LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-20-2016, 02:16 PM   #1
johnmccarthy
Member
 
Registered: Jul 2010
Posts: 64

Rep: Reputation: 1
Smile Using entry pam_lastlog.so showfailed in password-auth or system-auth


I'm attempting to display on the screen a GUI message on my Red Hat Enterprise Linux 6 systems; when users experience a failed login when they fail to login using there local account. I've entered the
pam_lastlog.so showfailed under /etc/pam.d/password-auth and /etc/pam.d/system-auth and it only notifies the user when they login at the terminal (non-graphical login).

How can I get the information that is presented in the non-graphical interface to display on the GNOME?

A million thanks,
John
 
Old 07-22-2016, 01:43 PM   #2
ihaveavirus
LQ Newbie
 
Registered: Jul 2016
Distribution: RHEL
Posts: 22

Rep: Reputation: Disabled
Try modifying /etc/pam.d/gdm with the same pam entry.
 
Old 07-25-2016, 07:17 AM   #3
johnmccarthy
Member
 
Registered: Jul 2010
Posts: 64

Original Poster
Rep: Reputation: 1
Wink

Bug: Once you perform the below users are warned of a minimum of one failed login, even though no failed logins occurred. Everyone (but root) reports on the screen at least one failed login however, when an actual failed login occurs the system reports it correctly and increases the number of failed logins from that point. Resolution
•Add the below lines to /etc/pam.d/gdm-password file.



session required pam_lastlog.so showfailed
session optional pam_exec.so /bin/sleep 9

•For example :


Raw
# cat /etc/pam.d/gdm-password
auth [success=done ignore=ignore default=bad] pam_selinux_permit.so
auth substack password-auth
auth optional pam_gnome_keyring.so

account required pam_nologin.so
account include password-auth

password substack password-auth
password optional pam_gnome_keyring.so

session required pam_selinux.so close
session required pam_loginuid.so
session optional pam_console.so
session required pam_selinux.so open
session optional pam_keyinit.so force revoke
session required pam_namespace.so
session optional pam_gnome_keyring.so auto_start
session include password-auth
session required pam_lastlog.so showfailed <----=========
session optional pam_exec.so /bin/sleep 9 <----========= [Added these 2 lines]




What I did to correct issue:
Force log rotation, logrotate –vf /etc/logrotate.conf (read screen to determine if it’s necessary to rename any archived wtmp and btmp logged files)

Modified /etc/pam.d/gdm-password to include two other values, see below:

session required pam_lastlog.so nowtmp silent showfailed
For details on the RHEL Bug:

https://bugzilla.redhat.com/show_bug.cgi?id=1021108

and

https://bugzilla.redhat.com/show_bug.cgi?id=1047077

Afterwards, from the GUI drop down, System > Administration > Authentication – select TAB Advance Options; uncheck Enable Fingerprint Reader Support. When you change this one time all settings will apply to all users.

After performing the above steps, reboot may be necessary.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
/etc/pam.d/system-auth-ac vs. /etc/pam.d/password-auth-ac vs. /etc/pam.d/sshd christr Red Hat 2 08-01-2014 07:08 PM
[SOLVED] Password auth. vs. Key auth. for SSH maples Linux - Security 7 04-02-2014 08:05 AM
Config /etc/pam.d/system-auth for account Lockout and Password Minumum mccartjd Linux - Security 3 02-18-2010 08:45 AM
Password Complexity after changing the /etc/pam.d/system-auth the system dies kprakashc Linux - Newbie 0 08-27-2008 09:50 PM
code for /etc/pam.d/system-auth(password complexity) moinpasha Programming 0 09-18-2006 01:23 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:17 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration