diff options
| author | Mattias Andrée <maandree@operamail.com> | 2015-03-24 14:10:37 +0100 |
|---|---|---|
| committer | Mattias Andrée <maandree@operamail.com> | 2015-03-24 14:10:37 +0100 |
| commit | 1ca5455d71c4abe47eb1bfd73776d0b380e272e2 (patch) | |
| tree | d62429e5838037c3243eb9fef7d2e3be2b2a7bd8 /src/securetty | |
| parent | add makefile (diff) | |
| download | cerberus-securetty-1ca5455d71c4abe47eb1bfd73776d0b380e272e2.tar.gz cerberus-securetty-1ca5455d71c4abe47eb1bfd73776d0b380e272e2.tar.bz2 cerberus-securetty-1ca5455d71c4abe47eb1bfd73776d0b380e272e2.tar.xz | |
Signed-off-by: Mattias Andrée <maandree@operamail.com>
Diffstat (limited to '')
| -rwxr-xr-x | src/securetty | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/securetty b/src/securetty index 0c3784e..3022b82 100755 --- a/src/securetty +++ b/src/securetty @@ -69,12 +69,14 @@ if [ "${hook}" = verify ]; then if [ ! "${username}" = root ]; then exit 0 # Not root: may log in elif [ ! "${hostname}" = "" ]; then + echo "Sorry, root may not log in remotely" >&2 exit 1 # Remote root: may not log in elif [ ! -f "/etc/securetty" ]; then exit 0 # /etc/securetty does not exist: may log in - elif grep "^${ttyname}$" < "/etc/securetty" > "/dev/null" 2> "/dev/null" + elif grep "^${ttyname}$" < "/etc/securetty" > "/dev/null" 2> "/dev/null"; then exit 0 # Root on whitelisted tty: may log in else + echo "Sorry, root may not log in on ${ttyname}, see /etc/securetty available TTY:s" >&2 exit 1 # Root on non-whitelisted tty: may not log in fi fi |