Created attachment 430292 [details] patch Description of problem: faillog prints entries for all users Version-Release number of selected component (if applicable): shadow-utils 4.0.3-66.el4_8.1 How reproducible: always Steps to Reproduce: 1. Step up the system to use pam_tally, by adding thebelow to /etc/pam.d/system-auth: auth required /lib/security/$ISA/pam_tally.so onerr=fail no_magic_root account required /lib/security/$ISA/pam_tally.so per_user deny=5 no_magic_root reset 2. Logout, and login, and run faillog Actual results: $ faillog Login Failures Maximum Latest On root 0 0 Wed Dec 31 19:00:00 -0500 1969 bin 0 0 Wed Dec 31 19:00:00 -0500 1969 ... testuser 0 0 Wed Dec 31 19:00:00 -0500 1969 test 0 0 Wed Dec 31 19:00:00 -0500 1969 Expected results: all entries should not be printed Additional info: from src/faillog.c int main (int argc, char **argv) { ... /* no flags implies -a -p (= print information for all users) */ if (!(anyflag || aflg || tflg || uflg)) aflg++; From From 'man 8 faillog' When faillog is run without arguments, it only displays the faillog records of the users who had a login failure. both man pages and faillog are in contradiction.
Created attachment 431217 [details] patch fixed. We did not call print, or had checked for fail count.
Created attachment 432102 [details] proposed solution ritz, thnx. you for the patches. I have taken a look at the problem and it seems that second patch from you will introduce another issue. It will call print() every time. Even when you want use "-r" reset or "-m" maximum number of login failures. This is changing default behaviour. Tell me if I'm not right. Can you please take a look at my solution. thnx.