summaryrefslogtreecommitdiff
path: root/osi-mk.d/systemd-osi-shell.sh
diff options
context:
space:
mode:
Diffstat (limited to 'osi-mk.d/systemd-osi-shell.sh')
-rw-r--r--osi-mk.d/systemd-osi-shell.sh6
1 files changed, 5 insertions, 1 deletions
diff --git a/osi-mk.d/systemd-osi-shell.sh b/osi-mk.d/systemd-osi-shell.sh
index 3854325..dc161dc 100644
--- a/osi-mk.d/systemd-osi-shell.sh
+++ b/osi-mk.d/systemd-osi-shell.sh
@@ -27,7 +27,11 @@ systemd-osi-shell:post_install() {
KillMode=process
IgnoreSIGPIPE=no
- ExecStart=/bin/login -p -f root
+ # We can't use login(1) because it masks the exit status of the shell,
+ # but we want this to be a real local login with PAM, so use su(1),
+ # but trick in in to using login(1)'s PAM config. We undo this trick by
+ # using nsenter(1) to reset the mount namespace after we've done the PAM stuff.
+ ExecStart=/bin/unshare --mount -- sh -c 'mount --bind /etc/pam.d/login /etc/pam.d/su && exec -- su -c "exec nsenter --mount --target=1 -- bash -l"'
StandardInput=tty
TTYPath=/dev/ttyS0
TTYReset=yes