diff options
| author | jim-p <jimp@pfsense.org> | 2011-04-08 08:59:50 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2011-04-08 08:59:50 -0400 |
| commit | fbfd675a532a85858530d9ad7bdd63d563189bec (patch) | |
| tree | 8a067b7b24b4c06e1c8f9c080fe2dbb289e75cd3 /etc/inc/auth.inc | |
| parent | 02d99511539a3312f8aab54b7dd1cdcaec9c0847 (diff) | |
| download | pfsense-fbfd675a532a85858530d9ad7bdd63d563189bec.zip pfsense-fbfd675a532a85858530d9ad7bdd63d563189bec.tar.gz | |
Add an IPsec xauth permission. Try to use the nologin shell first (just unlock the account). Ticket #1202
Diffstat (limited to 'etc/inc/auth.inc')
| -rw-r--r-- | etc/inc/auth.inc | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 159e791..239d7de 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -360,6 +360,8 @@ function local_user_set(& $user) { $user_shell = "/usr/local/bin/scponly"; } elseif (userHasPrivilege($user, "user-ssh-tunnel")) { $user_shell = "/usr/local/sbin/ssh_tunnel_shell"; + } elseif (userHasPrivilege($user, "user-ipsec-xauth-dialin")) { + $user_shell = "/sbin/nologin"; } else { $user_shell = "/sbin/nologin"; $lock_account = true; |
