[Pkg-shadow-devel] Bug#192849: Please investigate this bug about faillog

[Nicolas François]

On Fri, Apr 15, 2005 at 12:42:17AM +0300, Alexander Gattin wrote:
> On Thu, Apr 14, 2005 at 06:37:03PM +0200, Christian Perrier wrote:
> > Please, fellows, have a look at this bug more deeply. I even can't try
> > to reproduce it because I get no report of failed logins on my system.
> > 
> > I wonder whether faillog is still doing its job.
> 
> Looking into src/login.c:
> 
> #ifndef USE_PAM
>                             if (pwd && getdef_bool("FAILLOG_ENAB"))
>                               failure (pwent.pw_uid, tty, &faillog);
> #endif
> 

Note: faillog is working on Woody.

On Sid, my last faillog is Aug 19 2002 ;)

It may be interesting to see when it started failing.

Tomasz, is yours working?


lastb is working. So bad attemp
> And so on. But what pam module is expected to log
> failures in faillog file? :-/ IMHO no one.

Maybe pam_tally can be configured for logging these failures (not tried):
pam_tally: this module keeps track of the number of times an attempt is
made to access an account. It can deny access after a specified number of
failures. Root's account can be treated specially.


-- 
Nekral