securetty in Debian

[pyllyukko]

• #731656 - Please disable securetty by default
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674857#25
• pam_securetty: silently ignore missing securetty file #158

FWIW, the latest login upload to unstable (1:4.7-1) dropped support for /etc/securetty and removed that file on upgrades, due to the numerous complaints it caused:

,----	shadow (1:4.7-1) unstable; urgency=medium
[ Balint Reczey ]
* Stop shipping and honoring /etc/securetty
(Closes: #731656, #830255, #879903, #920764, #771675, #917893, #607073)

`----

This lead to complaints by pam_unix in the system logs on every login, see #931899. I think it's time to disable pam_securetty by default, it was useful twenty years ago but it no longer is.

[pyllyukko]

If distros don't use securetty it shouldn't still matter if the configuration exists. Also to play it safe we should have this conditionally and inspect PAM's configuration for pam_securetty which would introduce unnecessary complexity.