feat: remove viewer user

build-workspace.sh

@@ -15,12 +15,9 @@ buildah run "$ctr" -- bash -c "\
   pacman -Sy --noconfirm && pacman -S --noconfirm --needed base-devel neovim git zsh tmux \
   nodejs python podman fzf fd ripgrep jdk-openjdk zsh-completions zsh-syntax-highlighting \
   lazygit zsh-autosuggestions luarocks python-pynvim npm bash-completion tree-sitter-cli \
-  pkgconf lua51 && pacman -Scc --noconfirm && \
+  lua51 && pacman -Scc --noconfirm && useradd -ms /bin/zsh $DEV_USER && \
-  groupadd secproc && useradd -ms /bin/zsh -G secproc $DEV_USER && \
-  useradd --system --no-create-home -s /usr/sbin/nologin -G $DEV_USER viewer && \
   mkdir -p /tmp/tmux-shared && chown $DEV_USER:$DEV_USER /tmp/tmux-shared && \
-  chmod 750 /tmp/tmux-shared && \
+  chmod 750 /tmp/tmux-shared && mkdir -p $SECURE && chmod -R 500 $SECURE && \
-  mkdir -p $SECURE && chmod -R 500 $SECURE && \
   mkdir /app && chmod 700 /app && chown $DEV_USER:$DEV_USER /app
 "
 # copy start script

ssh_router.sh

@@ -5,7 +5,6 @@ CONTAINER="$SSH_ORIGINAL_COMMAND"
 IMAGE="analytics-backend-workspace" # change to match your setup
 TMUX_SESSION="analytics-backend"
 DEV_USER="devuser"
-VIEW_USER="viewer"
 
 TMUX_CMD=(tmux -S /tmp/tmux-shared/dev-socket)
 
@@ -77,7 +76,7 @@ rw)
   ;;
 ro)
   if (podman container exists "$CONTAINER" && podman inspect -f '{{.State.Running}}' "$CONTAINER" | grep -q true) >/dev/null 2>&1; then
-    if podman exec -it --user "$VIEW_USER" "$CONTAINER" "${TMUX_CMD[@]}" attach -r -t "$TMUX_SESSION"; then
+    if podman exec -it --user "$DEV_USER" "$CONTAINER" "${TMUX_CMD[@]}" attach -r -t "$TMUX_SESSION"; then
       log "❌ Could not attach to ${TMUX_CMD[*]} session. Please contact admin or try again later."
       exit 1
     fi