I wanted users to get blocked out for 5 minutes after 3 failures. The do get blocked out, but they never gain access again... the log file keeps showing the tally raising...
i have waited 30 minutes and tried again w/ no success..
here is my /etc/pam.d/system-auth
Code:
auth required /lib/security/$ISA/pam_env.so
auth required /lib/security/$ISA/pam_tally.so onerr=fail no_magic_root
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
account required /lib/security/$ISA/pam_tally.so per_user deny=5 no_magic_root reset
password required /lib/security/$ISA/pam_cracklib.so retry=3 minlen=8 dcredit=-1 ocredit=-1
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so