Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

faillog(5) [linux man page]

FAILLOG(5)						   File Formats and Conversions 						FAILLOG(5)

NAME
faillog - login failure logging file DESCRIPTION
/var/log/faillog maintains a count of login failures and the limits for each account. The file contains fixed length records, indexed by numerical UID. Each record contains the count of login failures since the last successful login; the maximum number of failures before the account is disabled; the line on whiche the last login failure occurred; the date of the last login failure; and the duration (in seconds) during which the account will be locked after a failure. The structure of the file is: struct faillog { short fail_cnt; short fail_max; char fail_line[12]; time_t fail_time; long fail_locktime; }; FILES
/var/log/faillog Failure logging file. SEE ALSO
faillog(8) File Formats and Conversions 06/24/2011 FAILLOG(5)

Check Out this Related Man Page

FAILLOG(8)						      System Manager's Manual							FAILLOG(8)

NAME
faillog - examine faillog and set login failure limits SYNOPSIS
faillog [-u login-name] [-a] [-t days] [-m max] [-pr] DESCRIPTION
faillog formats the contents of the failure log, /var/log/faillog, and maintains failure counts and limits. The order of the arguments to faillog is significant. Each argument is processed immediately in the order given. The -p flag causes failure entries to be printed in UID order. Entering -u login-name flag will cause the failure record for login-name only to be printed. Entering -t days will cause only the failures more recent than days to be printed. The -t flag overrides the use of -u. The -a flag causes all users to be selected. When used with the -p flag, this option selects all users who have ever had a login failure. It is meaningless with the -r flag. The -r flag is used to reset the count of login failures. Write access to /var/log/faillog is required for this option. Entering -u login-name will cause only the failure count for login-name to be reset. The -m flag is used to set the maximum number of login failures before the account is disabled. Write access to /var/log/faillog is required for this option. Entering -m max will cause all accounts to be disabled after max failed logins occur. This may be modified with -u login-name to limit this function to login-name only. Selecting a max value of 0 has the effect of not placing a limit on the number of failed logins. The maximum failure count should always be 0 for root to prevent a denial of services attack against the system. Options may be combined in virtually any fashion. Each -p, -r, and -m option will cause immediate execution using any -u or -t modifier. CAVEATS
faillog only prints out users with no successful login since the last failure. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the -u flag, or print out all users with the -a flag. Some systems may replace /var/log with /var/adm or /usr/adm. FILES
/var/log/faillog - failure logging file SEE ALSO
login(1), faillog(5) AUTHOR
Julianne Frances Haugh (jockgrrl@ix.netcom.com) FAILLOG(8)
Man Page