> On Mar 17, 2015, at 21:52, German <[email protected]> wrote: > > On Tue, 17 Mar 2015 20:39:46 +0200 > Matti Nykyri <[email protected]> wrote: > >>> On Mar 17, 2015, at 19:33, German <[email protected]> wrote: >>> >>> On Tue, 17 Mar 2015 19:16:42 +0200 >>> Matti Nykyri <[email protected]> wrote: >>> >>>>>> On Mar 17, 2015, at 18:11, German <[email protected]> wrote: >>>>>> >>>>>> Don't hit your head to a brick wall. A small strace to the login process >>>>>> reveals that login set things as you tell it to in /etc/login.defs >>>>>> >>>>>> In this file change the line: >>>>>> TTYPERM 0600 >>>>>> To: >>>>>> TTYPERM 0620 >>>>>> >>>>>> And your problem is fixed. >>>>> >>>>> Sorry, this didn't fix it >>>> >>>> Yes. Sorry. The mode was wrong: >>>> >>>> TTYPERM 660 >>>> >>>> Will fix it, if your screen is setgid tty and ttyX is gid tty. If not then: >>>> >>>> TTYPERM 666 >>>> >>>> Will fix it, but also your tty will be world readable. If you don't >>>> consider that too big security risk, then just go >>> >>> Neither 660 nor 666 fixed it. Sorry :( >> >> If you have: >> >> TTYPERM 0666 >> >> And logout and login. What mode and ownership do you have in you tty >> (/dev/ttyX)? > > Ok, Matti, 0666 worked, now I can run screen as a user. Thanks. Do you think > I have to try to run it 0660? Will it be less security risk?
Well 0666 = 666. The reason it now worked is because you logged out and then back in. This is becaus login program only reads the /etc/login.defs-file when you login. With mode 0666 every user on your computer can read everything (every character) you have in your screen (so not much privacy). If you set: TTYGROUP utmp TTYPERM 0660 And have: -rwxr-sr-x root utmp /usr/bin/screen Everything will also work and you have more privacy. When /bin/login us run it changes ownership of the tty to the user who logs in. Su -l does not do this. That is why the screen doesn't work. ConsoleKit is the program that is responsible for many of these permission changes. Do you have that installed? -- -Matti
