Why are the pam_tally and pam_tally2 failed attempts count wrong, with sudo?
Issue
- When activating
pam_tally.so
orpam_tally2.so
insystem-auth-ac
, and the following command is excecuted, thefaillog
counter is increased before any password is given by user:
$ sudo -k su -
- After one wrong password is typed in, the
faillog
counter is again increased (to 2)
Environment
- Red Hat Enterprise Linux 5
- Red Hat Enterprise Linux 6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.