modify /etc/pam.d/system-auth, and password-auth on RHEL 6.4
add a few entries.
The command equiv is:
This effectively changes the lockout and user is allowed to log in. The key though is the modifications to system-auth and password-auth, adding the appropriate entries for pam_tally2.so to be called on.
account required pam_tally2.so
and a few others for other things i needed this time around.
thanks for you responses.
OA
Last edited by Franklin52; 02-05-2014 at 03:04 AM..
Reason: Please use code tags
How can i restart the console getty without rebooting the system on HPUX 11.0
Normally it will be stated by ps -ef | grep getty
console 0:00 /usr/sbin/getty console console
many thanx (4 Replies)
WARNING - /usr/sbin/fsck not found. Most likely the mount of
/usr failed or the /usr filesystem is badly
damaged. The system is being halted.
Either re-install the system of boot with -b
option in an attempt to recover
Anyone help me on restoring this without having to reinstall. it is a... (8 Replies)
I noticed in my cron log file for my solaris 8 servers the rc=1. I imagine that is return code and something did not process. Does anyone know what that is, is there fix or the implications of leaving it?
Thank you
> CMD: && /usr/sbin/rtc -c > /dev/null 2>&1
> root 22049 c Fri Dec 19... (1 Reply)
please tell pre-requisite steps to activate cron. i activated the cron but it not executing the script which i set in crontab entry.through root user i passed the service crond start it get start.but when i go to etc/init.d and passed crond stop command.it gets crond: can't lock /var/run/crond.pid,... (2 Replies)
I thought I would document this error since its not documented very well. The package or file may be different but the idea is the same.
$ sudo yum updateLoaded plugins: langpacks, presto, refresh-packagekit, versionlock
Setting up Update Process
Resolving Dependencies
--> Running... (0 Replies)
Dear Expret,
Help me about my issue,
I trying add new disk to volume Group but error:
step add new disk to volume group.
1. ~Change a Volume Group
Add a Physical Volume to a Volume Group
Remove a Physical Volume from a Volume Group
Reorganize a Volume Group... (6 Replies)
Hi,
I'm not an HP-UX SysAdmin and work with Linux Systems a bit more but I have a question about the logging level for the snmpdm. We don't specify or modify anything so we're probably taking the default? What is the default?
I see in the man page these options are available:
Turn off... (0 Replies)
Dear Concern,
We have observed that following command stuck/does not work in some RedHat nodes. Please advise us to troubleshoot the issue.
/usr/sbin/hpacucli ctrl all show
Note: HP Array Configuration Utility CLI for Linux 64-bit
With Best Regards,
Md. Abdullah-Al Kauser (3 Replies)
Discussion started by: makauser
3 Replies
LEARN ABOUT CENTOS
password-auth-ac
SYSTEM-AUTH-AC(5) File Formats Manual SYSTEM-AUTH-AC(5)NAME
system-auth-ac, password-auth-ac, smartcard-auth-ac, fingerprint-auth-ac, postlogin-ac - Common configuration files for PAMified services
written by authconfig(8)SYNOPSIS
/etc/pam.d/system-auth-ac
DESCRIPTION
The purpose of this configuration file is to provide common configuration file for all applications and service daemons calling PAM
library.
The system-auth configuration file is included from all individual service configuration files with the help of the include directive. When
authconfig(8) writes the system PAM configuration file it replaces the default system-auth file with a symlink pointing to system-auth-ac
and writes the configuration to this file. The symlink is not changed on subsequent configuration changes even if it points elsewhere. This
allows system administrators to override the configuration written by authconfig.
The authconfig now writes the authentication modules also into additional PAM configuration files /etc/pam.d/password-auth-ac,
/etc/pam.d/smartcard-auth-ac, and /etc/pam.d/fingerprint-auth-ac. These configuration files contain only modules which perform authentica-
tion with the respective kinds of authentication tokens. For example /etc/pam.d/smartcard-auth[-ac] will not contain pam_unix and pam_ldap
modules and /etc/pam.d/password-auth[-ac] will not contain pam_pkcs11 and pam_fprintd modules.
The file /etc/pam.d/postlogin-ac contains common services to be invoked after login. An example can be a module that encrypts an user's
filesystem or user's keyring and is decrypted by his password.
The PAM configuration files of services which are accessed by remote connections such as sshd or ftpd now include the /etc/pam.d/password-
auth configuration file instead of /etc/pam.d/system-auth.
EXAMPLE
Configure system to use pam_tally2 for configuration of maximum number of failed logins. Also call pam_access to verify if access is
allowed.
Make system-auth symlink point to system-auth-local which contains:
auth requisite pam_access.so
auth requisite pam_tally2.so deny=3 lock_time=30
unlock_time=3600
auth include system-auth-ac
account required pam_tally2.so
account include system-auth-ac
password include system-auth-ac
session include system-auth-ac
BUGS
None known.
SEE ALSO authconfig(8), authconfig-gtk(8), pam(8), system-auth(5)Red Hat, Inc. 2010 March 31 SYSTEM-AUTH-AC(5)