Bug 612473 - faillog prints entries for all users
Summary: faillog prints entries for all users
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: shadow-utils
Version: 4.8
Hardware: All
OS: Linux
urgent
medium
Target Milestone: rc
: ---
Assignee: Peter Vrabec
QA Contact: Ondrej Moriš
URL:
Whiteboard:
Keywords: Patch, Regression, ZStream
Depends On:
Blocks: 619419 619713
TreeView+ depends on / blocked
 
Reported: 2010-07-08 10:27 UTC by ritz
Modified: 2018-11-14 18:58 UTC (History)
6 users (show)

(edit)
Clone Of:
: 619713 (view as bug list)
(edit)
Last Closed: 2012-06-14 20:47:23 UTC


Attachments (Terms of Use)
patch (463 bytes, application/octet-stream)
2010-07-08 10:27 UTC, ritz
no flags Details
patch (803 bytes, patch)
2010-07-12 17:07 UTC, ritz
no flags Details | Diff
proposed solution (852 bytes, patch)
2010-07-15 14:41 UTC, Peter Vrabec
no flags Details | Diff

Description ritz 2010-07-08 10:27:43 UTC
Created attachment 430292 [details]
patch

Description of problem:
faillog prints entries for all users

Version-Release number of selected component (if applicable):
shadow-utils 4.0.3-66.el4_8.1

How reproducible:
always

Steps to Reproduce:
1. Step up the system to use pam_tally, by adding thebelow  to /etc/pam.d/system-auth:

auth        required      /lib/security/$ISA/pam_tally.so onerr=fail no_magic_root account     required      /lib/security/$ISA/pam_tally.so per_user deny=5 no_magic_root reset

2. Logout, and login, and run  faillog

  
Actual results:
$ faillog
Login       Failures Maximum Latest                   On 
root            0        0   Wed Dec 31 19:00:00 -0500 1969  
bin             0        0   Wed Dec 31 19:00:00 -0500 1969  
... 
testuser        0        0   Wed Dec 31 19:00:00 -0500 1969  
test            0        0   Wed Dec 31 19:00:00 -0500 1969 

Expected results:
all entries should not be printed

Additional info:
from src/faillog.c
int main (int argc, char **argv)
{
...
       /* no flags implies -a -p (= print information for all users)  */
       if (!(anyflag || aflg || tflg || uflg))
               aflg++;


From From 'man 8 faillog'
When faillog is run without arguments, it only displays the faillog records of the users who had a login failure.


both man pages and faillog are in contradiction.

Comment 3 ritz 2010-07-12 17:07:00 UTC
Created attachment 431217 [details]
patch

fixed. We  did not call print, or had checked for fail count.

Comment 5 Peter Vrabec 2010-07-15 14:41:07 UTC
Created attachment 432102 [details]
proposed solution

ritz, thnx. you for the patches. I have taken a look at the problem and it seems that second patch from you will introduce another issue. It will call print() every time. Even when you want use "-r" reset or "-m" maximum number of login failures. This is changing default behaviour. Tell me if I'm not right. Can you please take a look at my solution. thnx.


Note You need to log in before you can comment on or make changes to this bug.