93 lines
2.4 KiB
Groff
93 lines
2.4 KiB
Groff
.\" Title: faillog
|
|
.\" Author:
|
|
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
|
|
.\" Date: 06/20/2006
|
|
.\" Manual: System Management Commands
|
|
.\" Source: System Management Commands
|
|
.\"
|
|
.TH "FAILLOG" "8" "06/20/2006" "System Management Commands" "System Management Commands"
|
|
.\" disable hyphenation
|
|
.nh
|
|
.\" disable justification (adjust text to left margin only)
|
|
.ad l
|
|
.SH "NAME"
|
|
faillog \- display faillog records or set login failure limits
|
|
.SH "SYNOPSIS"
|
|
.HP 8
|
|
\fBfaillog\fR [\fIoptions\fR]
|
|
.SH "DESCRIPTION"
|
|
.PP
|
|
|
|
\fBfaillog\fR
|
|
formats the contents of the failure log from
|
|
\fI/var/log/faillog\fR
|
|
database. It also can be used for maintains failure counters and limits. Run
|
|
\fBfaillog\fR
|
|
without arguments display only list of user faillog records who have ever had a login failure.
|
|
.SH "OPTIONS"
|
|
.PP
|
|
The options which apply to the
|
|
\fBfaillog\fR
|
|
command are:
|
|
.TP 3n
|
|
\fB\-a\fR, \fB\-\-all\fR
|
|
Display faillog records for all users.
|
|
.TP 3n
|
|
\fB\-h\fR, \fB\-\-help\fR
|
|
Display help message and exit.
|
|
.TP 3n
|
|
\fB\-l\fR, \fB\-\-lock\-time\fR \fISEC\fR
|
|
Lock account to
|
|
\fISEC\fR
|
|
seconds after failed login.
|
|
.TP 3n
|
|
\fB\-m\fR, \fB\-\-maximum\fR \fIMAX\fR
|
|
Set maximum number of login failures after the account is disabled to
|
|
\fIMAX\fR. Selecting
|
|
\fIMAX\fR
|
|
value of 0 has the effect of not placing a limit on the number of failed logins. The maximum failure count should always be 0 for
|
|
\fIroot\fR
|
|
to prevent a denial of services attack against the system.
|
|
.TP 3n
|
|
\fB\-r\fR, \fB\-\-reset\fR
|
|
Reset the counters of login failures or one record if used with the
|
|
\fB\-u\fR
|
|
\fILOGIN\fR
|
|
option. Write access to
|
|
\fI/var/log/faillog\fR
|
|
is required for this option.
|
|
.TP 3n
|
|
\fB\-t\fR, \fB\-\-time\fR \fIDAYS\fR
|
|
Display faillog records more recent than
|
|
\fIDAYS\fR. The
|
|
\fB\-t\fR
|
|
flag overrides the use of
|
|
\fB\-u\fR.
|
|
.TP 3n
|
|
\fB\-u\fR, \fB\-\-user\fR \fILOGIN\fR
|
|
Display faillog record or maintains failure counters and limits (if used with
|
|
\fB\-l\fR,
|
|
\fB\-m\fR
|
|
or
|
|
\fB\-r\fR
|
|
options) only for user with
|
|
\fILOGIN\fR.
|
|
.SH "CAVEATS"
|
|
.PP
|
|
|
|
\fBfaillog\fR
|
|
only prints out users with no successful login since the last failure. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the
|
|
\fB\-u\fR
|
|
flag, or print out all users with the
|
|
\fB\-a\fR
|
|
flag.
|
|
.SH "FILES"
|
|
.TP 3n
|
|
\fI/var/log/faillog\fR
|
|
Failure logging file.
|
|
.SH "SEE ALSO"
|
|
.PP
|
|
|
|
\fBlogin\fR(1),
|
|
\fBfaillog\fR(5).
|