vtdaemon provides a secure switch function, by means of hotkeys, between different text virtual consoles. It runs with full privileges. See vt(7I) for specifications of hotkey sequences.
The service is managed using the action authorization solaris.smf.manage.vt which is included in the Device Security Rights Profile. The service is local only and has no inbound network ports. It is disabled in non-global zones or when the virtual console functionality is not available.
vtdaemon uses PAM for authentication.
Note that vtdaemon only locks and unlocks the text console. For graphical X sessions, it invokes the corresponding lock program (for example, xscreensaver), which deals with authentication and audit.
See attributes(5) for descriptions of the following attributes:
The vtdaemon service is managed by the service management facility, smf(5), under the service identifier:
The vtdaemon service has the following SMF configuration properties:
Allows authorized users to dynamically enable or disable the VT switch by means of hotkeys. Its default value is TRUE (enabled).
Allows authorized users to dynamically enable or disable the security of hotkeys. If disabled, the user can freely switch to any session without authentication. Its default value is TRUE (enabled).