Your message dated Mon, 15 Feb 2016 14:48:09 +0100
with message-id <[email protected]>
and subject line securetty.5 is now documented properly upstream
has caused the Debian Bug report #528015,
regarding securetty(5): not only used to restrict root login
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
528015: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528015
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: manpages
Version: 3.21-1
Severity: normal
Tags: patch
Hello,
pam_unix, with the nullok_secure option uses /etc/securetty for a slightly
different purpose than documented in securetty(5).
securetty(5) could also be completed to indicate that PAM also support
securetty (with pam_securetty).
Note that the nullok_secure option is a Debian specific patch for PAM.
I'm attaching a proposal for these two additions.
Thanks in advance,
--
Nekral
diff -rauN ../orig/manpages-3.21/man5/securetty.5 ./manpages-3.21/man5/securetty.5
--- ../orig/manpages-3.21/man5/securetty.5 2009-04-15 18:05:52.000000000 +0200
+++ ./manpages-3.21/man5/securetty.5 2009-05-10 11:50:24.529552264 +0200
@@ -28,20 +28,34 @@
.SH DESCRIPTION
The file
.I /etc/securetty
-is used by (some versions of)
-.BR login (1).
-The file contains the device names of tty lines
+contains a list of device names of tty lines
(one per line, without leading
.IR /dev/ )
+which are considered secure for the transmission of certain authentication
+tokens.
+.P
+It is used by (some versions of)
+.BR login (1)
+to restrict the tty lines
on which root is allowed to login.
See
.BR login.defs (5)
if you use the shadow suite.
+.P
+On PAM enabled systems, it is used for the same purpose by
+.BR pam_securetty (8),
+and is used by the
+.B nullok_secure
+option of
+.BR pam_unix (8)
+to restrict the tty lines on which empty passwords are accepted.
.SH FILES
.I /etc/securetty
.SH "SEE ALSO"
.BR login (1),
-.BR login.defs (5)
+.BR login.defs (5),
+.BR pam_securetty (8),
+.BR pam_unix (8)
.SH COLOPHON
This page is part of release 3.21 of the Linux
.I man-pages
--- End Message ---
--- Begin Message ---
control: fixed -1 4.04-1
Hi,
I'm closing this bug, as I agree with Stéphane. The Debian specific part
does not seem to be necessary, so the bug is fixed upstream and has been
uploaded to Debian.
Regards,
Tobias
signature.asc
Description: OpenPGP digital signature
--- End Message ---
