I'm using pam_securetty.so to restrict the TTYs that root is able to authenticate on, and this breaks physlock to where I'm forced to reboot to be able to access my machine if physlock gets started by root.

Here's the relevant contents of /var/log/auth.log:

Feb 26 22:54:49 dj3ntoo physlock: pam_securetty(physlock:auth): cannot determine user's tty
Feb 26 22:54:49 dj3ntoo unix_chkpwd[29530]: password check failed for user (root)
Feb 26 22:54:49 dj3ntoo physlock: pam_unix(physlock:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=  user=root

I believe I know what's causing this though, and will post an update once I've investigated it further.

In the meantime, I'm using pam_succeed_if.so to temporarily work around this issue. /etc/pam.d/system-auth:

auth    [success=1 default=ignore]  pam_succeed_if.so   quet_fail service = physlock
auth    required                    pam_securetty.so