> On Fri, Nov 12, 2004 at 01:52:15PM +0000, Billy Snider wrote: >> Has anyone had problems getting login failures to register with Fedora >> Core 3? I am trying to "telnet" into the system and get a failure to >> register. >> >> Here is my "login" file: >> >> #%PAM-1.0 >> auth required pam_securetty.so >> auth required pam_stack.so service=system-auth >> auth required /lib/security/pam_tally.so deny=5 onerr=fail >> no_magic_root >> auth required pam_nologin.so >> account required pam_stack.so service=system-auth >> password required pam_stack.so service=system-auth > [snip] > >> Failures do register in the "/var/log/messages" but not >> "/var/log/faillog". >> >> It acts as if "telnet" doesn't even use the "login" configuration file >> within "/etc/pam.d". >> >> >From a previous posting "ssh" logins register failures just fine with >> the following in the "sshd" file: >> >> auth required pam_stack.so service=system-auth >> auth required pam_nologin.so >> auth required pam_tally.so no_magic_root >> account required pam_tally.so deny=3 no_magic_root per_user >> account required pam_stack.so service=system-auth > [snip] > > In the configuration file for "login", you're passing the "deny=" flag > to pam_tally when used as an "auth" module, while in "sshd", the "deny=" > flag is being correctly passed to pam_tally being used as an "account" > module. You also don't seem to be calling pam_tally as an "account" > module in the "login" configuration file. > > HTH, > > Nalin Thank-you for your response, I made a mistake and posted an "in-work" login file, here is the one I am currently using that has the problem: #%PAM-1.0 auth required pam_securetty.so auth required pam_stack.so service=system-auth auth required pam_tally.so onerr=fail no_magic_root per_user auth required pam_nologin.so account required pam_tally.so deny=3 no_magic_root per_user account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_stack.so service=system-auth session optional pam_console.so # pam_selinux.so open should be the last session rule session required pam_selinux.so multiple open > > _______________________________________________ > > Pam-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/pam-list > _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
