[arch-general] PAM 1.3.1 -> 1.5.1 did pam_tally get removed?

Anton Hvornum anton at hvornum.se
Mon Feb 22 12:58:36 UTC 2021

That would answer my issue yesterday, but raises another question.

What dictates if something is worthy of being put on the bulletin
board on the main website?

I added 2FA way back when to /etc/pam.d/system-login and that meant
that pacman placed a .pacnew file alongside the modified system-login
(as expected) on upgrade.
But the notification about this got lost in the sea of packages which
is on me of course. But seeing as this is a modification to a system
critical file can (and did) cause a complete lockout of accounts on
the machine due to `auth    required` being the keywords put in place.
I would have expected this to be on the bulletin board about possible
manual intervention required.

Perhaps I just missed it under another title?

Best wishes:
Anton Hvornum

On Mon, Feb 22, 2021 at 12:57 PM Björn Fries via arch-general
<arch-general at lists.archlinux.org> wrote:
>  > I can't remember if I've
>  > added the following to /etc/pam.d/system-login or not:
>  >
>  > auth       required   pam_tally2.so        onerr=succeed
> file=/var/log/tallylog
> The line was changed by
> https://github.com/archlinux/svntogit-packages/commit/7afa3fb3a9e74c27f4c2af85c8ff624123c830e1
> to
> auth       required   pam_faillock.so        onerr=succeed
> file=/var/log/tallylog
> and  pam_faillock was moved to /etc/pam.d/system-auth by
> https://github.com/archlinux/svntogit-packages/commit/2d5af94ae55a5c98837ce9631f331ad2aad32bb3

More information about the arch-general mailing list