[libvirt] [PATCH] LXC: mount /dev/pts/0 to /dev/console
Gao feng
gaofeng at cn.fujitsu.com
Thu Oct 31 05:49:54 UTC 2013
On 10/30/2013 07:15 PM, Daniel P. Berrange wrote:
> On Tue, Oct 29, 2013 at 03:37:51PM +0800, Gao feng wrote:
>> Now, /dev/console is linked to the /dev/pts/0,
>> so for the process agetty, the tty device of
>> agetty is pts/0. this will cause login container
>> failed.
>> since pts/0 is not in the /etc/securetty. so
>> pam module pam_securetty will prevent the root
>> user logging on the system.
>>
>> this patch doesn't make /dev/console a symbol but
>> binds /dev/pts/0 to it. so the tty device of
>> agetty will be console. root can login the system
>> successfully.
>
> This only really fixes it for the first console. If the guest
> has multiple <console/> lines defined, we still have the same
> problem with securetty for other consoles.I'm wondering if
Oh, that's /dev/ttyN, not /dev/console.
/dev/console is only one. In my container which running fedora18,
the tty device of agetty is console
553 pts/0 Ss+ 0:00 /sbin/agetty --noclear -s console 115200 38400 9600
So, this patch resolves the problem I faced. if we found the ttyN devices
also need to be bound to some pts devices, it's another patch.
but actually, /dev/console is pointed to different tty devices in the view of
different process. this linking/binding console to /dev/pts/0 behave may
mess up something. and the multiple console setting seems doesn't work for
container, only the first console is opened/listened.
> there is any scope for just getting the securetty check todo
> the right thing by default for psuedo ttys.
>
Right now I don't face any problem, but I don't know if this will break something.
and as I mention above, the linking /dev/console to /dev/pts/0 behave will break
something too.
I don't have any idea to implement the behave which /dev/console /dev/tty0 provides
now. any idea?
Thanks
Gao
More information about the libvir-list
mailing list