Bug 198161

Summary: pam_tally doesn't support large UIDs
Product: Red Hat Enterprise Linux 4 Reporter: Russell Coker <russell>
Component: pamAssignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact: Jay Turner <jturner>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.0CC: k.georgiou, srevivo
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHBA-2006-0370 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-08-21 12:02:51 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Russell Coker 2006-07-10 12:29:28 UTC 
I am working for a company that has a large number of employees and want a 
consistent employee ID number that works everywhere and lasts forever.

Their numbering scheme has employee numbers in the 500,000,000 range.  When I 
enable pam_tally via the below code it doesn't work as seeks in such a 
large /var/log/faillog file are not supported.

This works (although badly) in rawhide.  The faillog sparse file does not 
deliver adequate performance.  What I would like to see is code in RHEL4U3 
that performs as well as the code in rawhide (IE it basically works even 
though running "faillog" may take over a minute of CPU time).  For the 
long-term we need a hash table as I requested in #198160.

auth    required  /lib/security/$ISA/pam_tally.so onerr=fail no_magic_root
account required  /lib/security/$ISA/pam_tally.so deny=3 reset no_magic_root
Comment 1 RHEL Program Management 2006-08-18 15:13:24 UTC 
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.