2007-10-07 17:17:33 +05:30
. \" Title: faillog
. \" Author:
. \" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
2007-10-07 17:17:45 +05:30
. \" Date: 06/20/2006
2007-10-07 17:17:33 +05:30
. \" Manual: System Management Commands
. \" Source: System Management Commands
. \"
2007-10-07 17:17:45 +05:30
.TH "FAILLOG" "8" "06/20/2006" "System Management Commands" "System Management Commands"
2007-10-07 17:16:52 +05:30
. \" disable hyphenation
.nh
. \" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
2007-10-07 17:16:07 +05:30
faillog \- display faillog records or set login failure limits
2007-10-07 17:16:25 +05:30
.SH "SYNOPSIS"
.HP 8
\fB faillog\fR [\fI options\fR ]
.SH "DESCRIPTION"
.PP
2007-10-07 17:17:33 +05:30
2007-10-07 17:17:01 +05:30
\fB faillog\fR
formats the contents of the failure log from
\fI /var/log/faillog\fR
database. It also can be used for maintains failure counters and limits. Run
\fB faillog\fR
2007-10-07 17:16:52 +05:30
without arguments display only list of user faillog records who have ever had a login failure.
2007-10-07 17:16:25 +05:30
.SH "OPTIONS"
.PP
2007-10-07 17:17:01 +05:30
The options which apply to the
\fB faillog\fR
2007-10-07 17:16:52 +05:30
command are:
2007-10-07 17:17:33 +05:30
.TP 3 n
2007-10-07 17:16:25 +05:30
\fB \- a\fR , \fB \- \- all\fR
2007-10-07 17:16:52 +05:30
Display faillog records for all users.
2007-10-07 17:17:33 +05:30
.TP 3 n
2007-10-07 17:16:25 +05:30
\fB \- h\fR , \fB \- \- help\fR
2007-10-07 17:16:52 +05:30
Display help message and exit.
2007-10-07 17:17:33 +05:30
.TP 3 n
2007-10-07 17:16:25 +05:30
\fB \- l\fR , \fB \- \- lock\- time\fR \fI SEC\fR
2007-10-07 17:17:01 +05:30
Lock account to
\fI SEC\fR
2007-10-07 17:16:52 +05:30
seconds after failed login.
2007-10-07 17:17:33 +05:30
.TP 3 n
2007-10-07 17:16:25 +05:30
\fB \- m\fR , \fB \- \- maximum\fR \fI MAX\fR
2007-10-07 17:17:01 +05:30
Set maximum number of login failures after the account is disabled to
\fI MAX\fR . Selecting
\fI MAX\fR
value of 0 has the effect of not placing a limit on the number of failed logins. The maximum failure count should always be 0 for
\fI root\fR
2007-10-07 17:16:52 +05:30
to prevent a denial of services attack against the system.
2007-10-07 17:17:33 +05:30
.TP 3 n
2007-10-07 17:16:25 +05:30
\fB \- r\fR , \fB \- \- reset\fR
2007-10-07 17:17:33 +05:30
Reset the counters of login failures or one record if used with the
\fB \- u\fR
2007-10-07 17:17:01 +05:30
\fI LOGIN\fR
option. Write access to
\fI /var/log/faillog\fR
2007-10-07 17:16:52 +05:30
is required for this option.
2007-10-07 17:17:33 +05:30
.TP 3 n
2007-10-07 17:16:25 +05:30
\fB \- t\fR , \fB \- \- time\fR \fI DAYS\fR
2007-10-07 17:17:01 +05:30
Display faillog records more recent than
\fI DAYS\fR . The
\fB \- t\fR
flag overrides the use of
2007-10-07 17:16:52 +05:30
\fB \- u\fR .
2007-10-07 17:17:33 +05:30
.TP 3 n
2007-10-07 17:16:25 +05:30
\fB \- u\fR , \fB \- \- user\fR \fI LOGIN\fR
2007-10-07 17:17:01 +05:30
Display faillog record or maintains failure counters and limits (if used with
\fB \- l\fR ,
\fB \- m\fR
or
\fB \- r\fR
options) only for user with
2007-10-07 17:16:52 +05:30
\fI LOGIN\fR .
2007-10-07 17:16:25 +05:30
.SH "CAVEATS"
.PP
2007-10-07 17:17:33 +05:30
2007-10-07 17:17:01 +05:30
\fB faillog\fR
only prints out users with no successful login since the last failure. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the
\fB \- u\fR
flag, or print out all users with the
\fB \- a\fR
2007-10-07 17:16:52 +05:30
flag.
2007-10-07 17:16:25 +05:30
.SH "FILES"
2007-10-07 17:17:33 +05:30
.TP 3 n
2007-10-07 17:16:25 +05:30
\fI /var/log/faillog\fR
2007-10-07 17:17:33 +05:30
Failure logging file.
2007-10-07 17:16:25 +05:30
.SH "SEE ALSO"
.PP
2007-10-07 17:17:33 +05:30
2007-10-07 17:17:01 +05:30
\fB login\fR (1),
\fB faillog\fR (5).
