Re: /run and read-only /etc
Sorry to reopen this at such a late date, but I'm way behind on -devel.
"Hi, I'm Karl and I maintain login and passwd."
Thomas Hood <firstname.lastname@example.org> writes:
> * pam, shadow
> Allow either /etc/nologin or /run/nologin to prevent non-root logins
I don't like the idea of having multiple files to turn off logins. (I
can't log into my system, and /etc/nologin doesn't exist! What? didn't you
know about this *other* file?) I also don't want to solve this with a
I would favor (even though it's weird from the pan-unix admin point of
view) just deprecating /etc/nologin in favor of something more "sensible".
It would also be nice to have some blessing of /run in the policy first,
but that doesn't seem terribly likely.
These are not strongly held positions. Please do try to convince me to be
less of an obstruction