If you wish to make other applications accessible to console users,
you will have to do just a little bit more work.
First of all, console access only works for
applications which reside in /sbin or
/usr/sbin, so the application that you wish to
run must be there. After verifying that, do the following steps:
Create a link from the name of your application, such as our sample
foo program, to the
/usr/bin/consolehelper application:
cd /usr/bin
ln -s consolehelper foo |
Create the file
/etc/security/console.apps/foo:
touch /etc/security/console.apps/foo |
Create a PAM configuration file for the
foo service in
/etc/pam.d/. An easy way to do this is to start
with a copy of the halt service's PAM configuration file, and then
modify the file if you want to change the behavior:
cp /etc/pam.d/halt /etc/pam.d/foo |
Now, when you run
/usr/bin/foo, it will call
consolehelper, which will authenticate the user with
the help of /usr/sbin/userhelper. To authenticate the
user, consolehelper will ask for the user's password
if /etc/pam.d/foo is a
copy of /etc/pam.d/halt (otherwise, it will do
precisely what is specified in
/etc/pam.d/foo) and then
run /usr/sbin/foo with
root permissions.
