[systemd-devel] systemd-nspawn and pam_securetty
Colin Guthrie
gmane at colin.guthr.ie
Sat Dec 7 10:25:01 PST 2013
Hi,
So playing around a bit it seems our default pam config for pam.d/login
uses a pam_securetty to only allow root logins via "secure" seats.
The file /etc/securetty are tty0-6 and vc/1-6
When "booting" with nspawn, the tty is "console" and thus I cannot login
as root.
Can I ask people here a few questions:
1. Is pam_securetty worth it?
2. If so, is adding "console" to the default /etc/securetty safe?
3. And finally, if we should not add "console", could nspawn do
something clever with a temporary file + bind mount to temporarily allow
console logins in the /etc/securetty without actually modifying it.
Cheers!
Col
--
Colin Guthrie
gmane(at)colin.guthr.ie
http://colin.guthr.ie/
Day Job:
Tribalogic Limited http://www.tribalogic.net/
Open Source:
Mageia Contributor http://www.mageia.org/
PulseAudio Hacker http://www.pulseaudio.org/
Trac Hacker http://trac.edgewall.org/
More information about the systemd-devel
mailing list