How do I stop kernel messages being visible on tty12 and thus to unauthenticated users?
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
In Linux, before a window manager is running, if I hit the Windows key from a console (or alt+F12), I can see kernel messages. I would like to disable the kernel messages from displaying at all since sensitive information could be displayed even before a user is authenticated on the system.
Where do I make this change, /etc/inittab
, or some other file?
I did a grep for 12 in /etc
and see /etc/rc.conf
(I'm on gentoo) and the number of ttys allocated is 12. I am changing this to the number I actually have assigned getty
s which is 6, hoping that will disable the kernel output since there should not be anything on that tty. It is interesting though why the kernel output is just on tty12
and not 7 - 12.
linux terminal console
add a comment |Â
up vote
0
down vote
favorite
In Linux, before a window manager is running, if I hit the Windows key from a console (or alt+F12), I can see kernel messages. I would like to disable the kernel messages from displaying at all since sensitive information could be displayed even before a user is authenticated on the system.
Where do I make this change, /etc/inittab
, or some other file?
I did a grep for 12 in /etc
and see /etc/rc.conf
(I'm on gentoo) and the number of ttys allocated is 12. I am changing this to the number I actually have assigned getty
s which is 6, hoping that will disable the kernel output since there should not be anything on that tty. It is interesting though why the kernel output is just on tty12
and not 7 - 12.
linux terminal console
Rename the title to a round sentence. Since you have more than 300 rep, also you have a reopen vote about your own questions.
â peterh
Oct 14 '17 at 12:09
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
In Linux, before a window manager is running, if I hit the Windows key from a console (or alt+F12), I can see kernel messages. I would like to disable the kernel messages from displaying at all since sensitive information could be displayed even before a user is authenticated on the system.
Where do I make this change, /etc/inittab
, or some other file?
I did a grep for 12 in /etc
and see /etc/rc.conf
(I'm on gentoo) and the number of ttys allocated is 12. I am changing this to the number I actually have assigned getty
s which is 6, hoping that will disable the kernel output since there should not be anything on that tty. It is interesting though why the kernel output is just on tty12
and not 7 - 12.
linux terminal console
In Linux, before a window manager is running, if I hit the Windows key from a console (or alt+F12), I can see kernel messages. I would like to disable the kernel messages from displaying at all since sensitive information could be displayed even before a user is authenticated on the system.
Where do I make this change, /etc/inittab
, or some other file?
I did a grep for 12 in /etc
and see /etc/rc.conf
(I'm on gentoo) and the number of ttys allocated is 12. I am changing this to the number I actually have assigned getty
s which is 6, hoping that will disable the kernel output since there should not be anything on that tty. It is interesting though why the kernel output is just on tty12
and not 7 - 12.
linux terminal console
edited Oct 14 '17 at 15:38
JdeBP
29.1k459135
29.1k459135
asked Oct 14 '17 at 3:15
Walter
5022616
5022616
Rename the title to a round sentence. Since you have more than 300 rep, also you have a reopen vote about your own questions.
â peterh
Oct 14 '17 at 12:09
add a comment |Â
Rename the title to a round sentence. Since you have more than 300 rep, also you have a reopen vote about your own questions.
â peterh
Oct 14 '17 at 12:09
Rename the title to a round sentence. Since you have more than 300 rep, also you have a reopen vote about your own questions.
â peterh
Oct 14 '17 at 12:09
Rename the title to a round sentence. Since you have more than 300 rep, also you have a reopen vote about your own questions.
â peterh
Oct 14 '17 at 12:09
add a comment |Â
2 Answers
2
active
oldest
votes
up vote
0
down vote
That is a kernel command line option, set at boot. It's usually part of grub's configuration (in /etc/default/grub
). Look for this line:
GRUB_CMDLINE_LINUX="console=tty12"
After editing, you'll need to run update-grub
with root privileges. Make sure your /boot
partition is mounted before the update, if it's a separate partition.
Ah, so, since it's part of the kernel, then if I build my own kernel, I can simply disable it there too, right?
â Walter
Oct 15 '17 at 10:43
Actually, not sure how I missed this earlier when grepping, but /etc/syslog-ng/syslog-ng.conf has the configuration to log to tty12 by default. I will update that, but in addition, I should ensure that tty12 isn't configured to display anything.
â Walter
Oct 15 '17 at 11:06
add a comment |Â
up vote
0
down vote
accepted
Actually, the problem was syslog, I merely commented / removed these lines:
sed -i "s/^log source(src); destination(console_all); ;/#log source(src); destination(console_all); ;/" /etc/syslog-ng/syslog-ng.conf
sed -i "s/^destination console_all/#destination console_all/" /etc/syslog-ng/syslog-ng.conf
The first one is required, the second one was just to cleanup and ensure I'm not using it anywhere else.
add a comment |Â
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
That is a kernel command line option, set at boot. It's usually part of grub's configuration (in /etc/default/grub
). Look for this line:
GRUB_CMDLINE_LINUX="console=tty12"
After editing, you'll need to run update-grub
with root privileges. Make sure your /boot
partition is mounted before the update, if it's a separate partition.
Ah, so, since it's part of the kernel, then if I build my own kernel, I can simply disable it there too, right?
â Walter
Oct 15 '17 at 10:43
Actually, not sure how I missed this earlier when grepping, but /etc/syslog-ng/syslog-ng.conf has the configuration to log to tty12 by default. I will update that, but in addition, I should ensure that tty12 isn't configured to display anything.
