diff options
author | Steve Langasek <steve.langasek@canonical.com> | 2020-08-11 14:54:29 -0700 |
---|---|---|
committer | Steve Langasek <steve.langasek@canonical.com> | 2020-08-11 14:54:29 -0700 |
commit | f6d08ed47a3da3c08345bce2ca366e961c52ad7c (patch) | |
tree | dcbd0efb229b17f696f7195671f05b354b4f70fc /modules/pam_securetty/README | |
parent | 668b13da8f830c38388cecac45539972e80cb246 (diff) | |
parent | 9e5bea9e146dee574796259ca464ad2435be3590 (diff) |
New upstream version 1.4.0
Diffstat (limited to 'modules/pam_securetty/README')
-rw-r--r-- | modules/pam_securetty/README | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/modules/pam_securetty/README b/modules/pam_securetty/README index 14518411..21764e43 100644 --- a/modules/pam_securetty/README +++ b/modules/pam_securetty/README @@ -5,11 +5,12 @@ pam_securetty — Limit root login to special devices DESCRIPTION pam_securetty is a PAM module that allows root logins only if the user is -logging in on a "secure" tty, as defined by the listing in /etc/securetty. -pam_securetty also checks to make sure that /etc/securetty is a plain file and -not world writable. It will also allow root logins on the tty specified with -console= switch on the kernel command line and on ttys from the /sys/class/tty/ -console/active. +logging in on a "secure" tty, as defined by the listing in the securetty file. +pam_securetty checks at first, if /etc/securetty exists. If not and it was +built with vendordir support, it will use <vendordir>/securetty. pam_securetty +also checks that the securetty files are plain files and not world writable. It +will also allow root logins on the tty specified with console= switch on the +kernel command line and on ttys from the /sys/class/tty/console/active. This module has no effect on non-root users and requires that the application fills in the PAM_TTY item correctly. @@ -27,7 +28,7 @@ noconsole Do not automatically allow root logins on the kernel console device, as specified on the kernel command line or by the sys file, if it is not also - specified in the /etc/securetty file. + specified in the securetty file. EXAMPLES |