diff options
author | Steve Langasek <steve.langasek@canonical.com> | 2020-08-11 14:54:29 -0700 |
---|---|---|
committer | Steve Langasek <steve.langasek@canonical.com> | 2020-08-11 14:54:29 -0700 |
commit | f6d08ed47a3da3c08345bce2ca366e961c52ad7c (patch) | |
tree | dcbd0efb229b17f696f7195671f05b354b4f70fc /modules/pam_lastlog/README | |
parent | 668b13da8f830c38388cecac45539972e80cb246 (diff) | |
parent | 9e5bea9e146dee574796259ca464ad2435be3590 (diff) |
New upstream version 1.4.0
Diffstat (limited to 'modules/pam_lastlog/README')
-rw-r--r-- | modules/pam_lastlog/README | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/modules/pam_lastlog/README b/modules/pam_lastlog/README index 38a3065a..c0feca04 100644 --- a/modules/pam_lastlog/README +++ b/modules/pam_lastlog/README @@ -11,9 +11,14 @@ login of the user. In addition, the module maintains the /var/log/lastlog file. Some applications may perform this function themselves. In such cases, this module is not necessary. +The module checks LASTLOG_UID_MAX option in /etc/login.defs and does not update +or display last login records for users with UID higher than its value. If the +option is not present or its value is invalid, no user ID limit is applied. + If the module is called in the auth or account phase, the accounts that were not used recently enough will be disallowed to log in. The check is not -performed for the root account so the root is never locked out. +performed for the root account so the root is never locked out. It is also not +performed for users with UID higher than the LASTLOG_UID_MAX value. OPTIONS @@ -24,7 +29,7 @@ debug silent Don't inform the user about any previous login, just update the /var/log/ - lastlog file. + lastlog file. This option does not affect display of bad login attempts. never @@ -63,6 +68,12 @@ inactive=<days> number of days after the last login of the user when the user will be locked out by the module. The default value is 90. +unlimited + + If the fsize limit is set, this option can be used to override it, + preventing failures on systems with large UID values that lead lastlog to + become a huge sparse file. + EXAMPLES Add the following line to /etc/pam.d/login to display the last login time of an |