PW=/usr/sbin/pw USER=wwwonly UID=789 GROUP=${USER} GID=${UID} PW_ARG=add if ${PW} groupshow ${GROUP} >/dev/null 2>&1; then PW_ARG=mod fi echo "Creating group '${GROUP}' with gid '${GID}'" ${PW} group${PW_ARG} ${GROUP} -g ${GID} PW_ARG=add if ${PW} usershow ${USER} >/dev/null 2>&1; then PW_ARG=mod fi echo "Creating user '${USER}' with uid '${UID}'" ${PW} user${PW_ARG} ${USER} -u ${UID} -g ${GID} -c "World Wide Web Only" -d /nonexistent -s /usr/sbin/nologin echo "Updating /etc/shells" cp /etc/shells /etc/shells.bak (grep -v /usr/local/sbin/opnsense-shell /etc/shells.bak; \ echo /usr/local/sbin/opnsense-shell) > /etc/shells rm -f /etc/shells.bak cp /etc/shells /etc/shells.bak (grep -v /usr/local/sbin/opnsense-installer /etc/shells.bak; \ echo /usr/local/sbin/opnsense-installer) > /etc/shells rm -f /etc/shells.bak echo "Registering root shell" pw usermod -n root -s /usr/local/sbin/opnsense-shell echo "Hooking into /etc/rc" cp /etc/rc /etc/rc.bak cat > /etc/rc <> /etc/rc rm -f /etc/rc.bak echo "Hooking into /etc/rc.shutdown" cp /etc/rc.shutdown /etc/rc.shutdown.bak cat > /etc/rc.shutdown <> /etc/rc.shutdown rm -f /etc/rc.shutdown.bak /usr/local/etc/rc.d/configd start /usr/local/etc/rc.syshook update