[sudo-users] Re: sudo and faillog

Chris Jepeway jepeway at blasted-heath.com
Thu Jan 6 20:31:08 EST 2005 

Martin:

I've cc'ed this (& a copy of your e-mail) to the sudo-users list.
I haven't participated in the development of sudo in at least
a decade, so I don't think I can give you much help.

That said, I'm betting the list folk might want to know what
distro of Linux you're running on.  I realize y'all
are IBM, but I dunno if you're RedHat or what...

Also, you might want to check into the Sudo Web Page at

		http://www.sudo.ws

Also, sudo's principal author, Todd C. Miller, offers
commercial support if that's what you need.

Sorry not to be of more use to you.  Good luck...

Chris <jepeway at blasted-heath.com>.

On Jan 6, 2005, at 4:33 PM, Martin Corona wrote:

>
> Julianne and Chris,
>
> There seems to be an issue with faillog and sudo.  Not sure if the 
> problem is with sudo or faillog though.
>
> I have been able to reproduce the problem on three Linux systems.
>
> I ssh into a system, check the faillog
>
>
> [~]$ faillog
> Username   Failures  Maximum  Latest
> djmartin          0        0  Thu Jan  6 16:06:46 -0500 2005 on pts/1
>
>
> Here's one way to make the faillog count jump up
>
> sudo vi /etc/login.defs
> get prompted for my password
> edit the file and save
>
> check the faillog again
>
> [~]$ faillog
> Username   Failures  Maximum  Latest
> djmartin          1        0  Thu Jan  6 16:08:16 -0500 2005 on pts/1
>
> Kill my sudo session for the heck of it and check the faillog again
>
> [~]$ sudo -k
> [djmartin at serrano]
>
> [~]$ faillog
> Username   Failures  Maximum  Latest
> djmartin          1        0  Thu Jan  6 16:08:16 -0500 2005 on pts/1
>
> Edit the same file and get prompted for my password again since I 
> killed the sudo session
>
> sudo vi /etc/login.defs
>
> save the file and check the faillog again (count keeps going up)
>
> [~]$ faillog
> Username   Failures  Maximum  Latest
> djmartin          2        0  Thu Jan  6 16:10:58 -0500 2005 on pts/1
>
> If the sudo gracetime expires 5 times before I log out (and I edit 5 
> files between each gracetime expiration), I will be locked out of the 
> server the next time I attempt to log in.
>
> Tested this on Red hat 7.3 and 8 and RHEL 3
> Sudo version 1.6.5p2
> Sudo version 1.6.6
> Sudo version 1.6.7p5
>
> John, thanks for noticing the problem.  I usually sudo su - and just 
> do my work in one session.

More information about the sudo-users mailing list