Hello, On Tue, Mar 25, 2008 at 04:04:51PM -0400, Clark, Patti wrote: > Since the count is cleared as soon as the user is successful in their > login attempt, how/where would pam_tally be used? When login got PAM support, the logging and report of failures (in/from /var/log/faillog) was removed (when PAM support is enabled). There is a patch in Debian to re-enable the call to failprint, even when compiled with PAM support. IMHO, it would be better to have an option to pam_tally to print the tally information before it get reseted, since it could take into account failures from other programs, and could be used to report failures also from other connections (e.g. ssh). Would it be possible to print the number of failures before the counter gets reseted, or to set an environment variable in pam_tally? Best Regards, -- Nekral _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
