Pegasus InfoCorp: Web site design and web software development company
Home About Us Services Solutions Clientele Contact Us
Remote Serial Console HOWTO
PrevChapter 7. Configure incidentalsNext

7.1. Allow root to login from serial console

The file /etc/securetty controls the devices that the root user can log in upon.

It is usually desirable to have root be able to log in from the console, so add the basename of the serial console device to /etc/securetty.

Figure 7-1. Alter securetty to allow root to log in from the serial console

ttyS0

Almost anyone can now dial into the modem and attempt to guess the root password. Normally we do not allow root to log in from a remote site, rather we have a normal user log in and then use su or sudo to become root. This gives some traceability.

Unfortunately, the root user needs to be able to log in from the console to fix a full disk. Disk subsystems typically reserve 5% of their space for root's exclusive use.[1] This is enough space for the root user to log in and start deleting the files that filled the disk.

Notesecuretty and Red Hat's kudzu
 

kudzu automatically adds the device being used as the console to securetty.

Notes

[1]

This is not as inefficient as it may appear. The last 5% of a disk formatted with a general purpose filesystem always performs poorly and is best left empty.

PrevHomeNext
Configure incidentalsUpChange init level to textual
Home About Us Services Solutions Clientele
Contact Us Directory Links Web Development Knowledgebase - Linux How To Web Development Knowledgebase - Linux Dictionary