Skip to content

securetty in Debian #47

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
pyllyukko opened this issue Sep 12, 2019 · 1 comment
Closed

securetty in Debian #47

pyllyukko opened this issue Sep 12, 2019 · 1 comment

Comments

@pyllyukko
Copy link
Owner

pyllyukko commented Sep 12, 2019
edited
Loading

FWIW, the latest login upload to unstable (1:4.7-1) dropped support for
/etc/securetty and removed that file on upgrades, due to the numerous
complaints it caused:

,----
| shadow (1:4.7-1) unstable; urgency=medium
|
| [ Balint Reczey ]
| * Stop shipping and honoring /etc/securetty
| (Closes: #731656, #830255, #879903, #920764, #771675, #917893, #607073)
`----

This lead to complaints by pam_unix in the system logs on every login,
see #931899. I think it's time to disable pam_securetty by default, it
was useful twenty years ago but it no longer is.
@pyllyukko
Copy link
Owner Author

If distros don't use securetty it shouldn't still matter if the configuration exists. Also to play it safe we should have this conditionally and inspect PAM's configuration for pam_securetty which would introduce unnecessary complexity.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pyllyukko