rhel 5.7
pam-0.99.6.2
ok, i run pam_tally2.so in system-auth like this
auth required pam_tally2.so onerr=fail deny=3 unlock_time=900 audit
account required pam_tally2.so
1. "magic_root" is suppose to be a valid option for auth, but when i use it the tally breaks for all users (no tally'ing is done). that seems like a bug.
2. i run a short bash script to output me a report piping all users into pam_tally2 like this:
Code:
USERS=`cat /etc/passwd |cut -d: -f1 |sort`
for i in $USERS
do
pam_tally2 -u $i |awk 'FNR == 2 {print}' |awk '{ print $1, ",", $2, ",", $3, " ", $4, ",", $5}' >> file.csv
done
weird thing is, i have another user with uid=0 gid=0 but pam_tally2 reports the username as "root". is that normal?