Description of problem: Bug with two dependancies: * pam: [234308] * shadow-utils: [234310] When using faillog, the IP or hostname information gets truncated with strncpy() on the 12 first characters due to the sizeof() from its definition. Used the 52 present in rawhide. This is just part of the problem on write, read (shadow-utils) need change as well for faillog to read it, since both have the same header I'm sending a parallel bug blocker of this one against shadow-utils. Version-Release number of selected component (if applicable): pam-0.77-66.14 shadow-utils-4.0.3-60.RHEL4 How reproducible: Always Steps to Reproduce: 1. Setup a pam stack to use pam_tally.so 2. Fail an authentication 3. Check with faillog Actual results: fail line truncated. Expected results: At least the IP address. Additional info: patch from rawhide.
Created attachment 151119 [details] pam-faillog_short_fail_line.patch
Created attachment 151120 [details] shadow-faillog_short_fail_line.patch
This cannot be changed due to breaking compatibility with existing faillog files. The correct way is to backport pam_tally2.so from RHEL5. *** This bug has been marked as a duplicate of 228044 ***