'Twas brillig, and Lennart Poettering at 08/12/13 23:46 did gyre and gimble:
>> > 3. And finally, if we should not add "console", could nspawn do
>> > something clever with a temporary file + bind mount to temporarily allow
>> > console logins in the /etc/securetty without actually modifying it.
>
On Sat, 07.12.13 18:25, Colin Guthrie ([email protected]) wrote:
> Hi,
>
> So playing around a bit it seems our default pam config for pam.d/login
> uses a pam_securetty to only allow root logins via "secure" seats.
>
> The file /etc/securetty are tty0-6 and vc/1-6
>
> When "booting" with ns
El 07/12/13 15:25, Colin Guthrie escribió:
> 1. Is pam_securetty worth it?
No, it is not.
> 2. If so, is adding "console" to the default /etc/securetty safe?
It is as secure as any device access white/black list that it is not
enforced by the kernel. (i.e not at all, people are fooling themselv
On Sat, Dec 7, 2013 at 9:00 PM, Kay Sievers wrote:
> On Sat, Dec 7, 2013 at 7:25 PM, Colin Guthrie wrote:
>> So playing around a bit it seems our default pam config for pam.d/login
>> uses a pam_securetty to only allow root logins via "secure" seats.
>>
>> The file /etc/securetty are tty0-6 and v
On Sat, Dec 7, 2013 at 7:25 PM, Colin Guthrie wrote:
> So playing around a bit it seems our default pam config for pam.d/login
> uses a pam_securetty to only allow root logins via "secure" seats.
>
> The file /etc/securetty are tty0-6 and vc/1-6
>
> When "booting" with nspawn, the tty is "console"
Hi,
So playing around a bit it seems our default pam config for pam.d/login
uses a pam_securetty to only allow root logins via "secure" seats.
The file /etc/securetty are tty0-6 and vc/1-6
When "booting" with nspawn, the tty is "console" and thus I cannot login
as root.
Can I ask people here a
