On, Tuesday 04 July 2006 22:09 Randy McMurchy wrote: > Then you didn't look very hard. :-( Oops... You're right. I reread the PAM documentation and understood that pam_tally was what I needed.
BUT! The error in login.c remains. You're probably too busy to check the suggested way to reproduce the error. So you can see a screenshoted "login" session below. I commented the LOGIN_RETRIES line in /etc/login.defs (though I looked through the "login" sources and saw that the LOGIN_RETRIES defaults to 3 if the corresponding line is commented/absent in /etc/login.defs) and I use the following line among others in /etc/pam.d/login: auth required pam_tally.so deny=20 SESSION_BEGIN root:/root# pam_tally --reset=0 root:/root# id uid=0(root) gid=0(root) groups=0(root) root:/root# login lo login: user Password: <WRONG PASSWORD> Login incorrect lo login: user Password: <WRONG PASSWORD> Login incorrect lo login: user Password: <CORRECT PASSWORD> Maximum number of tries exceeded (3) root:/root# id uid=0(root) gid=0(root) groups=0(root) root:/root# SESSION_END As you can see I was denied for the third try though I entered the _correct_ password. Moreover, the counter in /var/log/faillog (so called "tally") was increased. That's the bug I've been speaking about. The patch fixes it. P.S. If you think the bug isn't critical, just tell me and I will become silent. I wrote this just because you don't seem to understand where the bug is :( -- Nothing but perfection pv -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
