

No files found.
--- a/src/etc/inc/auth.inc
+++ b/src/etc/inc/auth.inc
@@ -416,8 +416,6 @@ function local_user_set(&$user)
 		$user_shell = '/bin/csh';
 	} elseif (userHasPrivilege($user, 'user-copy-files')) {
 		$user_shell = '/usr/local/bin/scponly';
-	} elseif (userHasPrivilege($user, 'user-ssh-tunnel')) {
-		$user_shell = '/usr/local/sbin/ssh_tunnel_shell';
 	}
 	/* unlock valid shell users */

--- a/src/opnsense/mvc/app/models/OPNsense/Core/ACL_Legacy_Page_Map.json
+++ b/src/opnsense/mvc/app/models/OPNsense/Core/ACL_Legacy_Page_Map.json
@@ -15,10 +15,6 @@
        "name": "User - System - Shell account access",
        "descr": "Indicates whether the user is able to login for example via SSH."
    },
-    "user-ssh-tunnel": {
-        "name": "User - System - SSH tunneling",
-        "descr": "Indicates whether the user is able to login for tunneling via SSH when they have no shell access. Note: User - System - Copy files conflicts with this privilege."
-    },
    "user-ipsec-xauth-dialin": {
        "name": "User - VPN - IPsec xauth Dialin",
        "descr": "Indicates whether the user is allowed to dial in via IPsec xauth (Note: Does not allow shell access, but may allow the user to create ssh tunnels)"