Split the security-misc into security-misc-shared, security-misc-desktop and security-misc-server: rename files

https://github.com/Kicksecure/security-misc/issues/187

etc/security/access-security-misc.conf#security-misc-shared

@@ -0,0 +1,41 @@
+## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
+## See the file COPYING for copying conditions.
+
+## To enable root login, see:
+## https://www.kicksecure.com/wiki/Root#Root_Login
+
+## Console Lockdown
+## https://forums.whonix.org/t/etc-security-hardening/8592
+
+## This is the error message should this fail:
+## sudo su
+## sudo: PAM account management error: Permission denied
+
+## see also:
+## man access.conf
+## man pam_access
+
+## Usually tty7 is for X.
+## Qubes uses tty1 for X.
+
+## Qubes has 'pts/0' when for example running "sudo" from a terminal emulator.
+## Qubes uses 'hvc0' when using in dom0 "sudo xl console vm-name".
+## When using systemd-nspawn (chroot) then `login` requires console 'console' to be permitted.
+
+## Allow members of group `console` to use:
+## - 'console'
+## - 'tty1' to 'tty7'
+## - 'pts/0' to 'pts/9'
+## - 'hvc0' to 'hvc9'
+## serial console
+## https://forums.whonix.org/t/how-do-i-enter-the-whonix-shell-from-cli/7271/43
+## - 'ttyS0' to 'ttyS9'
++:(console):console tty1 tty2 tty3 tty4 tty5 tty6 tty7 pts/0 pts/1 pts/2 pts/3 pts/4 pts/5 pts/6 pts/7 pts/8 pts/9 hvc0 hvc1 hvc2 hvc3 hvc4 hvc5 hvc6 hvc7 hvc8 hvc9 ttyS0 ttyS1 ttyS2 ttyS3 ttyS4 ttyS5 ttyS6 ttyS7 ttyS8 ttyS9
+
+## Same as above also for members of group `sudo`.
+## https://github.com/Whonix/security-misc/pull/74#issuecomment-607748407
++:(sudo):console tty1 tty2 tty3 tty4 tty5 tty6 tty7 pts/0 pts/1 pts/2 pts/3 pts/4 pts/5 pts/6 pts/7 pts/8 pts/9 hvc0 hvc1 hvc2 hvc3 hvc4 hvc5 hvc6 hvc7 hvc8 hvc9 ttyS0 ttyS1 ttyS2 ttyS3 ttyS4 ttyS5 ttyS6 ttyS7 ttyS8 ttyS9
+
+## Everyone else except members of group 'console-unrestricted'
+## are restricted from everything else.
+-:ALL EXCEPT (console-unrestricted):ALL