in shadow-4.1.5.1/src/login.c , which reads /etc/login.defs for FAILLOG_ENAB
#ifndef USE_PAM
motd (); /* print the message of the day */
if ( getdef_bool ("FAILLOG_ENAB")
&& (0 != faillog.fail_cnt)) {
failprint (&faillog);
/* Reset the lockout times if logged in */
if ( (0 != faillog.fail_max)
&& (faillog.fail_cnt >= faillog.fail_max)) {
(void) puts (_("Warning: login re-enabled after temporary lockout."));
SYSLOG ((LOG_WARN,
"login '%s' re-enabled after temporary lockout (%d failures)",
username, (int) faillog.fail_cnt));
}
}
etc...
Does anyone know why this segment of code is unused when USE_PAM is defined??
Le Dimanche 10 novembre 2013 23h18, Max B <txtmb@???> a écrit :
PS:
http://pkg-shadow.alioth.debian.org/coverage/shadow-4.1.5.1/libmisc/failure.c.gcov.frameset.html
the string appears to be in the 'shadow' system.
has the failure.c file been removed or modified from debian?
Le Dimanche 10 novembre 2013 22h02, Max B <txtmb@???> a écrit :
Thanks for the reply, Andy.
I just checked
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html , specifically, sec 4.11.*
** Please note that SULOG_FILE is mentioned NOWHERE in that document, and ought to be in 4.11.3.
The different behaviour of Debian 5.0 and 7, as mentioned earlier in thread, is mentioned nowhere that I could see.
Debian 5.0 announces upon login that
%d failure since last login
where %d >0; else no notification
Debian 7 does not check this information, AFAIK.
I managed to grep a mention of "pam_lastlog.so" in /etc/pam.d/login , but this appears not to function as above in Debian 5.0, so I am mystified as to how Debian 5.0 is able to report on the number of failures since last login.
The sections of /etc/login.defs regarding "btmp" are identical in deb 5.0 and deb 7 , so it isn't that.
There are some changes (additions) to the /etc/pam.d/common-* files, but you'd need to be an expert in pam, which I'm not.
It shouldn't be this difficult to add '%d failure since last login' right before the motd to Debian 7, but I'm afraid it is for me.
Cheers
Le Dimanche 10 novembre 2013 20h17, Andy Smith <andy@???> a écrit :
Hello Max,
On Sun, Nov 10, 2013 at 07:11:33PM +0000, Max B wrote:
> I just noticed (and was perturbed by) the fact that, under Debian 7, the number of failures since last login is unavailable at the login.
>
> The default under Debian 5.0 seems to have been set to report the number of failures since last login (if there were any).
I haven't really noticed the difference. Does section 4.11.3 of this
not cover it then?
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
users mailing list
users@???
https://lists.bitfolk.com/mailman/listinfo/users
_______________________________________________
users mailing list
users@???
https://lists.bitfolk.com/mailman/listinfo/users
_______________________________________________
users mailing list
users@???
https://lists.bitfolk.com/mailman/listinfo/users 
