- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Re: pam_tally entries in /etc/pam.d/system-auth
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-15-2008 05:35 PM
тАО02-15-2008 05:35 PM
auth required /lib/security/pam_tally.so onerr=fail no_magic_root
account required /lib/security/pam_tally.so deny=3 no_magic_root reset
Do these lines have to be grouped with the other "auth" and "account" lines in the file, or can I just append them to the end of the file ????
To append would be alot easier to do than to figure out the line to add the new lines to the file and insert them..
Thanks
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-16-2008 03:54 AM
тАО02-16-2008 03:54 AM
SolutionSee: http://www.linux.com/articles/113567
In short, if you have lines beginning with "auth requisite" and/or "account requisite", the ordering will affect which failures are counted and which are not.
Suggestion: learn to use the "diff" and "patch" tools.
For example:
# cp /etc/pam.d/system-auth /etc/pam.d/system-auth.backup
# vi /etc/pam.d/system-auth
# cd /
# diff -u /etc/pam.d/system-auth.backup /etc/pam.d/system-auth >/tmp/pam-settings-change.patch
Now copy /tmp/pam-settings-change.patch to another host, and run:
# cd /
# patch -p0
...and the "patch" tool will apply the change you made on the first host to the second host.
Repeat with 98 other hosts :-)
MK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-17-2008 11:38 AM
тАО02-17-2008 11:38 AM
Re: pam_tally entries in /etc/pam.d/system-auth
[root-(OASIS) ~]# patch -p0 patching file /etc/pam.d/system-auth
Hunk #1 FAILED at 4.
1 out of 1 hunk FAILED -- saving rejects to file /etc/pam.d/system-auth.rej
[root-(OASIS) ~]#
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-19-2008 03:18 AM
тАО02-19-2008 03:18 AM
Re: pam_tally entries in /etc/pam.d/system-auth
The contents of the /etc/pam.d/system-auth file on your first host must be significantly different from the one in the second host. In that case, there is really no reliable way to apply the change automatically.
MK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-19-2008 09:44 AM
тАО02-19-2008 09:44 AM