Unix/Linux Go Back    


Linux RedHat, Ubuntu, SUSE, Fedora, Debian, Mandriva, Slackware, Gentoo linux, PCLinuxOS. All Linux questions here!

User Account Policy

Linux


Closed    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 10-04-2012
yprudent yprudent is offline
Registered User
 
Join Date: Jan 2011
Last Activity: 4 October 2012, 3:19 AM EDT
Posts: 11
Thanks: 1
Thanked 0 Times in 0 Posts
User Account Policy

Hi,
i have the following config in the system-auth files

PHP Code:
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    
/lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      
/lib/security/$ISA/pam_deny.so

account     required      
/lib/security/$ISA/pam_unix.so
account     sufficient    
/lib/security/$ISA/pam_succeed_if.so uid 100 quiet
account     required      
/lib/security/$ISA/pam_permit.so

password    requisite     
/lib/security/$ISA/pam_cracklib.so retry=3 minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1
password    sufficient    
/lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password    required      
/lib/security/$ISA/pam_deny.so

session     required      
/lib/security/$ISA/pam_limits.so
session     required      
/lib/security/$ISA/pam_unix.so 
and i want a user to be able to try to enter a password on 3 time then the account shall be locked for 60 secondes. HAving a look to some post i tried the following:

PHP Code:
auth        required      /lib/security/$ISA/pam_env.so
#auth        required      /lib/security/$ISA/pam_tally.so onerr=fail deny=3 unlock_time=60
auth        required      /lib/security/$ISA/pam_tally.so deny=3 unclok_time=60
auth        sufficient    
/lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      
/lib/security/$ISA/pam_deny.so

account     required      
/lib/security/$ISA/pam_unix.so
account     required      
/lib/security/$ISA/pam_tally.so reset
account     sufficient    
/lib/security/$ISA/pam_succeed_if.so uid 100 quiet
account     required      
/lib/security/$ISA/pam_permit.so

password    requisite     
/lib/security/$ISA/pam_cracklib.so try_first_pass retry=3 minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1
password    sufficient    
/lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password    required      
/lib/security/$ISA/pam_deny.so

session     required      
/lib/security/$ISA/pam_limits.so
session     required      
/lib/security/$ISA/pam_unix.so 

but still test in unsucessfull. i need the help of an expert urgently,

thanks

Last edited by yprudent; 10-04-2012 at 01:40 AM..
Sponsored Links
    #2  
Old Unix and Linux 10-04-2012
hergp hergp is offline Forum Advisor  
Problem Eliminator
 
Join Date: Jan 2010
Last Activity: 26 September 2016, 3:41 PM EDT
Location: Vienna, Austria
Posts: 841
Thanks: 26
Thanked 190 Times in 169 Posts
Try pam_tally2.so instead of pam_tally.so.
Sponsored Links
    #3  
Old Unix and Linux 10-23-2012
Tommyk Tommyk is offline
Registered User
 
Join Date: Aug 2011
Last Activity: 29 April 2016, 11:39 AM EDT
Location: Ripon, North Yorkshire
Posts: 148
Thanks: 4
Thanked 14 Times in 14 Posts

Code:
#auth        required      /lib/security/$ISA/pam_tally.so onerr=fail deny=3 unlock_time=60
auth        required      /lib/security/$ISA/pam_tally.so deny=3 unclok_time=60

maybe a spell check? unclok_time should read unlock_time?
Sponsored Links
Closed

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
User and Password Policy yprudent Ubuntu 2 01-19-2012 09:11 AM
password policy for new user dehetoxic Solaris 7 11-12-2011 02:01 AM
how to assign group policy to user in solaris meet2muneer Solaris 1 07-14-2010 12:35 PM
Account lockout policy maverick_here Red Hat 1 06-08-2010 08:36 AM
Difference between : Locked User Account & Disabled User Accounts in Linux ? avklinux UNIX for Dummies Questions & Answers 3 02-06-2009 08:01 PM



All times are GMT -4. The time now is 02:56 PM.