FS#63236 - Can't delete /etc/securetty

Attached to Project: Arch Linux
Opened by Isopod (isopod) - Saturday, 20 July 2019, 12:16 GMT
Last edited by Antonio Rojas (arojas) - Saturday, 20 July 2019, 17:23 GMT
Task Type Bug Report
Category System
Status Closed
Assigned To No-one
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
I'm trying to use Arch Linux in a systemd-nspawn container, but I can't log in because /etc/securetty restricts it. The suggested solution for this problem is to simply delete /etc/securetty and I can confirm that this works for example for Debian. But in Arch, every time I reboot, the file is created anew. Interestingly this seems to happen on shutdown, not on boot, as when I delete the file before booting (via the host), I can login exactly once. But after a reboot, the file is back.

Additional info:
* Related to https://bugs.archlinux.org/task/45903

Steps to reproduce:
* Delete /etc/securetty
* Reboot
* /etc/securetty magically reappeared
This task depends upon

Closed by  Antonio Rojas (arojas)
Saturday, 20 July 2019, 17:23 GMT
Reason for closing:  Not a bug
Comment by loqs (loqs) - Saturday, 20 July 2019, 15:10 GMT
See /usr/lib/tmpfiles.d/arch.conf
Edit:
Can you not add the tty you log in from to securetty or login as a none root user than escalate privileges?
If not why not disable use of securetty from the pam stack and /etc/login.defs?
Comment by Isopod (isopod) - Saturday, 20 July 2019, 17:20 GMT
>See /usr/lib/tmpfiles.d/arch.conf
Thanks, I didn't know that existed.
>Can you not add the tty you log in from to securetty
Maybe, but I don't know if the tty is always the same.
>or login as a none root user than escalate privileges?
I could, but I want to keep things simple. If I want to log in as root I don't want to go through another intermediate step.
>If not why not disable use of securetty from the pam stack and /etc/login.defs?
Sorry, I don't know what that is or how to do that.

But removing the line from /usr/lib/tmpfiles.d/arch.conf already fixed my problem, so thanks again.

Loading...