Debian Bug #528015 reported by "Nicolas FRANCOIS (Nekral)" <nicolas.francois@xxxxxxxxxxxxxxx> See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528015 This patch is a modified version of the one proposed without specific part to Debian. Signed-off-by: Stéphane Aulery <saulery@xxxxxxx> --- man5/securetty.5 | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/man5/securetty.5 b/man5/securetty.5 index 99f6c57..88f9fb6 100644 --- a/man5/securetty.5 +++ b/man5/securetty.5 @@ -29,17 +29,26 @@ securetty \- file which lists terminals from which root can log in .SH DESCRIPTION The file .I /etc/securetty -is used by (some versions of) -.BR login (1). -The file contains the device names of terminal lines +contains the names of terminals (one per line, without leading .IR /dev/ ) +which are considered secure for the transmission of certain authentication +tokens. +.P +It is used by (some versions of) +.BR login (1) +to restrict the terminals on which root is allowed to login. See .BR login.defs (5) if you use the shadow suite. +.P +On PAM enabled systems, it is used for the same purpose by +.BR pam_securetty (8) +to restrict the terminals on which empty passwords are accepted. .SH FILES .I /etc/securetty .SH SEE ALSO .BR login (1), -.BR login.defs (5) +.BR login.defs (5), +.BR pam_securetty (8) -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html