LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 07-06-2006, 11:37 PM   #1
drkstr
Senior Member
 
Registered: Feb 2006
Location: Seattle, WA: USA
Distribution: Slackware 11.0
Posts: 1,191

Rep: Reputation: 45
block tty6 in run level 4?


I want to block access to the console by ctrl-shifting your way to tty6. Pat has this little tidbit in the /etc/inittab

Quote:
# Runlevel 4 used to be for an X window only system, until we discovered
# that it throws init into a loop that keeps your load avg at least 1 all
# the time. Thus, there is now one getty opened on tty6. Hopefully no one
# will notice. ;^)
# It might not be bad to have one text console anyway, in case something
# happens to X.
It looks like disabling tty6 altogether would be a bad thing, but how can I block access to this console? Is there a way to disable the key-bindings somewhow? If so, would disabling them in fluxbox be enough, or are the bindings set at a lower level then that? Are there any better ways to acomplish this?

thanks for your time!
...aaron
 
Old 07-07-2006, 12:02 AM   #2
irpstrcr
Member
 
Registered: Mar 2005
Location: LAX
Distribution: Slackware
Posts: 40

Rep: Reputation: 15
That little tidbit has been in inittab for aslong as I can remember.

I would go ahead and disable the getty and just boot to single if
something goes wrong.

todo this find the folowing in your inittab:
Code:
c6:12345:respawn:/sbin/agetty 38400 tty6 linux
      ^
These are the run levels, remove the 4 and the getty should not
spawn with X.
 
Old 07-07-2006, 12:11 AM   #3
tuxdev
Senior Member
 
Registered: Jul 2005
Distribution: Slackware
Posts: 2,012

Rep: Reputation: 115Reputation: 115
I personally use tty6 all the time, so you might not want to deactivate it if there isn't really any major reason to do so. Don't say security, because almost all security goes down the drain when physical access is involved.
 
Old 07-07-2006, 12:57 AM   #4
drkstr
Senior Member
 
Registered: Feb 2006
Location: Seattle, WA: USA
Distribution: Slackware 11.0
Posts: 1,191

Original Poster
Rep: Reputation: 45
Quote:
I personally use tty6 all the time, so you might not want to deactivate it if there isn't really any major reason to do so. Don't say security, because almost all security goes down the drain when physical access is involved.
I use it all the time on my own computer as well. Verry handy sometimes. The reason I need to disable it on this other machine is... security!

Don't worry, I'm not a complete moron, the only physical access will be to the mouse, keyboard, and monitor. The actual PC is locked in a cabinet. This is for a kiosk system that boots straight to init 4 and loads browser up in full screen to display a flash presentation stored on the hard disk. I am trying to prevent all possible ways to close the display.

Quote:
That little tidbit has been in inittab for aslong as I can remember.
Well I started using Linux last december, so it's new to me

Quote:
I would go ahead and disable the getty and just boot to single if
something goes wrong.
thanks for the help! I guess disabling tty6 will not cause as bad of a performance hit as I thought. This sounds like the easiest solution.

regards,
...aaron
 
Old 07-07-2006, 01:21 AM   #5
irpstrcr
Member
 
Registered: Mar 2005
Location: LAX
Distribution: Slackware
Posts: 40

Rep: Reputation: 15
Quote:
Don't worry, I'm not a complete moron, the only physical access will be to the mouse, keyboard, and monitor. The actual PC is locked in a cabinet. This is for a kiosk system that boots straight to init 4 and loads browser up in full screen to display a flash presentation stored on the hard disk. I am trying to prevent all possible ways to close the display.
Your end users will still have more than enough at hand to cause a headache.

Ctrl-Alt-Backspace will still kill the X server, tho it will respawn.

Use a keyboard that has mechanical switches and remove ctrl, alt, Fkeys and any "wnidows" keys all together.

Enable one of the serial lines so who ever has to fix the kiosk has a con availble via a serial cable and laptop.

Think about using a touchscreen instead of a mouse, this will save the time of replaceing the mouse when someone decides to cut the cable

Prolly a couple more that I missed but you get the idea.
 
Old 07-07-2006, 02:37 PM   #6
tuxdev
Senior Member
 
Registered: Jul 2005
Distribution: Slackware
Posts: 2,012

Rep: Reputation: 115Reputation: 115
You can use the "NoFlash" Option in xorg.conf to prevent the X three-finger-salute, but I really hate the idea of getting rid of that console entirely. Almost any other way of doing things seems better than that.
 
Old 07-07-2006, 02:58 PM   #7
drkstr
Senior Member
 
Registered: Feb 2006
Location: Seattle, WA: USA
Distribution: Slackware 11.0
Posts: 1,191

Original Poster
Rep: Reputation: 45
Quote:
Ctrl-Alt-Backspace will still kill the X server, tho it will respawn.
With auto login enabled, the end result will be taking them back to the homepage. Not to big of a deal in my opinion.

Quote:
You can use the "NoFlash" Option in xorg.conf to prevent the X three-finger-salute
I've allready fixed the permissions to block this. The webuser has no way to restart the computer, unfortunatly this this makes restaring impossible altogether. To get around this,
I think I will bind a unique key combination to 'init 6' then sudu init to the webuser. I havn't gotten that far though.

Right now I am just trying to make it so the display can't be closed, and I think disabling tty6 will be the last thing I needed. I havn't found anyother way to close it other then that, but can anybody think of anything else I might want to check?

