Serial Port Login on 3.1

When I try to login and logout via serial console to my
newly 
upgraded to 3.1 Quadra 700 I encounter the three following
issues:

1)  I can't login as root:
login: root
Password:
Feb 27 12:22:00 GuardianII login: LOGIN root REFUSED ON TTY
ttyZ0
Login incorrect or refused on this terminal.
Is this a security feature to console login now?

2)  When I do login with a non-root account I get the
following:
NetBSD 3.1 (GENERIC) #0: Tue Oct 31 04:42:59 UTC 2006

Welcome to NetBSD!

tset: terminal type su is unknown
Terminal type? vt220
I have the proper terminal type listed in /etc/ttys:
#
#       $NetBSD: ttys,v 1.17 2004/06/20 21:30:27 christos
Exp $
#       from: (#)ttys  5.1 (Berkeley) 4/17/89
#
# name  getty                           type    status      
   comments
#
# If the console is marked insecure, single-user requires
# the root password.
console "/usr/libexec/getty Pc"         vt220  
off secure

# Define the console that we actually run getty on.
ttyE0   "/usr/libexec/getty Pc"         vt220  
off secure

# Hardwired lines are marked off, by default, so getty(8)
# is quiet when they don't exist.
tty00   "/usr/libexec/getty std.9600"   vt220   on
secure
tty01   "/usr/libexec/getty std.9600"   unknown
off secure
tty02   "/usr/libexec/getty std.9600"   unknown
off secure
tty03   "/usr/libexec/getty std.9600"   unknown
off secure
tty04   "/usr/libexec/getty std.9600"   unknown
off secure
tty05   "/usr/libexec/getty std.9600"   unknown
off secure
tty06   "/usr/libexec/getty std.9600"   unknown
off secure
tty07   "/usr/libexec/getty std.9600"   unknown
off secure

3)  I get the following message upon logout:
Mar  8 08:34:00 GuardianII login: pam_sm_close_session(): no
utmp 
record for tty
Z0
I don't get this one.

Am I doing anything wrong here?  (Besides the obvious of a
root login 
remotely.)
-- 
Randy

OS X - UNIX for the rest of us
NetBSD - It's Explosive!
Marten - Prograph for OS X.  Yes!

At 15:40 Uhr -0800 8.3.2007, Randy Beaudreault wrote:
>When I try to login and logout via serial console to my
newly
>upgraded to 3.1 Quadra 700 I encounter the three
following issues:
>
>1)  I can't login as root:
>login: root
>Password:
>Feb 27 12:22:00 GuardianII login: LOGIN root REFUSED ON
TTY ttyZ0
>Login incorrect or refused on this terminal.

[...]

># Hardwired lines are marked off, by default, so
getty(8)
># is quiet when they don't exist.
>tty00   "/usr/libexec/getty std.9600"   vt220 
 on secure
>tty01   "/usr/libexec/getty std.9600"  
unknown off secure
>tty02   "/usr/libexec/getty std.9600"  
unknown off secure
>tty03   "/usr/libexec/getty std.9600"  
unknown off secure
>tty04   "/usr/libexec/getty std.9600"  
unknown off secure
>tty05   "/usr/libexec/getty std.9600"  
unknown off secure
>tty06   "/usr/libexec/getty std.9600"  
unknown off secure
>tty07   "/usr/libexec/getty std.9600"  
unknown off secure
>
>3)  I get the following message upon logout:
>Mar  8 08:34:00 GuardianII login:
pam_sm_close_session(): no utmp
>record for tty
>Z0
>I don't get this one.
>
>Am I doing anything wrong here?  (Besides the obvious of
a root login
>remotely.)

No, NetBSD is at fault here.  ;)

The tty0[01] entries above were renamed to ttyZ[01] some
time ago. While
there are symlinks in place for compatibility, login
apparently compares
the ttys entry with the actual device when it checks whether
root may login
there ("secure").

The /etc/ttys change is in -current, but wasn't pulled up to
the release
branches.

	hauke


--
"It's never straight up and down"     (DEVO)

Hi,

This is now fix in current (IIRC). I posted a fix some time
ago:
http://mail-index.netbsd.org/port-mac68k/2006/05/04
/0000.html

Changing ttyE0 to ttyZ0 in /etc/ttys makes the things work
also for root.
As Hauke explained sometime in email the problem in your
case is that
ttyE0 is a symbolic link to the real device (ttyZ0) and that
is why the
root can not login (I think this is also the case of Q700).

I hope this helps.

Regards,

Johny.


On Thu, 8 Mar 2007, Randy Beaudreault wrote:

> When I try to login and logout via serial console to my
newly
> upgraded to 3.1 Quadra 700 I encounter the three
following issues:
>
> 1)  I can't login as root:
> login: root
> Password:
> Feb 27 12:22:00 GuardianII login: LOGIN root REFUSED ON
TTY ttyZ0
> Login incorrect or refused on this terminal.
> Is this a security feature to console login now?
>
> 2)  When I do login with a non-root account I get the
following:
> NetBSD 3.1 (GENERIC) #0: Tue Oct 31 04:42:59 UTC 2006
>
> Welcome to NetBSD!
>
> tset: terminal type su is unknown
> Terminal type? vt220
> I have the proper terminal type listed in /etc/ttys:
> #
> #       $NetBSD: ttys,v 1.17 2004/06/20 21:30:27
christos Exp $
> #       from: (#)ttys  5.1 (Berkeley) 4/17/89
> #
> # name  getty                           type    status 
        comments
> #
> # If the console is marked insecure, single-user
requires
> # the root password.
> console "/usr/libexec/getty Pc"         vt220
  off secure
>
> # Define the console that we actually run getty on.
> ttyE0   "/usr/libexec/getty Pc"         vt220
  off secure
>
> # Hardwired lines are marked off, by default, so
getty(8)
> # is quiet when they don't exist.
> tty00   "/usr/libexec/getty std.9600"   vt220
  on secure
> tty01   "/usr/libexec/getty std.9600"  
unknown off secure
> tty02   "/usr/libexec/getty std.9600"  
unknown off secure
> tty03   "/usr/libexec/getty std.9600"  
unknown off secure
> tty04   "/usr/libexec/getty std.9600"  
unknown off secure
> tty05   "/usr/libexec/getty std.9600"  
unknown off secure
> tty06   "/usr/libexec/getty std.9600"  
unknown off secure
> tty07   "/usr/libexec/getty std.9600"  
unknown off secure
>
> 3)  I get the following message upon logout:
> Mar  8 08:34:00 GuardianII login:
pam_sm_close_session(): no utmp
> record for tty
> Z0
> I don't get this one.
>
> Am I doing anything wrong here?  (Besides the obvious
of a root login
> remotely.)
> --
> Randy
>
> OS X - UNIX for the rest of us
> NetBSD - It's Explosive!
> Marten - Prograph for OS X.  Yes!
>