pam_console.so
.
pam_console.so
module is called by login
or the graphical login programs, gdm, kdm, and xdm. If this user is the first user to log in at the physical console — referred to as the console user — the module grants the user ownership of a variety of devices normally owned by root. The console user owns these devices until the last local session for that user ends. After this user has logged out, ownership of the devices reverts back to the root user.
pam_console.so
by editing the following files:
/etc/security/console.perms
/etc/security/console.perms.d/50-default.perms
50-default.perms
file, you should create a new file (for example, xx-name.perms
) and enter the required modifications. The name of the new default file must begin with a number higher than 50 (for example, 51-default.perms
). This will override the defaults in the 50-default.perms
file.
Warning
<console>
and <xconsole>
directives in the /etc/security/console.perms
to the following values:
<console>=tty[0-9][0-9]* vc/[0-9][0-9]* :0\.[0-9] :0 <xconsole>=:0\.[0-9] :0
<xconsole>
directive entirely and change the <console>
directive to the following value:
<console>=tty[0-9][0-9]* vc/[0-9][0-9]*