Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

faillog failure

Posted on 2000-04-05
4
Medium Priority
?
901 Views
Last Modified: 2013-12-16
What is required to make faillog track login failures?

I've tried:
1. In '/etc/login.defs', setting 'FAILLOG_ENAB yes'.
2. creating '/var/log/faillog' and setting a 600 permission on the file.
3. Anything else?

I've tried RedHat, Slackware, Corel, WinLinux 2000.
0
Comment
Question by:mmcmilla
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2688326
I can't say for the others, but RedHat 6.1, "out-of-the-box", logs login failures via syslog to /var/log/messages. I don't see anything in the man page for login that suggests that the login mechanism uses /etc/login.defs or /var/log/faillog, but it does specifically state that login failures will be logged by syslog.
0
 

Author Comment

by:mmcmilla
ID: 2689502
Logins will be logged by /var/log/faillog, true.  But, I'm trying to limit the number of login failures (say, 5 password retries).  First of all, if /var/log/faillog doesn't exist, /usr/bin/faillog will not create the log file.  I create the /var/log/faillog with 0 bytes, run faillog -u <username> -m <max number failures>, faillog will write to /var/log/faillog with the settings I want.  Run faillog -u <username> and it will return the stats on that user (with 0 failures, of course).  Logout, and try to login as that user, but purposefully fail the login a couple of times.  Then, login as root, run faillog -u <username> and it still shows zero failures.  
I have not clue what's wrong.  I have read the man pages for faillog, but nothing seems to work.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2705215
When all else fails, "use the source Luke, use the source"...

I went into the source rpm that provides faillog (shadow-utils-19990827-2.src.rpm) and found that you need to enable use of the faillog facility in /etc/login.defs, like:

#
# Enable logging and display of /var/log/faillog login failure info.
#
FAILLOG_ENAB            yes

Interestingly, there are two section 5 manpages in the source that aren't on my system (login.defs.5 & login.access.5), well they weren't there before I looked at the sources... They are now.
0
 

Accepted Solution

by:
cowerict earned 400 total points
ID: 2724591
I figured out that the you have to use the -p flag. E.g.:
      faillog -p -u <username>

but using
      faillog -p -u <username> -t 1
also would show faillogs of more resent fails.

Source code provides the solution.
0

Featured Post

Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Fine Tune your automatic Updates for Ubuntu / Debian
In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question