I am also facing this problem. It was already fixed upstream. I think we need a solution for this problem as many security guildelines in companies require the use of pam_tally for unix systems:
See http://pam.cvs.sourceforge.net/pam/Linux-PAM/modules/pam_tally/pam_tally.c?r1=1.15&r2=1.16 for an upstream patch --- pam_tally.c 2005/01/24 14:04:17 1.15 +++ pam_tally.c 2005/04/04 09:46:10 1.16 @@ -1,7 +1,7 @@ /* * pam_tally.c * - * $Id: pam_tally.c,v 1.15 2005/01/24 14:04:17 t8m Exp $ + * $Id: pam_tally.c,v 1.16 2005/04/04 09:46:10 t8m Exp $ */ @@ -268,7 +268,7 @@ const void *data; rv = pam_get_data(pamh, MODULE_NAME, &data); - if ( rv == PAM_SUCCESS && oldtime != NULL ) { + if ( rv == PAM_SUCCESS && data != NULL && oldtime != NULL ) { *oldtime = *(const time_t *)data; pam_set_data(pamh, MODULE_NAME, NULL, NULL); } @@ -423,6 +423,7 @@ int i; i=get_tally( &tally, uid, opts->filename, &TALLY, fsp ); + if ( i != PAM_SUCCESS ) { if (TALLY) fclose(TALLY); RETURN_ERROR( i ); } /* to remember old fail time (for locktime) */ fsp->fs_fail_time = fsp->fs_faillog.fail_time; @@ -455,7 +456,6 @@ (size_t)sizeof(fsp->fs_faillog.fail_line)); fsp->fs_faillog.fail_line[sizeof(fsp->fs_faillog.fail_line)-1] = 0; } - if ( i != PAM_SUCCESS ) { if (TALLY) fclose(TALLY); RETURN_ERROR( i ); } if ( !(opts->ctrl & OPT_MAGIC_ROOT) || getuid() ) { /* magic_root doesn't change tally */ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
