On 7/5/06, Vladimir A. Pavlov <[EMAIL PROTECTED]> wrote:
On, Tuesday 04 July 2006 22:09 Randy McMurchy wrote:
> Then you didn't look very hard. :-(
Oops... You're right. I reread the PAM documentation and understood that
pam_tally was what I needed.
BUT!
The error in login.c remains. You're probably too busy to check the
suggested way to reproduce the error. So you can see a screenshoted
"login" session below. I commented the LOGIN_RETRIES line
in /etc/login.defs (though I looked through the "login" sources and saw
that the LOGIN_RETRIES defaults to 3 if the corresponding line is
commented/absent in /etc/login.defs) and I use the following line among
others in /etc/pam.d/login:
Vladimir,
I checked, and I get the same problem. I do put LOGIN_RETRIES in
/etc/login.defs. If I input the successful password on the last
attempt, it still bombs just as you say.
Login incorrect
lo login: user
Password: <CORRECT PASSWORD>
Maximum number of tries exceeded (3)
Does this imply that pam_tally doesn't work as advertised? It looks
like login is still using the default of 3 since you put deny=20 in
the pam conf file.
That's the bug I've been speaking about. The patch fixes it.
P.S. If you think the bug isn't critical, just tell me and I will become
silent. I wrote this just because you don't seem to understand where
the bug is :(
Thanks for the effort. I'm not sure it's critical enough to put in the
book just yet. However, it would be great if you could submit it to
lfs-patches. Even better would be if you submitted it upstream to the
author. He is usually very receptive of patches as long as there
described well. It doesn't look like any such fix is in there now.
http://cvs.pld.org.pl/shadow/src/login.c
You can subscribe to the shadow mailing list at
[EMAIL PROTECTED] and the list itself is [EMAIL PROTECTED]
If you prefer, I can submit it since I'm already subscribed.
--
Dan
--
http://linuxfromscratch.org/mailman/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
