[systemd-devel] systemd-nspawn and pam_securetty
Colin Guthrie
gmane at colin.guthr.ie
Sun Dec 8 16:02:04 PST 2013
'Twas brillig, and Lennart Poettering at 08/12/13 23:46 did gyre and gimble:
>> > 3. And finally, if we should not add "console", could nspawn do
>> > something clever with a temporary file + bind mount to temporarily allow
>> > console logins in the /etc/securetty without actually modifying it.
> I don't think it's worth trying to bind mount it like that, since there
> a couple of ioctls that leak the original name (ptsname()), and there
> are cases where you need to look up the device in /sys. In fact, in
> systemd we have some code to track down to which tty /dev/tty,
> /dev/tty0, and /dev/console currently point, and playing games with
> renaming things certainly conrtadicts the general goal of such code...
I was really meaning bind mounting over /etc/securetty with new content
not the /dev/tty* or /dev/console or anything more creative like that.
Your (and others) answers are pretty clear tho' and confirm what I
suspected (and hence made my first question!).
Cheers all!
Col
--
Colin Guthrie
gmane(at)colin.guthr.ie
http://colin.guthr.ie/
Day Job:
Tribalogic Limited http://www.tribalogic.net/
Open Source:
Mageia Contributor http://www.mageia.org/
PulseAudio Hacker http://www.pulseaudio.org/
Trac Hacker http://trac.edgewall.org/
More information about the systemd-devel
mailing list