Linux Fedora Core 2: Password, Login, and Pam
Browder, Tom
Tom.Browder at fwb.srs.com
Thu Dec 16 20:41:14 UTC 2004
I added your patch, recompiled, and copied the new pam_tally.so into
/lib/security over the old one.
It seems to find excess failures, and apparently returns PAM_AUTH_ERR,
but how do you get the system to react? I see the excesses noted in
/var/log/messages but no other system response: further login attempts
with a good password are accepted, and the tally in /var/log/faillog is
not reset after a successful login.
I made these entries to /etc/pam.d/system-auth (should they be the first
entries?):
# login attempts:
auth requisite /lib/security/$ISA/pam_tally.so onerr=fail
deny=2
Account sufficient /lib/security/$ISA/pam_tally.so reset
Thanks.
Tom Browder
SRS Technologies, Inc.
362 Beal Parkway, N.W., Suite 201
Fort Walton Beach, FL 32548-3975
Tel: 850-862-4188
Fax: 850-862-8055
> -----Original Message-----
> From: Tomas Mraz [mailto:tmraz at redhat.com]
> Sent: Tuesday, December 14, 2004 12:31 PM
> To: Browder, Tom
> Subject: RE: Linux Fedora Core 2: Password, Login, and Pam
>
> On Tue, 2004-12-14 at 11:51 -0600, Browder, Tom wrote:
> > Tomas, I need this functionality. I have downloaded the pam source
> > (Linux-PAM-0.78.tar.gz)and want to help with this fix. Can
> I get your
> > patch and test it?
> >
> > Thanks.
> >
> > Tom Browder
>
> Here is the patch. You can test it however I plan to change it anyway.
>
> --
> Tomas Mraz <tmraz at redhat.com>
>
More information about the Pam-list
mailing list