Subject: Re: querying the console type?
To: Steven M. Bellovin <smb@cs.columbia.edu>
From: Thor Lancelot Simon <tls@rek.tjls.com>
List: netbsd-users
Date: 10/20/2006 23:18:19
On Fri, Oct 20, 2006 at 11:06:03PM -0400, Steven M. Bellovin wrote:
>
> Is there any easy way to find out what the boot system thinks is the
> console device?

Look at the boot messages.
> 
> I *think* things are set up correctly, since 'ps' shows
> 
> 	  848 tty00  IWs+   0:00.03 /usr/libexec/getty Pc console 

Yeah, that looks right -- that means that init started a getty on
/dev/console, but ps thinks that device is /dev/tty00 -- which it is,
since they're aliases.

This is, however, a poor configuration of /etc/ttys for a machine with
a serial console: you should never run getty on /dev/console, but rather
on the underlying tty, lest something go wrong with the bootblocks and
you end up with your "console" getty on the VGA instead.  Also, doing it
this way means you're using the "Pc" gettytab entry, which may not have
the speed or terminal settings you want, and it prevents you from
requiring a password for single-user access if you want to allow root
to log in.  If you use the tty00 and ttyE0 entries in /etc/ttys for
the console getty, and mark those ttys "secure", but leave the console
entry present but not marked "secure", you get what you most likely want:
you can't break to single-user mode without the root password, but you
can log in on tty00 as root -- even if the system gets confused about
what the console is.

-- 
  Thor Lancelot Simon	                                     tls@rek.tjls.com

  "We cannot usually in social life pursue a single value or a single moral
   aim, untroubled by the need to compromise with others."      - H.L.A. Hart