Quote:
Think about using a touchscreen instead of a mouse, this will save the time of replaceing the mouse when someone decides to cut the cable
This box will be in the lobby of our credit union, if someone cuts my mouse cable I'm closing their account!


thanks for the help!
...aaron
 
Old 07-07-2006, 04:28 PM   #8
tuxdev
Senior Member
 
Registered: Jul 2005
Distribution: Slackware
Posts: 2,012

Rep: Reputation: 115Reputation: 115
The X three-finger-salute is just my way of saying Ctrl-Alt-Backspace, cause it is so similar to the regular salute. If normal user scan't even get into the white-on-black, there isn't any reason to disable tty6 when you as the sysadmin might need too.
 
Old 07-07-2006, 04:48 PM   #9
drkstr
Senior Member
 
Registered: Feb 2006
Location: Seattle, WA: USA
Distribution: Slackware 11.0
Posts: 1,191

Original Poster
Rep: Reputation: 45
ah, I thought you meant 'ctrl+alt+del'. The user can still 'ctrl+alt+bkspc' but in run level 4 it will just respawn the X session, which will bring them back to the full screen homepage.

Quote:
If normal user scan't even get into the white-on-black, there isn't any reason to disable tty6 when you as the sysadmin might need too.
The idea is to never have to call the admin to bring the display back. If someone brings it to the console log in and then leaves, no one else will know what to do with it, including the system administrator (I'm not the admin, just someone that got talked into setting this up). If for some reason some administration has to be done to the machine (hopefully this will never happen), I will use a boot CD and go to single user mode.

...aaron
 
Old 07-07-2006, 10:58 PM   #10
tuxdev
Senior Member
 
Registered: Jul 2005
Distribution: Slackware
Posts: 2,012

Rep: Reputation: 115Reputation: 115
There's an awful lot of administration stuff that either can't, shouldn't, or just a huge pain when done from a liveCD. The kiosk will fail at some point, and having a console handy is really useful, as you probably noticed on your home box.
 
Old 07-08-2006, 12:39 AM   #11
MS3FGX
LQ Guru
 
Registered: Jan 2004
Location: NJ, USA
Distribution: Slackware, Debian
Posts: 5,852

Rep: Reputation: 361Reputation: 361Reputation: 361Reputation: 361
I wouldn't be concerned about not having a TTY on the machine, as long as you have the machine setup for serial logins, as irpstrcr said.
 
Old 07-08-2006, 12:49 AM   #12
evilDagmar
Member
 
Registered: Mar 2005
Location: Right behind you.
Distribution: NBG, then randomed.
Posts: 480

Rep: Reputation: 31
Lightbulb

Quote:
Originally Posted by tuxdev
You can use the "NoFlash" Option in xorg.conf to prevent the X three-finger-salute, but I really hate the idea of getting rid of that console entirely. Almost any other way of doing things seems better than that.
Actually, the option is "DontZap". It appears in the default config that xorgconfig generates (although it's commented out) with an explanation of what it does.

There appears also the "DontVTSwitch" option just above it which seems like it might be a good solution for what the poster wanted.

Code:
# Uncomment this to disable the <Crtl><Alt><Fn> VT switch sequence
# (where n is 1 through 12).  This allows clients to receive these key
# events.

#    Option "DontVTSwitch"

# Uncomment this to disable the <Crtl><Alt><BS> server abort sequence
# This allows clients to receive this key event.

#    Option "DontZap"
 
Old 07-08-2006, 02:26 AM   #13
drkstr
Senior Member
 
Registered: Feb 2006
Location: Seattle, WA: USA
Distribution: Slackware 11.0
Posts: 1,191

Original Poster
Rep: Reputation: 45
excellent. Thanks for the info! I should have read though the xorg.conf. You find answers in the unlikeliest of places.

regards,
...aaron
 
Old 07-08-2006, 02:29 AM   #14
Daga
Member
 
Registered: Apr 2006
Location: A comfy chair...
Distribution: Slackware
Posts: 111

Rep: Reputation: 15
Once you disable the keyboard shortcuts in your xorg.conf file and get everything else set up the way you want it, I would compress everything into a squashfs or cramfs filesystem so that changes cannot be made to the system.

Keep a backup of the original HD stuffs, of course.

EDIT: I guess I should give a reason for this. You can do a hard reboot without any file corruption this way. Also, if something DID happen, it could be reset with a simple reboot.

Last edited by Daga; 07-08-2006 at 02:32 AM.
 
Old 07-08-2006, 03:33 AM   #15
drkstr
Senior Member
 
Registered: Feb 2006
Location: Seattle, WA: USA
Distribution: Slackware 11.0
Posts: 1,191

Original Poster
Rep: Reputation: 45
This is a good idea. I was planning to make it into a live CD and booting to an iso image, but your idea seems a lot more elegent. I will still make a Live CD to keep around, but I will look into these file systems as well (never heard of them before).

thanks!
...aaron
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
What is Run Level? Khmer Linux - General 5 10-18-2005 01:25 PM
Level & Checks block Services (Telnet, VNC...) kt8993 Mandriva 2 10-03-2004 10:35 PM
run level 4 sethgeekx86 Slackware 2 04-15-2004 07:43 PM
Run Level POWERBOOKM Linux - Newbie 2 12-01-2001 09:44 PM
run level isajera Linux - Software 2 06-22-2001 08:20 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 09:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration