Hi We use pam_tally to lock accounts after 3 failed logins in a row.
In rhel3 the following rules works in pam.d/system-auth auth required pam_tally.so deny=2 account required pam_tally.so reset With the same rules in rhel5 we get a working faillog which we can view with the pam_tally-command, and the counter is reset upon succeded login, but the rules fails to lock-out users when the faillog for the user exceeds 2. Anyone else here who uses pam_tally and have any experience in getting it to work in rhel5? Is this a bug in pam_tally, or is it in our configuration? (I haven't succeded in finding any hints in the manpages or pam-documentation sugesting a changed behaviour for the tally funcations.) Regards Joakim -- ===================================================== Joakim Karlsson, TDSO-JK SAAB AB System Administrator Simulation Centre _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
