Hi ,
In one of our server , version rhel5.2 , kernel 2.6.18-92.el5xen. 86_64. We
are using pam_tally2.so module in the system-auth file.
To unlock the useid, we use pam_tally --reset --user <user>.
But very recently while unlocking one user with pam_tally2 (as pam_tally2 is
being used) , found the report is as follows,
pam_tally2 --user xxx
Login Failures Latest failure From
yyy 8 06/08/10 04:39:51 unknown
For user xxx it is giving the output of user yyy. While checking the yyy user
in /etc/password , found this user has /bin/nologin to the server.
both the users xxx and yyy are local.
Tried to duplicate the scenario creating different userid. But I am seeing now
pam_tally2 is reporting the correct user now.
So what will be the reason behind it . Is it the reason that user yyy had
login access and it was locked and then this user's access has been disabled
with nologin in /etc/passwd.? and when we went to unlock the user xxx , it
asked for yyy and it reset the password of yyy?
Will be appreciated for explanations.
thanks in advance
_______________________________________________
rhelv5-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/rhelv5-list
