<div dir="ltr">I want to run a script when an authentication failure occurs. But, with the following conf file, authenitcation always fails even when the proper credentials are supplied.<br><br> auth [success=1 new_authtok_reqd=ok ignore=ignore default=bad] pam_unix.so<br>
auth optional pam_exec.so /usr/bin/log_failure<br> password required pam_unix.so md5<br><br>Authentication works by changing "success=1" to "success=ok", though obviously the failure script will always run.<br>
<br>I tried looking through the source code of _pam_dispatch_aux and it doesn't seem to return the first rule's return when there is no rule to jump to. If I add another rule so there is something to jump to, everything works.<br>
<br> auth [success=1 new_authtok_reqd=ok ignore=ignore default=bad] pam_unix.so <br> auth optional pam_exec.so /usr/bin/log_failure<br> auth optional pam_exec.so /usr/bin/noop<br> password required pam_unix.so md5<br>
<br>Am I doing something wrong in my conf file, trying something that shouldn't work, or is there a problem? </div>