Hi Alexandre,
Just a quick guess... You don't happen to have the same userid for user1 as user2 in the /etc/passwd file ?
That could explain it... If not, I havn't any idea.
Tim. Alexandre Skyrme wrote:
Greetings,
I'm currently trying to limit the maximum number of logins for users on a Red Hat Enterprise Linux AS 2.1. I have pam-0.75-46.9 (RPM) installed. Although the configuration seems to be correct the behavior is very odd.
The only uncommented line in /etc/security/limits.conf is:
* hard maxlogins 2
I'm then able to login (console) at the most three (!) times with the same regular user (user1) before it starts denying me access. Without logging out I then proceed to login with another regular user (user2) at another terminal. To my surprise it then denies me access stating that this user's (user2) maximum login limit has been reached - the point is, this user (user2) is not logged on at all! The same happens if I try to telnet or SSH in.
For the record this is my /etc/pam.d/login and /etc/pam.d/system-auth (both unaltered since installation apart from RHN's updates):
[me@localhost me]$ cat /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth required /lib/security/pam_deny.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3 type= password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so session required /lib/security/pam_unix.so [me@localhost me]$ cat /etc/pam.d/login #%PAM-1.0 auth required /lib/security/pam_securetty.so auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_stack.so service=system-auth session optional /lib/security/pam_console.so [me@localhost me]$
I can cope with the extra login session (three instead of the configured two) but could not find any reasonable explanation for the odd login limit behavior. Has anybody seem anything similar or ran into this kind of problem before?
I'd appreciate any suggestion.
Regards, -- Alexandre Skyrme Cipher - Segurança da Informação +55-21-2529-2629 www.ciphersec.com.br
Esta mensagem eletrônica pode conter informações privilegiadas e/ou confidenciais, portanto fica o seu receptor notificado de que qualquer disseminação, distribuição ou cópia não autorizada é estritamente proibida. Se você recebeu esta mensagem indevidamente ou por engano, por favor, informe este fato ao remetente e a apague de seu computador imediatamente.
This e-mail message may contain legally privileged and/or confidential information, therefore, the recipient is hereby notified that any unauthorized dissemination, distribution or copying is strictly prohibited. If you have received this e-mail message inappropriately or accidentally, please notify the sender and delete it from your computer immediately.
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
--
==============================================================================
Tim Rayner - Networks Team Leader | Email : trayner@xxxxxxxxxx
Charles Sturt University | Mail : P.O. Box 789, Albury,NSW, 2640
Phone : (02) 6051 9886 | Fax : (02) 6051 9919
==============================================================================_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
