Cancelling a dialog box in GUI login(GDM) counts it as a failed login attempt causing user being locked by pam_faillock

Solution Unverified - Updated -

Issue

  • During GUI login, when dialog box is cancelled, gdm counts this as 'failed login attempt' and several such attempts lock the user account via pam_faillock(provided that pam_fallock is configured).
  • In a scenario where pam_faillock.so or pam_tally2 is configured in PAM stack to lock user accounts on successive incorrect login attempts, and when user is trying to login via GUI, if you select the username and 'cancel' it, it is counted as a failed login attempt. If you do this several times, the user will be locked.

Environment

  • Red Hat Enterprise Linux 6/7
  • pam_failock
  • pam_tally2
  • gdm

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.