Description of problem: After an unsuccessful attempt of console login "faillog" still reports zero login failures. Version-Release number of selected component (if applicable): pam-0.99.6.2-3.8.el5 selinux-policy-2.4.6-15.el5 selinux-policy-targeted-2.4.6-15.el5 selinux-policy-mls-2.4.6-15.el5 # uname -a Linux ct.ltc.ic.unicamp.br 2.6.18-1.2840.2.1.el5.lspp.57 #1 SMP Fri Dec 8 17:28:15 EST 2006 i686 i686 i386 GNU/Linux System is a RHEL5 Beta2 Server 12/18 refresh installed with LSPP KS script v16-1. How reproducible: Always Steps to Reproduce: 1. Make sure you have an ordinary user account created, I'll suppose this user is called "tux". 2. In terminal 1 (Alt-F1) login as root 3. "faillog -u tux" <--- See how many failures are there. 4. In a second terminal (for instance, Alt-F2) try to login as "tux" with a bad password. 5. Back to terminal 1 (Alt-F1) try "faillog -u tux" again. The failure count is still the same. Actual results: Fail count doesn't increase Expected results: It was expect the failure count was increased by one. Additional info: It seems the fail count is stick to zero always... I still haven't managed to make it change.
Also note there is a pam_tally2.so which removes 32/64bit incompatibility in the /var/log/faillog format with pam_tally2 utility to print the tally information.