Account locked by pam_tally does not reflect in passwd -S
Anusuya K
anusuya_k at yahoo.com
Tue Oct 18 09:29:18 UTC 2011
Hi,
I was able to configure pam_tally on RHEL 5.5/6 and verify that account gets locked after 'n' unsuccessful attempts through different auth mechanisms like su, sshd, login etc.
I can also see the output of pam_tally or faillog that reflects the number of failed login attempts.
But when I try passwd -S <user name> after an account is locked through use of pam_tally, it does not relect account locked status.
see below for example output of faillog as well passwd -S after an account is locked using pam_tally
# faillog -u testuser1
Login Failures Maximum
testuser1 4 0
# passwd -S testuser1
testuser1 PS 10/17/2011 0 99999 7 -1
if I explicity lock a user using passwd -l option then the output of passwd -S reads as below
# passwd -S testuser1
testuser1 LK 10/17/2011 0 99999 7 -1
Can any one tell me if pam_tally and passwd lock options understand each other, if yes, is there any other configuration I have to do..
Thanks
ADK
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pam-list/attachments/20111018/0f1c043f/attachment.htm>
More information about the Pam-list
mailing list