From 7afbf6f20e1de62fb5595411d998703c95af8965 Mon Sep 17 00:00:00 2001
From: Karel Zak <kzak@redhat.com>
Date: Wed, 2 Jan 2013 08:23:00 +0100
Subject: [PATCH 1/3] agetty: replace perms 660 to 620

 ... the default is root:tty 620

Signed-off-by: Karel Zak <kzak@redhat.com>
---
 login-utils/login.1 | 5 ++++-
 term-utils/agetty.c | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/login-utils/login.1 b/login-utils/login.1
index 092213d..e37e5e6 100644
--- a/login-utils/login.1
+++ b/login-utils/login.1
@@ -184,7 +184,10 @@ login failure.  The default value is
 (string)
 .RS 4
 The terminal permissions.  The default value is
-.IR 0600 .
+.IR 0600
+or
+.IR 0620
+if tty group is used.
 .RE
 .PP
 .B TTYGROUP
diff --git a/term-utils/agetty.c b/term-utils/agetty.c
index 7ee252d..17ebfba 100644
--- a/term-utils/agetty.c
+++ b/term-utils/agetty.c
@@ -894,7 +894,7 @@ static void open_tty(char *tty, struct termios *tp, struct options *op)
 		 * Linux login(1) will change tty permissions. Use root owner and group
 		 * with permission -rw------- for the period between getty and login.
 		 */
-		if (chown(buf, 0, gid) || chmod(buf, (gid ? 0660 : 0600))) {
+		if (chown(buf, 0, gid) || chmod(buf, (gid ? 0620 : 0600))) {
 			if (errno == EROFS)
 				log_warn("%s: %m", buf);
 			else
-- 
1.8.1