shadow: set correct entries for pseudo terminals in /etc/securetty

In

commit 10cdd66fe800cffe3f2cbf5c95550b4f7902a311
Author: Ming Liu <ming.liu@windriver.com>
Date:   Thu Jul 18 10:04:22 2013 +0800

    libpam: add a new 'nullok_secure' option support to pam_unix

'null_ok_secure' option was fixed. Since that commit 'su' stopped working in
pseudo terminals (created in X environments) for root-accounts with empty
password.

Background: The PAM configuration for 'su' includes 'common-auth' which uses
'nullok_secure' option for pam_unix.

Signed-off-by: Andreas Müller <schnitzeltony@googlemail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>

diff --git a/meta/recipes-extended/shadow/files/securetty b/meta/recipes-extended/shadow/files/securetty
index 467fc0439876450ae1ceea6bea60f106b338f198..0b1629f143f4b5d8ccf606a5cbd0572d7800502a 100644 (file)
--- a/meta/recipes-extended/shadow/files/securetty
+++ b/meta/recipes-extended/shadow/files/securetty
@@ -124,18 +124,10 @@ tty62
 tty63
 
 # Local X displays (allows empty passwords with pam_unix's nullok_secure)
-:0
-:0.0
-:0.1
-:1
-:1.0
-:1.1
-:2
-:2.0
-:2.1
-:3
-:3.0
-:3.1
+pts/0
+pts/1
+pts/2
+pts/3
 
 # Embedded Freescale i.MX ports
 ttymxc0