[ale] PAM_Tally oddness

Chris Ricker kaboom at gatech.edu
Fri Dec 10 01:50:44 EST 2004


On Thu, 9 Dec 2004, Scott Warfield wrote:

> Now, at a glance, it's nice and pretty, and works perfect... Until a reboot.
> At that point, ALL accounts, root too, are locked.  So the system is
> completely cutoff.  

I don't have that problem -- it basically Just Works for me

What does the faillog count look like before reboot? after reboot? Anything 
relevant in any of the system logs?

FWIW, my most common setup of it is something like:

auth        required      /lib/security/$ISA/pam_tally.so onerr=fail no_magic_root
auth        required      /lib/security/$ISA/pam_env.so
...

account     required      /lib/security/$ISA/pam_tally.so deny=3 reset no_magic_root even_deny_root_account
account     required      /lib/security/$ISA/pam_unix.so

later,
chris



More information about the Ale mailing list