Pam_Tally2 User Lockouts. (Kaydo)
Peter Shulkin
pshulkin at demoulasmarketbasket.com
Thu Jun 17 18:02:25 UTC 2010
Date: Wed, 16 Jun 2010 13:00:07 -0500
From: "Kaydo" <kaydo at rice.edu>
To: "'General Red Hat Linux discussion list'" <redhat-list at redhat.com>
Subject: RE: Pam_Tally2 User Lockouts. (Kaydo)
Message-ID: <69A317DF835840E0A6DC156A15EB249D at adminsystems.rice.edu>
Content-Type: text/plain; charset="US-ASCII"
>Thank you for the response Peter but faillog is for the pam_tally
module >and not pam_tally2.
>- Kaydo
The pam_tally2 utility can be used to unlock user accounts as follows:
# /sbin/pam_tally2 --user username --reset
Without the reset, it lists the failures.
/sbin/pam_tally2 --user fubar
Login Failures Latest failure From
fubar 0
Peter
-----Original Message-----
From: Peter Shulkin
Sent: Wednesday, June 16, 2010 1:19 PM
To: 'redhat-list at redhat.com'
Subject: RE: Pam_Tally2 User Lockouts. (Kaydo)
----------------------------------------------------------------------
Message: 1
Date: Tue, 15 Jun 2010 15:15:59 -0500
From: "Kaydo" <kaydo at rice.edu>
To: "'General Red Hat Linux discussion list'" <redhat-list at redhat.com>
Subject: Pam_Tally2 User Lockouts.
Message-ID: <FE71C7ADF9DF4916A0784165E03F187E at adminsystems.rice.edu>
Content-Type: text/plain; charset="US-ASCII"
>Hi,
>I've configured user lockouts using the pam_tally2 module but I have a
>question. Is there a command that I can run that will tell me whether
a
>user's account is locked out from this module or not? If I run passwd
-S
><user> it doesn't say that the account is locked, I'm thinking this
only
>works if the account was locked using usermod -L. I know I can use
>pam_tally2 command to see the failed login counts, but it would be
great if
>there were a command that would directly tell me if a user was locked
out
>due to this module. Anybody know of such a command?
>Thanks guys,
Of course, you know about the faillog program. Faillog -u userid tells
you if that userid is locked out, and faillog -u userid -r resets the
account. Check the man pages for more info.
Peter
________________________________________________
>Kenrick Bramble, Systems Manager
>Administrative Systems Dept | 713-348-8645 | <mailto:kaydo at rice.edu>
>kaydo at rice.edu Rice University | 6100 Main Street | Houston, TX 77005
>"Never seem more learned than the people you are with. Wear your
learning >like a pocket watch and keep it hidden. Do not pull it out to
count the >hours, but give the time when you are asked."
>-- Lord Chesterfield
More information about the redhat-list
mailing list