FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Red Hat Linux

 
 
LinkBack Thread Tools
 
Old 06-16-2010, 05:18 PM
"Peter Shulkin"
 
Default Pam_Tally2 User Lockouts. (Kaydo)

----------------------------------------------------------------------

Message: 1
Date: Tue, 15 Jun 2010 15:15:59 -0500
From: "Kaydo" <kaydo@rice.edu>
To: "'General Red Hat Linux discussion list'" <redhat-list@redhat.com>
Subject: Pam_Tally2 User Lockouts.
Message-ID: <FE71C7ADF9DF4916A0784165E03F187E@adminsystems.ric e.edu>
Content-Type: text/plain; charset="US-ASCII"

>Hi,

>I've configured user lockouts using the pam_tally2 module but I have a
>question. Is there a command that I can run that will tell me whether
a
>user's account is locked out from this module or not? If I run passwd
-S
><user> it doesn't say that the account is locked, I'm thinking this
only
>works if the account was locked using usermod -L. I know I can use
>pam_tally2 command to see the failed login counts, but it would be
great if
>there were a command that would directly tell me if a user was locked
out
>due to this module. Anybody know of such a command?

>Thanks guys,

Of course, you know about the faillog program. Faillog -u userid tells
you if that userid is locked out, and faillog -u userid -r resets the
account. Check the man pages for more info.

Peter
________________________________________________

>Kenrick Bramble, Systems Manager

>Administrative Systems Dept | 713-348-8645 | <mailto:kaydo@rice.edu>
>kaydo@rice.edu Rice University | 6100 Main Street | Houston, TX 77005

>"Never seem more learned than the people you are with. Wear your
learning >like a pocket watch and keep it hidden. Do not pull it out to
count the >hours, but give the time when you are asked."



>-- Lord Chesterfield

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 06-16-2010, 06:00 PM
"Kaydo"
 
Default Pam_Tally2 User Lockouts. (Kaydo)

Thank you for the response Peter but faillog is for the pam_tally module and
not pam_tally2.


- Kaydo


-----Original Message-----
From: redhat-list-bounces@redhat.com [mailto:redhat-list-bounces@redhat.com]
On Behalf Of Peter Shulkin
Sent: Wednesday, June 16, 2010 12:19 PM
To: redhat-list@redhat.com
Subject: RE: Pam_Tally2 User Lockouts. (Kaydo)

----------------------------------------------------------------------

Message: 1
Date: Tue, 15 Jun 2010 15:15:59 -0500
From: "Kaydo" <kaydo@rice.edu>
To: "'General Red Hat Linux discussion list'" <redhat-list@redhat.com>
Subject: Pam_Tally2 User Lockouts.
Message-ID: <FE71C7ADF9DF4916A0784165E03F187E@adminsystems.ric e.edu>
Content-Type: text/plain; charset="US-ASCII"

>Hi,

>I've configured user lockouts using the pam_tally2 module but I have a
>question. Is there a command that I can run that will tell me whether
a
>user's account is locked out from this module or not? If I run passwd
-S
><user> it doesn't say that the account is locked, I'm thinking this
only
>works if the account was locked using usermod -L. I know I can use
>pam_tally2 command to see the failed login counts, but it would be
great if
>there were a command that would directly tell me if a user was locked
out
>due to this module. Anybody know of such a command?

>Thanks guys,

Of course, you know about the faillog program. Faillog -u userid tells
you if that userid is locked out, and faillog -u userid -r resets the
account. Check the man pages for more info.

Peter
________________________________________________


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 
Old 06-17-2010, 06:02 PM
"Peter Shulkin"
 
Default Pam_Tally2 User Lockouts. (Kaydo)

Date: Wed, 16 Jun 2010 13:00:07 -0500
From: "Kaydo" <kaydo@rice.edu>
To: "'General Red Hat Linux discussion list'" <redhat-list@redhat.com>
Subject: RE: Pam_Tally2 User Lockouts. (Kaydo)
Message-ID: <69A317DF835840E0A6DC156A15EB249D@adminsystems.ric e.edu>
Content-Type: text/plain; charset="US-ASCII"

>Thank you for the response Peter but faillog is for the pam_tally
module >and not pam_tally2.


>- Kaydo


The pam_tally2 utility can be used to unlock user accounts as follows:
# /sbin/pam_tally2 --user username --reset

Without the reset, it lists the failures.

/sbin/pam_tally2 --user fubar
Login Failures Latest failure From
fubar 0

Peter
-----Original Message-----
From: Peter Shulkin
Sent: Wednesday, June 16, 2010 1:19 PM
To: 'redhat-list@redhat.com'
Subject: RE: Pam_Tally2 User Lockouts. (Kaydo)

----------------------------------------------------------------------

Message: 1
Date: Tue, 15 Jun 2010 15:15:59 -0500
From: "Kaydo" <kaydo@rice.edu>
To: "'General Red Hat Linux discussion list'" <redhat-list@redhat.com>
Subject: Pam_Tally2 User Lockouts.
Message-ID: <FE71C7ADF9DF4916A0784165E03F187E@adminsystems.ric e.edu>
Content-Type: text/plain; charset="US-ASCII"

>Hi,

>I've configured user lockouts using the pam_tally2 module but I have a
>question. Is there a command that I can run that will tell me whether
a
>user's account is locked out from this module or not? If I run passwd
-S
><user> it doesn't say that the account is locked, I'm thinking this
only
>works if the account was locked using usermod -L. I know I can use
>pam_tally2 command to see the failed login counts, but it would be
great if
>there were a command that would directly tell me if a user was locked
out
>due to this module. Anybody know of such a command?

>Thanks guys,

Of course, you know about the faillog program. Faillog -u userid tells
you if that userid is locked out, and faillog -u userid -r resets the
account. Check the man pages for more info.

Peter
________________________________________________

>Kenrick Bramble, Systems Manager

>Administrative Systems Dept | 713-348-8645 | <mailto:kaydo@rice.edu>
>kaydo@rice.edu Rice University | 6100 Main Street | Houston, TX 77005

>"Never seem more learned than the people you are with. Wear your
learning >like a pocket watch and keep it hidden. Do not pull it out to
count the >hours, but give the time when you are asked."



>-- Lord Chesterfield

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
 

Thread Tools




All times are GMT. The time now is 01:43 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org