You have to download latest PAM version. Otherwise you can write crontab for unlocking after 30 minutes by seeing faillog output.
Ex: using awk and crontab you can do this
faillog | grep -v Username | awk '$2>5{system("printf "$1":"$2":; date +%s -d \""$5" "$6" "$7"\"")}' | \
awk -F: '1800 < (systime()-$3){print $1; print "User "$1" no longer locked-out: "strftime("%D-%H:%M:%S") >> "/var/log/faillog
clear"}' | \
xargs -i faillog -u {} -r
Let me know if it helps for you.
Regards,
Vasu
On Mon, Jun 16, 2008 at 3:34 PM, Vasudeva R <rachamad@xxxxxxxxx> wrote:
Hi Monu,
Try with following lines. It is working for me without any problem.
auth required pam_tally.so no_magic_root
account required pam_tally.so per_user deny=5 no_magic_root reset
Let me know.
Regards,
VasudevaRE: pam_tally: unknown option
- From: "Monu Agrawal" <monuindia gmail com>
- To: pam-list redhat com
- Subject: RE: pam_tally: unknown option
- Date: Tue, 17 Jun 2008 00:43:57 +0530
Thanks Joe, but as per documents, deny and unlock_time are auth options, not thee account options. When I changed the config as you mentioned:account required pam_tally.so deny=2
the error "unknown option deny" stopped coming but it didn't make any difference in the time it waits after wrong passwd, even if I make it 20. The version, I can't change because of some dependency reasons.
--
Regards,
Vasudeva R
Alternate mail id: rvasu_deva@xxxxxxxxxxx
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
