[sudo-users] Re: sudo and faillog
Chris Jepeway
jepeway at blasted-heath.com
Thu Jan 6 20:31:08 EST 2005
Martin:
I've cc'ed this (& a copy of your e-mail) to the sudo-users list.
I haven't participated in the development of sudo in at least
a decade, so I don't think I can give you much help.
That said, I'm betting the list folk might want to know what
distro of Linux you're running on. I realize y'all
are IBM, but I dunno if you're RedHat or what...
Also, you might want to check into the Sudo Web Page at
http://www.sudo.ws
Also, sudo's principal author, Todd C. Miller, offers
commercial support if that's what you need.
Sorry not to be of more use to you. Good luck...
Chris <jepeway at blasted-heath.com>.
On Jan 6, 2005, at 4:33 PM, Martin Corona wrote:
>
> Julianne and Chris,
>
> There seems to be an issue with faillog and sudo. Not sure if the
> problem is with sudo or faillog though.
>
> I have been able to reproduce the problem on three Linux systems.
>
> I ssh into a system, check the faillog
>
>
> [~]$ faillog
> Username Failures Maximum Latest
> djmartin 0 0 Thu Jan 6 16:06:46 -0500 2005 on pts/1
>
>
> Here's one way to make the faillog count jump up
>
> sudo vi /etc/login.defs
> get prompted for my password
> edit the file and save
>
> check the faillog again
>
> [~]$ faillog
> Username Failures Maximum Latest
> djmartin 1 0 Thu Jan 6 16:08:16 -0500 2005 on pts/1
>
> Kill my sudo session for the heck of it and check the faillog again
>
> [~]$ sudo -k
> [djmartin at serrano]
>
> [~]$ faillog
> Username Failures Maximum Latest
> djmartin 1 0 Thu Jan 6 16:08:16 -0500 2005 on pts/1
>
> Edit the same file and get prompted for my password again since I
> killed the sudo session
>
> sudo vi /etc/login.defs
>
> save the file and check the faillog again (count keeps going up)
>
> [~]$ faillog
> Username Failures Maximum Latest
> djmartin 2 0 Thu Jan 6 16:10:58 -0500 2005 on pts/1
>
> If the sudo gracetime expires 5 times before I log out (and I edit 5
> files between each gracetime expiration), I will be locked out of the
> server the next time I attempt to log in.
>
> Tested this on Red hat 7.3 and 8 and RHEL 3
> Sudo version 1.6.5p2
> Sudo version 1.6.6
> Sudo version 1.6.7p5
>
> John, thanks for noticing the problem. I usually sudo su - and just
> do my work in one session.
More information about the sudo-users
mailing list