Bug 1273373 - Require the option "unlock_time=never" with pam_faillock.so module.
Require the option "unlock_time=never" with pam_faillock.so module.
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: pam (Show other bugs)
All Linux
medium Severity medium
: rc
: ---
Assigned To: Tomas Mraz
Dalibor Pospíšil
Mirek Jahoda
: FutureFeature
: 1148042 (view as bug list)
Depends On:
Blocks: 1203710 1296594 1313485 1404832
  Show dependency treegraph
Reported: 2015-10-20 06:24 EDT by Chinmay Paradkar
Modified: 2016-12-14 13:56 EST (History)
14 users (show)

See Also:
Fixed In Version: pam-1.1.8-15.el7
Doc Type: Enhancement
Doc Text:
*pam_faillock* can be now configured with `unlock_time=never` The *pam_faillock* module now allows specifying using the `unlock_time=never` option that the user authentication lock caused by multiple authentication failures should never expire.
Story Points: ---
Clone Of:
: 1404832 (view as bug list)
Last Closed: 2016-11-03 23:31:39 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Chinmay Paradkar 2015-10-20 06:24:04 EDT
Description of problem:

The global option "unlock_time" available with "pam_faillock" module does not have an option to lock a user account until it's unlocked by admin.

Version-Release number of selected component (if applicable):


Additional info:

The current Fedora rawhide version of pam_faillock has this feature "unlock_time=never" but the RHEL-7 package does not. Hence opening a Bug to backport the feature to RHEL-7.
Comment 2 Tomas Mraz 2015-12-14 04:52:14 EST
*** Bug 1148042 has been marked as a duplicate of this bug. ***
Comment 13 errata-xmlrpc 2016-11-03 23:31:39 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.