[gentoo-commits] proj/pambase:master commit in: templates/

Sat, 10 Oct 2020 08:41:05 -0700 

commit:     b54edff3a6724bba19fd803042909cc448d169fd
Author:     Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
AuthorDate: Sat Oct 10 15:35:39 2020 +0000
Commit:     Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
CommitDate: Sat Oct 10 15:37:14 2020 +0000
URL:        https://gitweb.gentoo.org/proj/pambase.git/commit/?id=b54edff3

switch pam_faillock.so to its config file

Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>

 templates/system-auth.tpl  | 4 ++--
 templates/system-login.tpl | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl
index 46fc131..1bb53ae 100644
--- a/templates/system-auth.tpl
+++ b/templates/system-auth.tpl
@@ -10,9 +10,9 @@ auth        [success=1 default=ignore]      pam_krb5.so {{ 
krb5_params }}
 auth           required        pam_unix.so try_first_pass {{ likeauth }} {{ 
nullok|default('', true) }} {{ debug|default('', true) }}
 auth           optional        pam_permit.so
 {% if not minimal %}
-auth            required        pam_faillock.so preauth silent audit deny=3 
unlock_time=600
+auth            required        pam_faillock.so preauth 
conf=/etc/security/faillock.conf
 auth            sufficient      pam_unix.so {{ nullok|default('', true) }} 
try_first_pass
-auth            [default=die]   pam_faillock.so authfail audit deny=3 
unlock_time=600
+auth            [default=die]   pam_faillock.so authfail
 {% endif %}
 
 {% if krb5 %}

diff --git a/templates/system-login.tpl b/templates/system-login.tpl
index d51481b..bb4f093 100644
--- a/templates/system-login.tpl
+++ b/templates/system-login.tpl
@@ -2,9 +2,9 @@ auth            required        pam_shells.so {{ 
debug|default('', true) }}
 auth           required        pam_nologin.so
 auth           include         system-auth
 {% if not minimal %}
-auth            required        pam_faillock.so preauth silent audit deny=3 
unlock_time=600
+auth            required        pam_faillock.so preauth 
conf=/etc/security/faillock.conf
 auth            sufficient      pam_unix.so nullok try_first_pass
-auth            [default=die]   pam_faillock.so authfail audit deny=3 
unlock_time=600
+auth            [default=die]   pam_faillock.so authfail
 {% endif %}
 
 account                required        pam_access.so {{ debug|default('', 
true) }}

Reply via email to