1 files changed, 17 insertions, 1 deletions

diff --git a/modules/pam_securetty/pam_securetty.8.xml b/modules/pam_securetty/pam_securetty.8.xml
index dd57705b..48215f5f 100644
--- a/modules/pam_securetty/pam_securetty.8.xml
+++ b/modules/pam_securetty/pam_securetty.8.xml
@@ -33,7 +33,10 @@
       user is logging in on a "secure" tty, as defined by the listing
       in <filename>/etc/securetty</filename>. pam_securetty also checks
       to make sure that <filename>/etc/securetty</filename> is a plain
-      file and not world writable.
+      file and not world writable. It will also allow root logins on
+      the tty specified with <option>console=</option> switch on the
+      kernel command line and on ttys from the
+      <filename>/sys/class/tty/console/active</filename>.
     </para>
     <para>
       This module has no effect on non-root users and requires that the
@@ -61,6 +64,19 @@
           </para>
         </listitem>
       </varlistentry>
+      <varlistentry>
+        <term>
+          <option>noconsole</option>
+        </term>
+        <listitem>
+          <para>
+            Do not automatically allow root logins on the kernel console
+            device, as specified on the kernel command line or by the sys file,
+            if it is not also specified in the
+            <filename>/etc/securetty</filename> file.
+          </para>
+        </listitem>
+      </varlistentry>
     </variablelist>
   </refsect1>