Bug 612473 - faillog prints entries for all users
faillog prints entries for all users
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: shadow-utils (Show other bugs)
4.8
All Linux
urgent Severity medium
: rc
: ---
Assigned To: Peter Vrabec
Ondrej Moriš
: Patch, Regression, ZStream
Depends On:
Blocks: 619419 619713
  Show dependency treegraph
 
Reported: 2010-07-08 06:27 EDT by ritz
Modified: 2013-01-10 22:06 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 619713 (view as bug list)
Environment:
Last Closed: 2012-06-14 16:47:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch (463 bytes, application/octet-stream)
2010-07-08 06:27 EDT, ritz
no flags Details
patch (803 bytes, patch)
2010-07-12 13:07 EDT, ritz
no flags Details | Diff
proposed solution (852 bytes, patch)
2010-07-15 10:41 EDT, Peter Vrabec
no flags Details | Diff

  None (edit)
Description ritz 2010-07-08 06:27:43 EDT
Created attachment 430292 [details]
patch

Description of problem:
faillog prints entries for all users

Version-Release number of selected component (if applicable):
shadow-utils 4.0.3-66.el4_8.1

How reproducible:
always

Steps to Reproduce:
1. Step up the system to use pam_tally, by adding thebelow  to /etc/pam.d/system-auth:

auth        required      /lib/security/$ISA/pam_tally.so onerr=fail no_magic_root account     required      /lib/security/$ISA/pam_tally.so per_user deny=5 no_magic_root reset

2. Logout, and login, and run  faillog

  
Actual results:
$ faillog
Login       Failures Maximum Latest                   On 
root            0        0   Wed Dec 31 19:00:00 -0500 1969  
bin             0        0   Wed Dec 31 19:00:00 -0500 1969  
... 
testuser        0        0   Wed Dec 31 19:00:00 -0500 1969  
test            0        0   Wed Dec 31 19:00:00 -0500 1969 

Expected results:
all entries should not be printed

Additional info:
from src/faillog.c
int main (int argc, char **argv)
{
...
       /* no flags implies -a -p (= print information for all users)  */
       if (!(anyflag || aflg || tflg || uflg))
               aflg++;


From From 'man 8 faillog'
When faillog is run without arguments, it only displays the faillog records of the users who had a login failure.


both man pages and faillog are in contradiction.
Comment 3 ritz 2010-07-12 13:07:00 EDT
Created attachment 431217 [details]
patch

fixed. We  did not call print, or had checked for fail count.
Comment 5 Peter Vrabec 2010-07-15 10:41:07 EDT
Created attachment 432102 [details]
proposed solution

ritz, thnx. you for the patches. I have taken a look at the problem and it seems that second patch from you will introduce another issue. It will call print() every time. Even when you want use "-r" reset or "-m" maximum number of login failures. This is changing default behaviour. Tell me if I'm not right. Can you please take a look at my solution. thnx.

Note You need to log in before you can comment on or make changes to this bug.