[PATCH] securetty.5: Note that the pam_securetty module also uses this file

[PATCH] securetty.5: Note that the pam_securetty module also uses this file

[Stéphane Aulery]

Debian Bug #528015 reported by "Nicolas FRANCOIS (Nekral)" <nicolas.francois-Fa7rcPG4DJn7nK0/Xc0eeg@public.gmane.org>

See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528015

This patch is a modified version of the one proposed without specific part to
Debian.

Signed-off-by: Stéphane Aulery <saulery-GANU6spQydw@public.gmane.org>
---
 man5/securetty.5 | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/man5/securetty.5 b/man5/securetty.5
index 99f6c57..88f9fb6 100644
--- a/man5/securetty.5
+++ b/man5/securetty.5
@@ -29,17 +29,26 @@ securetty \- file which lists terminals from which root can log in
 .SH DESCRIPTION
 The file
 .I /etc/securetty
-is used by (some versions of)
-.BR login (1).
-The file contains the device names of terminal lines
+contains the names of terminals
 (one per line, without leading
 .IR /dev/ )
+which are considered secure for the transmission of certain authentication
+tokens.
+.P
+It is used by (some versions of)
+.BR login (1)
+to restrict the terminals
 on which root is allowed to login.
 See
 .BR login.defs (5)
 if you use the shadow suite.
+.P
+On PAM enabled systems, it is used for the same purpose by
+.BR pam_securetty (8)
+to restrict the terminals on which empty passwords are accepted.
 .SH FILES
 .I /etc/securetty
 .SH SEE ALSO
 .BR login (1),
-.BR login.defs (5)
+.BR login.defs (5),
+.BR pam_securetty (8)
-- 
2.1.4

--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] securetty.5: Note that the pam_securetty module also uses this file

[Michael Kerrisk (man-pages)]

On 03/07/2015 05:06 PM, Stéphane Aulery wrote:
> Debian Bug #528015 reported by "Nicolas FRANCOIS (Nekral)" <nicolas.francois-Fa7rcPG4DJn7nK0/Xc0eeg@public.gmane.org>
> 
> See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528015
> 
> This patch is a modified version of the one proposed without specific part to
> Debian.

Thanks, Stéphane. Applied.

Cheers,

Michael


> Signed-off-by: Stéphane Aulery <saulery-GANU6spQydw@public.gmane.org>
> ---
>  man5/securetty.5 | 17 +++++++++++++----
>  1 file changed, 13 insertions(+), 4 deletions(-)
> 
> diff --git a/man5/securetty.5 b/man5/securetty.5
> index 99f6c57..88f9fb6 100644
> --- a/man5/securetty.5
> +++ b/man5/securetty.5
> @@ -29,17 +29,26 @@ securetty \- file which lists terminals from which root can log in
>  .SH DESCRIPTION
>  The file
>  .I /etc/securetty
> -is used by (some versions of)
> -.BR login (1).
> -The file contains the device names of terminal lines
> +contains the names of terminals
>  (one per line, without leading
>  .IR /dev/ )
> +which are considered secure for the transmission of certain authentication
> +tokens.
> +.P
> +It is used by (some versions of)
> +.BR login (1)
> +to restrict the terminals
>  on which root is allowed to login.
>  See
>  .BR login.defs (5)
>  if you use the shadow suite.
> +.P
> +On PAM enabled systems, it is used for the same purpose by
> +.BR pam_securetty (8)
> +to restrict the terminals on which empty passwords are accepted.
>  .SH FILES
>  .I /etc/securetty
>  .SH SEE ALSO
>  .BR login (1),
> -.BR login.defs (5)
> +.BR login.defs (5),
> +.BR pam_securetty (8)
> 


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html