pam_faillock not locking out user after unsuccessful login attempts
by ravkav from LinuxQuestions.org on (#6ET5H)
hi,
i am using rhel 8.8. i have been trying to get user account locked out after 3 unsuccessful login attempts.
authselect create-profile rav-passwd-policy -b sssd
authselect apply-changes
authselect select custom/rav-passwd-policy
authselect current
authselect enable-feature with-faillock
i have not touched :- because below files can be edited using AuthSelect..
vim /etc/authselect/system-auth +
vim /etc/authselect/password-auth
grep -v '^#' /etc/security/faillock.conf
dir = /var/log/faillog
local_users_only
deny = 3
fail_interval = 900
unlock_time = 600
i have also configured pam_pwquality & pam_pwhistory, both are working fine.
the problem is with pam_faillock.
is "sssd services " needed to be running for pam_faillock Or pam_pwquality Or pam_pwhistory to be successful?
appreciate your quick revert on this.
rav kav
i am using rhel 8.8. i have been trying to get user account locked out after 3 unsuccessful login attempts.
authselect create-profile rav-passwd-policy -b sssd
authselect apply-changes
authselect select custom/rav-passwd-policy
authselect current
authselect enable-feature with-faillock
i have not touched :- because below files can be edited using AuthSelect..
vim /etc/authselect/system-auth +
vim /etc/authselect/password-auth
grep -v '^#' /etc/security/faillock.conf
dir = /var/log/faillog
local_users_only
deny = 3
fail_interval = 900
unlock_time = 600
i have also configured pam_pwquality & pam_pwhistory, both are working fine.
the problem is with pam_faillock.
is "sssd services " needed to be running for pam_faillock Or pam_pwquality Or pam_pwhistory to be successful?
appreciate your quick revert on this.
rav kav