search for: faillock

...NSTALL file, we made a copy of "<prefix>/sbin/sshd" (for port 22) as "<prefix>/sbin/sshd2" (for port 8022), created a separate "sshd2_config" file, and added corresponding commands for service "sshd2" in "/etc/pam.conf". We use the "faillock" PAM module with tally directories "/etc/security/sshd" and "/etc/security/sshd2" for "sshd" and "sshd2" respectively. This approach worked well for release 9.3p1, but a problem is identified with release 9.9p1. Normally when a user logs in via "s...

On 12/11/2024 12:39, anctop wrote: > It seems that release 9.9p1 does not use the binary filename as the > PAM service name, but sticks to "sshd" for all instances. man sshd_config: ???? PAMServiceName ???????????? Specifies the service name used for Pluggable Authentication Modules (PAM) authentication, authorisation and session controls when ???????????? UsePAM is

Hi, Many thanks for your prompt answer. We overlooked this new option because it was not available in the 9.3p1 config. On Tue, 12 Nov 2024 at 20:52, Brian Candler <b.candler at pobox.com> wrote: > > On 12/11/2024 12:39, anctop wrote: > > It seems that release 9.9p1 does not use the binary filename as the > PAM service name, but sticks to "sshd" for all

...10-1301 USA. + *) + +open Sysprep_operation +open Sysprep_gettext.Gettext + +module G = Guestfs + +let pam_data_perform g root = + let typ = g#inspect_get_type root in + if typ <> "windows" then ( + let paths = [ "/var/run/console/*"; + "/var/run/faillock/*"; + "/var/run/sepermit/*"; ] in + List.iter ( + fun path -> + let files = g#glob_expand path in + Array.iter ( + fun file -> + try g#rm file with G.Error _ -> () + ) files; + ) paths; + + [] + ) + el...

...pe=1400 audit(1386001826.260:11): avc: denied { create } for pid=484 comm="systemd-tmpfile" name="console" scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir [ 13.218900] systemd-tmpfiles[484]: Failed to create directory /var/run/faillock: Permission denied [ 13.218943] systemd-tmpfiles[484]: Failed to create directory /var/run/sepermit: Permission denied [ 13.218977] systemd-tmpfiles[484]: Failed to create directory /var/run/ppp: Permission denied [ 13.219791] systemd-tmpfiles[484]: Failed to create directory /var/lock/ppp: P...

...pe=1400 audit(1386015972.997:11): avc: denied { create } for pid=525 comm="systemd-tmpfile" name="openvpn" scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir [ 16.809397] systemd-tmpfiles[525]: Failed to create directory /var/run/faillock: Permission denied [ 16.809477] systemd-tmpfiles[525]: Failed to create directory /var/run/sepermit: Permission denied [ 16.809543] systemd-tmpfiles[525]: Failed to create directory /var/run/ppp: Permission denied [ 16.811565] systemd-tmpfiles[525]: Failed to create directory /var/lock/ppp: P...