> 1. Is there documentation on pam_tally available? /usr/share/doc/pam-xxxx/txts/README.pam_tally But as I've written you shouldn't use it anyway as it doesn't bring much more security but it brings problems. > 2. Is there an overarching security integration effort for Fedora > (outside of selinux)? I mean so the graphical system tools such as the > User app and login work the same as commands login, passwd, and su, > etc., as far as password strength and longevity rules? Can I find the > policy or plan written anywhere? All apps (except specialized servers like Apache, cyrus-imap, ...) should use pam as the authentication backend for system logins by default so there should be one policy in use. Of course there are apps with their own security sensitive informations protected by passwords which don't use pam (Mozilla, mail clients) but they aren't used for system logins. -- Tomas Mraz <tmraz@xxxxxxxxxx> _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
