Problems configuring faillock

Comments

Hi,

I am trying to configure faillock on RHEL 8.2.

Basicly, I am following this manual:
https://access.redhat.com/solutions/62949

The Problem is, that the /etc/security/faillock.conf is ignored.
When I run

authselect select sssd with-faillock --force

in the file /etc/pam.d/system-auth appear the following lines

[...]
auth        required                                     pam_faillock.so preauth silent deny=4 unlock_time=1200
[...]
auth        required                                     pam_faillock.so authfail deny=4 unlock_time=1200
[...]
account     required                                     pam_faillock.so

So far it seems to work.
But
In my /etc/security/faillock.conf it says

deny=2
unlock_time=120

No matter if I run authselect before or after I edited the filelock.conf, it stays with the default options, my custom-options aren't used.

Can anybody tell me, what I am missing?

Started 2022-02-17T10:00:10+00:00 by

Marcus Storch

Newbie 5 points

Select Your Language

Responses

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Responses

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links