Fix pam-tally2.so is missing in Ubuntu #38

This commit is contained in:
Samson-W 2022-09-05 13:45:01 +00:00
parent d9b24e2e7e
commit 297b4fa343
2 changed files with 17 additions and 5 deletions

View File

@ -158,12 +158,12 @@ apply () {
check_config() {
if [ $OS_RELEASE -eq 2 ]; then
PACKAGE='pam'
PAMLIBNAME='pam_failloc.so'
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_failloc.so'
PAMLIBNAME='pam_faillock.so'
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
AUTHFILE='/etc/pam.d/password-auth'
AUTHRULE='auth required pam_failloc.so deny=3 even_deny_root unlock_time=900'
AUTHRULE='auth required pam_faillock.so deny=3 even_deny_root unlock_time=900'
ADDPATTERNLINE='auth[[:space:]]*required'
else
elif [ $OS_RELEASE -eq 1 ]; then
is_debian_11
# faillock for Debian 11
if [ $FNRET = 0 ]; then
@ -177,6 +177,12 @@ check_config() {
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_tally2.so'
AUTHRULE='auth required pam_tally2.so deny=3 even_deny_root unlock_time=900'
fi
# same to debian11
elif [ $OS_RELEASE -eq 3 ]; then
ISDEBIAN11=1
SECCONFFILE='/etc/security/faillock.conf'
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
AUTHRULE='auth required pam_faillock.so'
fi
}

View File

@ -156,7 +156,7 @@ check_config() {
AUTHRULE='auth required pam_faillock.so preauth silent audit deny=3 even_deny_root fail_interval=900 unlock_time=900'
ADDPATTERNLINE='auth[[:space:]]*required'
DENYROOT='even_deny_root'
else
elif [ $OS_RELEASE -eq 1 ]; then
is_debian_11
# faillock for Debian 11
if [ $FNRET = 0 ]; then
@ -170,6 +170,12 @@ check_config() {
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_tally2.so'
AUTHRULE='auth required pam_tally2.so deny=3 even_deny_root unlock_time=900'
fi
# same to debian11
elif [ $OS_RELEASE -eq 3 ]; then
ISDEBIAN11=1
SECCONFFILE='/etc/security/faillock.conf'
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
AUTHRULE='auth required pam_faillock.so'
fi
}