Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Change default shell for additional pfSense user

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 4 Posters 4.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      eponymous
      last edited by

      Hi,

      I've got a script that I want to execute via SSH using the Bourne shell (/bin/sh).

      I've created a new user and added them to the "admins" group - I don't want to mess around with the default "root" user for obvious reasons.

      However I tried following the guide at: https://www.freebsd.org/doc/handbook/shells.html to change that user's default shell and it caused this message to appear on SSH login:

      *** Welcome to pfSense 2.3.2-RELEASE (amd64 full-install) on pfSense ***
PHP Fatal error:  Call to undefined function pfSense_interface_listget() in /etc/inc/interfaces.inc on line 80

Fatal error: Call to undefined function pfSense_interface_listget() in /etc/inc/interfaces.inc on line 80
PHP ERROR: Type: 1, File: /etc/inc/interfaces.inc, Line: 80, Message: Call to undefined function pfSense_interface_listget()
 0) Logout (SSH only)                  9) pfTop
 1) Assign Interfaces                 10) Filter Logs
 2) Set interface(s) IP address       11) Restart webConfigurator
 3) Reset webConfigurator password    12) PHP shell + pfSense tools
 4) Reset to factory defaults         13) Update from console
 5) Reboot system                     14) Disable Secure Shell (sshd)
 6) Halt system                       15) Restore recent configuration
 7) Ping host                         16) Restart PHP-FPM
 8) Shell

      I'd just like to know which is the correct/safe way to have the Bourne shell start by default on SSH login? I'd rather not edit each script to include something like "sh -c 'some commands'" as I have a lot of scripts.

      Thanks.

      1 Reply Last reply Reply Quote 0
      • H
        heper
        last edited by

        delete in new users homedir:

        .profile  and .shrc

        1 Reply Last reply Reply Quote 0
        • E
          eponymous
          last edited by

          Thanks! That worked.

          1 Reply Last reply Reply Quote 0
          • E
            eponymous
            last edited by

            I've still got an issue.

            It seems that when I reboot the router, the shell gets changed back to /bin/tcsh. Is it possible to change it to /bin/sh permanently?

            1 Reply Last reply Reply Quote 0
            • D
              doktornotor Banned
              last edited by

              No, not without patching /etc/inc/auth.inc - an example of what changes you need to do here: https://github.com/pfsense/pfsense/pull/3283/files

              Could be used pretty much verbatim, say you add user-bourne-shell priv to /etc/inc/priv/user.priv.inc, you'd do

              
if (userHasPrivilege($user, "user-shell-access") || userHasPrivilege($user, "page-all")) {
	if (userHasPrivilege($user, "user-bourne-shell") {
		$user_shell = "/bin/sh";
	} else {
		$user_shell = "/bin/tcsh";
	}
} elseif ( ... )

              then you can assign the shell persistently via the User Manager GUI.

              C 1 Reply Last reply Reply Quote 0
              • C
                cjangrist @doktornotor
                last edited by

                @doktornotor

                changing the single instance where tcsh appears in /etc/inc/auth.inc to the my desired shell seemed to do the trick.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.