Simon Valiquette wrote:
My guess is what they really wanted to do was something like the following: auth [success=ok new_authtok_reqd=ok ignore=ignore auth_err=die service_err=die default=ignore] pam_securetty.so I only made some quick tests by disabling one tty in securetty,
> so you should check It before trusting that It works as intended. >FYI, it has been patched today in login_1:4.1.1-5 in a better way, because they used directly the "user_unknown" control value.
I did know there was probably a missing value, but I could not find it in the man pages and did not bother to check directly in the source package.
So that give us this line:auth [success=ok ignore=ignore user_unknown=ignore default=die] pam_securetty.so
So thank you Nicolas François for fixing it in the proper way. Simon Valiquette