Joakim Karlsson <[EMAIL PROTECTED]> writes:
> Hi
>
> We use pam_tally to lock accounts after 3 failed logins in a row.
>
> In rhel3 the following rules works in pam.d/system-auth
>
> auth required pam_tally.so deny=2
> account required pam_tally.so reset
>
> With the same rules in rhel5 we get a working faillog which we can
> view with the pam_tally-command, and the counter is reset upon
> succeded login, but the rules fails to lock-out users when the faillog
> for the user exceeds 2.
>
> Anyone else here who uses pam_tally and have any experience in getting
> it to work in rhel5?
>
> Is this a bug in pam_tally, or is it in our configuration?
>
> (I haven't succeded in finding any hints in the manpages or
> pam-documentation sugesting a changed behaviour for the tally
> funcations.)
Problem solved. The bug was behind the keyboard. Seems like pam has
become a little bit more strict regarding what, how and in what order
you put in your config-file.
/Joakim
--
=====================================================
Joakim Karlsson, TDSO-JK SAAB AB
System Administrator Simulation Centre
_______________________________________________
rhelv5-list mailing list
rhelv5-list@redhat.com
https://www.redhat.com/mailman/listinfo/rhelv5-list
