Find the answer to your Linux question:
Results 1 to 4 of 4
Hello, I'm on Fedora core 8 and I recently finished configuring pam to deny access after a certain number of failed login attempts. My pam configuration works just fine (suprisingly), ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jun 2009
    Posts
    2

    Inform user of locked account


    Hello,

    I'm on Fedora core 8 and I recently finished configuring pam to deny access after a certain number of failed login attempts.

    My pam configuration works just fine (suprisingly), but when it locks the account you don't get any message that this has occured. When you try to enter the password again you get the authorization failure, but the user is never informed that the account has been locked.

    Does anyone have any ideas on how to address this? I'd appreciate the help.

  2. #2
    Linux User vickey_20's Avatar
    Join Date
    Mar 2009
    Location
    Mumbai, India
    Posts
    493
    can you post the configuration file you have tweaked , so that we get a fair idea . form where actaully the user is being disabled and what options are available to infrom the user about account expiration.
    Only if I could understand the man pages
    Registered Linux user #492640
    OS: RHEL4,5 ,RH 9,Ubuntu

  3. #3
    Just Joined!
    Join Date
    Jun 2009
    Posts
    2
    vickey_20,

    Thanks for the response.

    All I did was change the system-auth symlink from the /etc/pam.d/system-auth-ac file to a local config file (It had the same rules in it as the system-auth-ac). Then I added the blocking rule:

    Code:
    auth  required  pam_tally.so  onerr=fail  file=/var/log/faillog  audit  deny=3  per_user
    So the blocking is being done by the pam_tally module.

  4. $spacer_open
    $spacer_close
  5. #4
    Linux User vickey_20's Avatar
    Join Date
    Mar 2009
    Location
    Mumbai, India
    Posts
    493
    sorry friend but I don't know much about this module but anyway here's a good link that will surely help you 6.32.pam_tally - login counter (tallying) module
    Only if I could understand the man pages
    Registered Linux user #492640
    OS: RHEL4,5 ,RH 9,Ubuntu

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •