Recording /dev/vt/# in utmpx and using that for PAM_TTY looks like
exactly the correct thing to do for the virtual consoles.
Using /dev/console for utmpx and PAM_TTY for the primary (first) console
also looks like the correct thing to do.
> 3.2 Enhance PAM_TTY and ut_line in utmpx to support display name.
> So the PAM_TTY and the ut_line in utmpx can be directly set
> to the display name by the display login manager.
What problem is being solved here ?
> With regards to the audit terminal ID, it can be extended to
> a) change "terminal ID" to "terminal name" in the audit
> record. And the terminal name looks more straightforward
> than the digital terminal ID.
I don't see what problem is being solved here.
> b) encode display name in a proper way to terminal ID, just
> like for remote terminal ID:
> ai.ai_termid.port = (peer->sin_port<<16 | sock->sin_port);
So basically record the port number of the display in the audit record ?
If so that sounds okay but who is writing this audit record ?
Darren J Moffat