.\" Title: faillog .\" Author: .\" Generator: DocBook XSL Stylesheets v1.70.1 .\" Date: 06/06/2006 .\" Manual: System Management Commands .\" Source: System Management Commands .\" .TH "FAILLOG" "8" "06/06/2006" "System Management Commands" "System Management Commands" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .SH "NAME" faillog \- display faillog records or set login failure limits .SH "SYNOPSIS" .HP 8 \fBfaillog\fR [\fIoptions\fR] .SH "DESCRIPTION" .PP \fBfaillog\fR formats the contents of the failure log from \fI/var/log/faillog\fR database. It also can be used for maintains failure counters and limits. Run \fBfaillog\fR without arguments display only list of user faillog records who have ever had a login failure. .SH "OPTIONS" .PP The options which apply to the \fBfaillog\fR command are: .TP 3n \fB\-a\fR, \fB\-\-all\fR Display faillog records for all users. .TP 3n \fB\-h\fR, \fB\-\-help\fR Display help message and exit. .TP 3n \fB\-l\fR, \fB\-\-lock\-time\fR \fISEC\fR Lock account to \fISEC\fR seconds after failed login. .TP 3n \fB\-m\fR, \fB\-\-maximum\fR \fIMAX\fR Set maximum number of login failures after the account is disabled to \fIMAX\fR. Selecting \fIMAX\fR value of 0 has the effect of not placing a limit on the number of failed logins. The maximum failure count should always be 0 for \fIroot\fR to prevent a denial of services attack against the system. .TP 3n \fB\-r\fR, \fB\-\-reset\fR Reset the counters of login failures or one record if used with the \fB\-u\fR \fILOGIN\fR option. Write access to \fI/var/log/faillog\fR is required for this option. .TP 3n \fB\-t\fR, \fB\-\-time\fR \fIDAYS\fR Display faillog records more recent than \fIDAYS\fR. The \fB\-t\fR flag overrides the use of \fB\-u\fR. .TP 3n \fB\-u\fR, \fB\-\-user\fR \fILOGIN\fR Display faillog record or maintains failure counters and limits (if used with \fB\-l\fR, \fB\-m\fR or \fB\-r\fR options) only for user with \fILOGIN\fR. .SH "CAVEATS" .PP \fBfaillog\fR only prints out users with no successful login since the last failure. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the \fB\-u\fR flag, or print out all users with the \fB\-a\fR flag. .SH "FILES" .TP 3n \fI/var/log/faillog\fR Failure logging file. .SH "SEE ALSO" .PP \fBlogin\fR(1), \fBfaillog\fR(5).