[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Notification of number of unsuccessful login attempts


On Tue, Mar 25, 2008 at 04:04:51PM -0400, Clark, Patti wrote:
> Since the count is cleared as soon as the user is successful in their
> login attempt, how/where would pam_tally be used?

When login got PAM support, the logging and report of failures
(in/from /var/log/faillog) was removed (when PAM support is enabled).

There is a patch in Debian to re-enable the call to failprint, even when
compiled with PAM support.

IMHO, it would be better to have an option to pam_tally to print the tally
information before it get reseted, since it could take into account
failures from other programs, and could be used to report failures also
from other connections (e.g. ssh).

Would it be possible to print the number of failures before the counter
gets reseted, or to set an environment variable in pam_tally?

Best Regards,

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]