LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-01-2005, 10:40 AM   #1
mzmyewski
LQ Newbie
 
Registered: Feb 2005
Location: Huntsville, Alabama
Posts: 2

Rep: Reputation: 0
Question Successful login from locked screen causes pam_tally to increment. Why?


Hi, everyone. I am a System Administrator with Lockheed Martin in
Huntsville, Alabama and I am seeing something strange that has me and
a couple of my coworkers perplexed.

We are running Red Hat 9.0 on a 24-node cluster. Two of the programmers
in this particular lab were complaining that they were constantly getting
locked out of their accounts. Long story short, it would seem that these
two people lock their screens quite a bit and even though they get logged
in successfully from their locked screens, pam_tally increments its counter
which, if I am correct, indicated an UNSUCCESSFUL login attempt. After
several of times of locking/unlocking their screens, they get completely
locked out of their accounts. We have "fixed" this problem with a cron
job that runs every 15 minutes and unlocks all locked accounts but I am
not too comfortable with this.

In addition to the above problem, it seems when root simply logs in,
pam_tally increments root's counter; locking/unlocking the screen does
not increment pam_tally's counter.

I have done several online searches and can find plenty of posts from
people wanting to know why pam_tally *isn't* incrementing, but it looks
like our pam_tally increments when it isn't supposed to increment.

Any help would be greatly appreciated.


Thanks,

-Mark Zmyewski
Huntsville, Alabama
 
Old 03-01-2005, 11:35 PM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
What version of pam are you running? Did you make any modifications to /etc/pam.d/xscreensaver?
 
Old 03-03-2005, 10:25 AM   #3
mzmyewski
LQ Newbie
 
Registered: Feb 2005
Location: Huntsville, Alabama
Posts: 2

Original Poster
Rep: Reputation: 0
I am not a Red Hat expert, but it looks like we have pam-devel-0.75-48

We have not made any changes to xscreensaver, but we have made changes to /etc/login.defs and
/etc/pam.d/system-auth.

In /etc/login.defs, we made the following changes:

PASS_MAX_DAYS 365
PASS_MIN_DAYS 1
PASS_MIN_LEN 8
PASS_WARN_AGE 7

I don't see how that makes any difference, but I thought I'd let you know about it.

In /etc/pam.d/system-auth, we added:

password required /lib/security/$ISA/pam_cracklib.so minlen=8 retry=3 dcredit=0 ucredit=0 lcredit=0 ocredit=0


Does this help?



-Mark
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
samba reports authentication successful but can't login matt1982 Debian 1 08-14-2005 10:08 AM
FTP Fails on Successful Login machineghost Linux - Networking 5 02-27-2005 12:00 PM
Wierd screen after successful install marales314 Linux - Newbie 1 01-20-2005 01:15 AM
Login freezes after successful install. neocookie Slackware - Installation 6 09-23-2004 10:43 AM
Locked out of Redhat 9 at Graphical Login Screen chrisjj Red Hat 6 10-11-2003 12:43 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration