11 Nov
2013
11 Nov
'13
10:19 a.m.
On 10 November 2013 23:44, Max B <txtmb(a)yahoo.fr> wrote:
in shadow-4.1.5.1/src/login.c , which reads /etc/login.defs for
FAILLOG_ENAB
#ifndef USE_PAM
motd (); /* print the message of the day */
if ( getdef_bool ("FAILLOG_ENAB")
(...)
Does anyone know why this segment of code is unused
when USE_PAM is
defined??
I guess this is because there are modules (pam_motd and pam_faildelay -
part of libpam-modules) which do this already when PAM is enabled and they
are configured as part of the login process.
Administrators can enable/disable them as required. If the code was enabled
regardless of PAM you a) get the same checks 2 times and b) administrators
cannot disable them if required.
Regards
Javier