From 98ed378dbd4cdd45f06d6d75717430e52c859bc9 Mon Sep 17 00:00:00 2001
From: Justin Cormack <justin.cormack@docker.com>
Date: Fri, 14 Jul 2017 18:31:44 +0100
Subject: [PATCH] Add a securetty file

Do not copy host securetty file - this one should be comprehensive
or bind mount host one in yourself.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
---
 pkg/getty/etc/securetty       | 33 +++++++++++++++++++++++++++++++++
 pkg/getty/usr/bin/rungetty.sh |  7 -------
 2 files changed, 33 insertions(+), 7 deletions(-)
 create mode 100644 pkg/getty/etc/securetty

diff --git a/pkg/getty/etc/securetty b/pkg/getty/etc/securetty
new file mode 100644
index 000000000..57f40c9e2
--- /dev/null
+++ b/pkg/getty/etc/securetty
@@ -0,0 +1,33 @@
+console
+tty1
+tty2
+tty3
+tty4
+tty5
+tty6
+tty7
+tty8
+tty9
+tty10
+tty11
+
+# UART serial ports
+ttyS0
+ttyS1
+ttyS2
+ttyS3
+
+# IBM iSeries/pSeries virtual console, Xen
+hvc0
+hvc1
+
+#IBM pSeries console ports
+hvsi0
+hvsi1
+
+# ARM "AMBA" serial ports
+ttyAM0
+ttyAM1
+
+# s390 and s390x ports in LPAR mode
+ttysclp0
diff --git a/pkg/getty/usr/bin/rungetty.sh b/pkg/getty/usr/bin/rungetty.sh
index 38d389064..e8ae401f5 100755
--- a/pkg/getty/usr/bin/rungetty.sh
+++ b/pkg/getty/usr/bin/rungetty.sh
@@ -49,13 +49,6 @@ if [ -f $ROOTSHADOW ]; then
 	echo >> /etc/shadow
 fi
 
-ROOTSTTY=/hostroot/etc/securetty
-if [ -f $ROOTSTTY ]; then
-	cp $ROOTSTTY /etc/securetty
-	# just in case someone forgot a newline
-	echo >> /etc/securetty
-fi
-
 for opt in $(cat /proc/cmdline); do
 	case "$opt" in
 	console=*)