Cancelling a dialog box in GUI login(GDM) counts it as a failed login attempt causing user being locked by pam_faillock
Issue
- During GUI login, when dialog box is cancelled,
gdmcounts this as 'failed login attempt' and several such attempts lock the user account via pam_faillock(provided that pam_fallock is configured). - In a scenario where pam_faillock.so or pam_tally2 is configured in PAM stack to lock user accounts on successive incorrect login attempts, and when user is trying to login via GUI, if you select the username and 'cancel' it, it is counted as a failed login attempt. If you do this several times, the user will be locked.
Environment
- Red Hat Enterprise Linux 6/7
- pam_failock
- pam_tally2
- gdm
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
