[ELDK] Read-only root filesystem, devices and root access
Giuseppe Modugno
g.modugno at elettronika.it
Tue Jun 24 10:37:57 CEST 2008
Dear all,
I'm developing a read-only root filesystems facing many problems we
already know.
In order to solve the problem of ptys (I'd like to use telnet) I made
symbolic links
/dev/ptyp0 ---> /tmpfs/dev/ptyp0
/dev/ptyp1 ---> /tmpfs/dev/ptyp1
...
/dev/ttyp0 ---> /tmpfs/dev/ttyp0
/dev/ttyp1 ---> /tmpfs/dev/ttyp1
...
Of course, /tmpfs is a read-write tmpfs filesystem I populate in
rc.sh.
Now I can telnet into the system without problems using a normal
account. When I try to login as root, it works only for the first
telnet connection and not for the second or the third.
The problem is pam_securetty, in fact in /var/log/messages:
---
Jan 1 00:09:19 hostname auth.warn PAM-securetty[686]: access denied:
tty '/tmpfs/dev/ttyp1' is not secure !
---
In my /etc/securetty ttyp1 is really present, as ttyp0, ttyp2 and so
on. I tried to add /tmpfs/dev/ttyp1 in /etc/securetty and it works!
Now I don't understand. May I use symbolic links in /etc/securetty?
If yes, I don't understand why ptyp1 in /etc/securetty doesn't work.
If no, I don't understand why ptyp0 in /etc/securetty really works.
Any suggestions?
More information about the eldk
mailing list