â Walter
Oct 15 '17 at 11:06
add a comment |Â
up vote
0
down vote
That is a kernel command line option, set at boot. It's usually part of grub's configuration (in /etc/default/grub
). Look for this line:
GRUB_CMDLINE_LINUX="console=tty12"
After editing, you'll need to run update-grub
with root privileges. Make sure your /boot
partition is mounted before the update, if it's a separate partition.
Ah, so, since it's part of the kernel, then if I build my own kernel, I can simply disable it there too, right?
â Walter
Oct 15 '17 at 10:43
Actually, not sure how I missed this earlier when grepping, but /etc/syslog-ng/syslog-ng.conf has the configuration to log to tty12 by default. I will update that, but in addition, I should ensure that tty12 isn't configured to display anything.
â Walter
Oct 15 '17 at 11:06
add a comment |Â
up vote
0
down vote
up vote
0
down vote
That is a kernel command line option, set at boot. It's usually part of grub's configuration (in /etc/default/grub
). Look for this line:
GRUB_CMDLINE_LINUX="console=tty12"
After editing, you'll need to run update-grub
with root privileges. Make sure your /boot
partition is mounted before the update, if it's a separate partition.
That is a kernel command line option, set at boot. It's usually part of grub's configuration (in /etc/default/grub
). Look for this line:
GRUB_CMDLINE_LINUX="console=tty12"
After editing, you'll need to run update-grub
with root privileges. Make sure your /boot
partition is mounted before the update, if it's a separate partition.
answered Oct 14 '17 at 19:34
dogoncouch
47917
47917
Ah, so, since it's part of the kernel, then if I build my own kernel, I can simply disable it there too, right?
â Walter
Oct 15 '17 at 10:43
Actually, not sure how I missed this earlier when grepping, but /etc/syslog-ng/syslog-ng.conf has the configuration to log to tty12 by default. I will update that, but in addition, I should ensure that tty12 isn't configured to display anything.
â Walter
Oct 15 '17 at 11:06
add a comment |Â
Ah, so, since it's part of the kernel, then if I build my own kernel, I can simply disable it there too, right?
â Walter
Oct 15 '17 at 10:43
Actually, not sure how I missed this earlier when grepping, but /etc/syslog-ng/syslog-ng.conf has the configuration to log to tty12 by default. I will update that, but in addition, I should ensure that tty12 isn't configured to display anything.
â Walter
Oct 15 '17 at 11:06
Ah, so, since it's part of the kernel, then if I build my own kernel, I can simply disable it there too, right?
â Walter
Oct 15 '17 at 10:43
Ah, so, since it's part of the kernel, then if I build my own kernel, I can simply disable it there too, right?
â Walter
Oct 15 '17 at 10:43
Actually, not sure how I missed this earlier when grepping, but /etc/syslog-ng/syslog-ng.conf has the configuration to log to tty12 by default. I will update that, but in addition, I should ensure that tty12 isn't configured to display anything.
â Walter
Oct 15 '17 at 11:06
Actually, not sure how I missed this earlier when grepping, but /etc/syslog-ng/syslog-ng.conf has the configuration to log to tty12 by default. I will update that, but in addition, I should ensure that tty12 isn't configured to display anything.
â Walter
Oct 15 '17 at 11:06
add a comment |Â
up vote
0
down vote
accepted
Actually, the problem was syslog, I merely commented / removed these lines:
sed -i "s/^log source(src); destination(console_all); ;/#log source(src); destination(console_all); ;/" /etc/syslog-ng/syslog-ng.conf
sed -i "s/^destination console_all/#destination console_all/" /etc/syslog-ng/syslog-ng.conf
The first one is required, the second one was just to cleanup and ensure I'm not using it anywhere else.
add a comment |Â
up vote
0
down vote
accepted
Actually, the problem was syslog, I merely commented / removed these lines:
sed -i "s/^log source(src); destination(console_all); ;/#log source(src); destination(console_all); ;/" /etc/syslog-ng/syslog-ng.conf
sed -i "s/^destination console_all/#destination console_all/" /etc/syslog-ng/syslog-ng.conf
The first one is required, the second one was just to cleanup and ensure I'm not using it anywhere else.
add a comment |Â
up vote
0
down vote
accepted
up vote
0
down vote
accepted
Actually, the problem was syslog, I merely commented / removed these lines:
sed -i "s/^log source(src); destination(console_all); ;/#log source(src); destination(console_all); ;/" /etc/syslog-ng/syslog-ng.conf
sed -i "s/^destination console_all/#destination console_all/" /etc/syslog-ng/syslog-ng.conf
The first one is required, the second one was just to cleanup and ensure I'm not using it anywhere else.
Actually, the problem was syslog, I merely commented / removed these lines:
sed -i "s/^log source(src); destination(console_all); ;/#log source(src); destination(console_all); ;/" /etc/syslog-ng/syslog-ng.conf
sed -i "s/^destination console_all/#destination console_all/" /etc/syslog-ng/syslog-ng.conf
The first one is required, the second one was just to cleanup and ensure I'm not using it anywhere else.
answered Oct 17 '17 at 12:52
Walter
5022616
5022616
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f398054%2fhow-do-i-stop-kernel-messages-being-visible-on-tty12-and-thus-to-unauthenticated%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Rename the title to a round sentence. Since you have more than 300 rep, also you have a reopen vote about your own questions.
â peterh
Oct 14 '17 at 12:09