Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 07-20-2016, 02:16 PM   #1
Registered: Jul 2010
Posts: 64

Rep: Reputation: 1
Smile Using entry showfailed in password-auth or system-auth

I'm attempting to display on the screen a GUI message on my Red Hat Enterprise Linux 6 systems; when users experience a failed login when they fail to login using there local account. I've entered the showfailed under /etc/pam.d/password-auth and /etc/pam.d/system-auth and it only notifies the user when they login at the terminal (non-graphical login).

How can I get the information that is presented in the non-graphical interface to display on the GNOME?

A million thanks,
Old 07-22-2016, 01:43 PM   #2
LQ Newbie
Registered: Jul 2016
Distribution: RHEL
Posts: 22

Rep: Reputation: Disabled
Try modifying /etc/pam.d/gdm with the same pam entry.
Old 07-25-2016, 07:17 AM   #3
Registered: Jul 2010
Posts: 64

Original Poster
Rep: Reputation: 1

Bug: Once you perform the below users are warned of a minimum of one failed login, even though no failed logins occurred. Everyone (but root) reports on the screen at least one failed login however, when an actual failed login occurs the system reports it correctly and increases the number of failed logins from that point. Resolution
•Add the below lines to /etc/pam.d/gdm-password file.

session required showfailed
session optional /bin/sleep 9

•For example :

# cat /etc/pam.d/gdm-password
auth [success=done ignore=ignore default=bad]
auth substack password-auth
auth optional

account required
account include password-auth

password substack password-auth
password optional

session required close
session required
session optional
session required open
session optional force revoke
session required
session optional auto_start
session include password-auth
session required showfailed <----=========
session optional /bin/sleep 9 <----========= [Added these 2 lines]

What I did to correct issue:
Force log rotation, logrotate –vf /etc/logrotate.conf (read screen to determine if it’s necessary to rename any archived wtmp and btmp logged files)

Modified /etc/pam.d/gdm-password to include two other values, see below:

session required nowtmp silent showfailed
For details on the RHEL Bug:


Afterwards, from the GUI drop down, System > Administration > Authentication – select TAB Advance Options; uncheck Enable Fingerprint Reader Support. When you change this one time all settings will apply to all users.

After performing the above steps, reboot may be necessary.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
/etc/pam.d/system-auth-ac vs. /etc/pam.d/password-auth-ac vs. /etc/pam.d/sshd christr Red Hat 2 08-01-2014 07:08 PM
[SOLVED] Password auth. vs. Key auth. for SSH maples Linux - Security 7 04-02-2014 08:05 AM
Config /etc/pam.d/system-auth for account Lockout and Password Minumum mccartjd Linux - Security 3 02-18-2010 08:45 AM
Password Complexity after changing the /etc/pam.d/system-auth the system dies kprakashc Linux - Newbie 0 08-27-2008 09:50 PM
code for /etc/pam.d/system-auth(password complexity) moinpasha Programming 0 09-18-2006 01:23 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:17 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration