Joakim Karlsson <[EMAIL PROTECTED]> writes: > Hi > > We use pam_tally to lock accounts after 3 failed logins in a row. > > In rhel3 the following rules works in pam.d/system-auth > > auth required pam_tally.so deny=2 > account required pam_tally.so reset > > With the same rules in rhel5 we get a working faillog which we can > view with the pam_tally-command, and the counter is reset upon > succeded login, but the rules fails to lock-out users when the faillog > for the user exceeds 2. > > Anyone else here who uses pam_tally and have any experience in getting > it to work in rhel5? > > Is this a bug in pam_tally, or is it in our configuration? > > (I haven't succeded in finding any hints in the manpages or > pam-documentation sugesting a changed behaviour for the tally > funcations.)
Problem solved. The bug was behind the keyboard. Seems like pam has become a little bit more strict regarding what, how and in what order you put in your config-file. /Joakim -- ===================================================== Joakim Karlsson, TDSO-JK SAAB AB System Administrator Simulation Centre _______________________________________________ rhelv5-list mailing list rhelv5-list@redhat.com https://www.redhat.com/mailman/listinfo/rhelv5-list