Cancelling a dialog box in GUI login(GDM) counts it as a failed login attempt causing user being locked by pam_faillock

Solution Unverified - Updated -

Issue

  • During GUI login, when dialog box is cancelled, gdm counts this as 'failed login attempt' and several such attempts lock the user account via pam_faillock(provided that pam_fallock is configured).
  • In a scenario where pam_faillock.so or pam_tally2 is configured in PAM stack to lock user accounts on successive incorrect login attempts, and when user is trying to login via GUI, if you select the username and 'cancel' it, it is counted as a failed login attempt. If you do this several times, the user will be locked.

Environment

  • Red Hat Enterprise Linux 6/7
  • pam_failock
  • pam_tally2
  • gdm

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content