FS#64084 - [pam] Remove pam_securetty

Attached to Project: Arch Linux
Opened by Johannes Ernst (jernst) - Thursday, 10 October 2019, 03:33 GMT
Last edited by Eli Schwartz (eschwartz) - Thursday, 10 October 2019, 06:07 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To No-one
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

According to Poettering [1]:

"pam_securetty is a really bad idea. Just remove it. Most big distros did"

It gets in the way of logging into a systemd-nspawn container as root from the console, because the (newly different) tty name is not in /etc/securetty by default. That name was changed not that long ago, and so it started breaking.

I don't know whether that's the right course of action for Arch. But if not, I'd like the default of /etc/securetty to include that tty name by default: a new container with only the root user is not particularly useful if root cannot actually log on.

[1] https://github.com/systemd/systemd/issues/13532#issuecomment-539511591
This task depends upon

Closed by  Eli Schwartz (eschwartz)
Thursday, 10 October 2019, 06:07 GMT
Reason for closing:  Duplicate
Additional comments about closing:   FS#45903 

Loading...