155 lines
4.5 KiB
XML
155 lines
4.5 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<refentry id='faillog.8'>
|
|
<!-- $Id$ -->
|
|
<refmeta>
|
|
<refentrytitle>faillog</refentrytitle>
|
|
<manvolnum>8</manvolnum>
|
|
<refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
|
|
</refmeta>
|
|
<refnamediv id='name'>
|
|
<refname>faillog</refname>
|
|
<refpurpose>display faillog records or set login failure limits</refpurpose>
|
|
</refnamediv>
|
|
|
|
<refsynopsisdiv id='synopsis'>
|
|
<cmdsynopsis>
|
|
<command>faillog</command>
|
|
<arg choice='opt'>
|
|
<replaceable>options</replaceable>
|
|
</arg>
|
|
</cmdsynopsis>
|
|
</refsynopsisdiv>
|
|
|
|
<refsect1 id='description'>
|
|
<title>DESCRIPTION</title>
|
|
<para>
|
|
<command>faillog</command> formats the contents of the failure log
|
|
from <filename>/var/log/faillog</filename> database. It also can be
|
|
used for maintains failure counters and limits. Run
|
|
<command>faillog</command> without arguments display only list of user
|
|
faillog records who have ever had a login failure.
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1 id='options'>
|
|
<title>OPTIONS</title>
|
|
<para>
|
|
The options which apply to the <command>faillog</command> command
|
|
are:
|
|
</para>
|
|
<variablelist remap='IP'>
|
|
<varlistentry>
|
|
<term><option>-a</option>, <option>--all</option></term>
|
|
<listitem>
|
|
<para>Display faillog records for all users.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><option>-h</option>, <option>--help</option></term>
|
|
<listitem>
|
|
<para>Display help message and exit.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term>
|
|
<option>-l</option>, <option>--lock-time</option>
|
|
<replaceable>SEC</replaceable>
|
|
</term>
|
|
<listitem>
|
|
<para>
|
|
Lock account to <replaceable>SEC</replaceable>
|
|
seconds after failed login.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term>
|
|
<option>-m</option>, <option>--maximum</option>
|
|
<replaceable>MAX</replaceable>
|
|
</term>
|
|
<listitem>
|
|
<para>
|
|
Set maximum number of login failures after the account is
|
|
disabled to <replaceable>MAX</replaceable>. Selecting
|
|
<replaceable>MAX</replaceable> value of 0 has the effect of not
|
|
placing a limit on the number of failed logins. The maximum
|
|
failure count should always be 0 for <emphasis>root</emphasis>
|
|
to prevent a denial of services attack against the system.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><option>-r</option>, <option>--reset</option></term>
|
|
<listitem>
|
|
<para>
|
|
Reset the counters of login failures or one record if used with
|
|
the <option>-u</option> <replaceable>LOGIN</replaceable>
|
|
option. Write access to <filename>/var/log/faillog</filename>
|
|
is required for this option.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><option>-t</option>, <option>--time</option>
|
|
<replaceable>DAYS</replaceable>
|
|
</term>
|
|
<listitem>
|
|
<para>
|
|
Display faillog records more recent than
|
|
<replaceable>DAYS</replaceable>. The <option>-t</option>
|
|
flag overrides the use of <option>-u</option>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term>
|
|
<option>-u</option>, <option>--user</option> <replaceable>LOGIN</replaceable>
|
|
</term>
|
|
<listitem>
|
|
<para>
|
|
Display faillog record or maintains failure counters and limits
|
|
(if used with <option>-l</option>, <option>-m</option> or
|
|
<option>-r</option> options) only for user with
|
|
<replaceable>LOGIN</replaceable>.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</refsect1>
|
|
|
|
<refsect1 id='caveats'>
|
|
<title>CAVEATS</title>
|
|
<para>
|
|
<command>faillog</command> only prints out users with no successful
|
|
login since the last failure. To print out a user who has had a
|
|
successful login since their last failure, you must explicitly request
|
|
the user with the <option>-u</option> flag, or print out all users
|
|
with the <option>-a</option> flag.
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1 id='files'>
|
|
<title>FILES</title>
|
|
<variablelist>
|
|
<varlistentry>
|
|
<term><filename>/var/log/faillog</filename></term>
|
|
<listitem>
|
|
<para>Failure logging file.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</refsect1>
|
|
|
|
<refsect1 id='see_also'>
|
|
<title>SEE ALSO</title>
|
|
<para>
|
|
<citerefentry>
|
|
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
|
|
</citerefentry>,
|
|
<citerefentry>
|
|
<refentrytitle>faillog</refentrytitle><manvolnum>5</manvolnum>
|
|
</citerefentry>.
|
|
</para>
|
|
</refsect1>
|
|
</refentry>
|