tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: /etc/ttys questions (was Re: Making the keyboard work)

At Mon, 23 Feb 2009 08:38:43 -0800 (PST), Paul Goyette wrote:
Subject: /etc/ttys questions (was Re: Making the keyboard work)
> Watching this thread has reminded me of a few questions that I've been
> meaning to ask for a while.  Maybe someone can enlighten me?
> 1. What is the difference between /dev/console and /dev/constty ?  When
>     should one be enabled vs the other?

As I said in a post to tech-kern last fall:

 Strictly speaking "console" should be _removed_ from /etc/ttys.  It is
 (now) always the wrong device to run getty on.  A "constty" entry is
 the only correct way to properly access the system console TTY device.

I further noted that init(8) should be patched to use /dev/constty
instead of /dev/console.  I should post my changes to init(8) and
related, though I have yet to figure out how to fix the kernel to
properly eliminate the remaining ToDo item from my list for init.

It was noted in a reply to my post that this would break the ability for
users to have /dev/console (or ideally /dev/constty, after patching
init(8) as I've done) marked as "off" _and_ "insecure" and thus allow
single user mode to request a password and still allow root to login via
the getty running on the underlying device (which would of course be
marked "on" and "secure").

I further replied suggesting this is a direct overloading of the meaning
of the "insecure/secure" flags for the "console" entry.  It also seems
to be a confusion in policy.

As a solution I offered that if a small wrapper program was invoked as
the single-user shell then this would be one correct way to remove the
overloaded meaning _and_ allow for local policy settings about
authentication during single-user shell start-up to be implemented in a
sane manner.

See the thread beginning with:

> 2. How does /dev/console interact with /dev/ttyE0 ?  If I'm using
>     wscons, should I have ttyE0 enabled instead of console?  Or in
>     addition to console?

Well, that depends on which device /dev/console is attached to!  :-)

If ttyE0 is attached as the system console then you should only have a
getty enabled on one or the other.

This raises another issue about figuring out the most sane /etc/ttys
defaults for most users.

I think with a minor change to wscons the ideal would be to always put a
getty on /dev/constty (thus supporting both serial and keyboard/video
console users out of the box) and always leave ttyE0 "off"

The necessary change would be to have wscons always switch by default on
boot to the first opened ttyE? device (or to have some rc.d script do
that for the user).

So, then if you have a serial console enabled then you'll still get a
login prompt on the screen too without having to manually switch virtual

The only minor drawback is the constty entry in /etc/ttys should then
have a terminal type of "unknown".  Users who never use serial consoles
can always change this to the proper default of course.

> 3. With Xorg, even though my /etc/X11/xdm/Xservers file specifically
>     says to run the Xserver on ttyE4 (vt05), it seems to start on ttyE0.
>     This seems to cause getty some problems, and I keep getting "getty:
>     repeating too fast" messages.  (These messages get trapped by my
>     xconsole session, but do NOT seem to be recorded by syslog in the
>     /var/log/messages file.)

If you have no getty on ttyE4 then you cannot get messages from init
about getty re-spawning too fast when xdm takes over ttyE4.  Either
something else is causing the warning messages, or you do have a getty
enabled on ttyE4.

                                                Greg A. Woods

H:+1 416 218-0098 W:+1 416 489-5852   VE3TCP    RoboHack 
Planix, Inc. <>       Secrets of the Weird 

Attachment: pgpBnp3xXLzVZ.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index