Fix pam-tally2.so is missing in Ubuntu #38
This commit is contained in:
parent
d9b24e2e7e
commit
297b4fa343
|
@ -158,12 +158,12 @@ apply () {
|
|||
check_config() {
|
||||
if [ $OS_RELEASE -eq 2 ]; then
|
||||
PACKAGE='pam'
|
||||
PAMLIBNAME='pam_failloc.so'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_failloc.so'
|
||||
PAMLIBNAME='pam_faillock.so'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
|
||||
AUTHFILE='/etc/pam.d/password-auth'
|
||||
AUTHRULE='auth required pam_failloc.so deny=3 even_deny_root unlock_time=900'
|
||||
AUTHRULE='auth required pam_faillock.so deny=3 even_deny_root unlock_time=900'
|
||||
ADDPATTERNLINE='auth[[:space:]]*required'
|
||||
else
|
||||
elif [ $OS_RELEASE -eq 1 ]; then
|
||||
is_debian_11
|
||||
# faillock for Debian 11
|
||||
if [ $FNRET = 0 ]; then
|
||||
|
@ -177,6 +177,12 @@ check_config() {
|
|||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_tally2.so'
|
||||
AUTHRULE='auth required pam_tally2.so deny=3 even_deny_root unlock_time=900'
|
||||
fi
|
||||
# same to debian11
|
||||
elif [ $OS_RELEASE -eq 3 ]; then
|
||||
ISDEBIAN11=1
|
||||
SECCONFFILE='/etc/security/faillock.conf'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
|
||||
AUTHRULE='auth required pam_faillock.so'
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
|
@ -156,7 +156,7 @@ check_config() {
|
|||
AUTHRULE='auth required pam_faillock.so preauth silent audit deny=3 even_deny_root fail_interval=900 unlock_time=900'
|
||||
ADDPATTERNLINE='auth[[:space:]]*required'
|
||||
DENYROOT='even_deny_root'
|
||||
else
|
||||
elif [ $OS_RELEASE -eq 1 ]; then
|
||||
is_debian_11
|
||||
# faillock for Debian 11
|
||||
if [ $FNRET = 0 ]; then
|
||||
|
@ -170,6 +170,12 @@ check_config() {
|
|||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_tally2.so'
|
||||
AUTHRULE='auth required pam_tally2.so deny=3 even_deny_root unlock_time=900'
|
||||
fi
|
||||
# same to debian11
|
||||
elif [ $OS_RELEASE -eq 3 ]; then
|
||||
ISDEBIAN11=1
|
||||
SECCONFFILE='/etc/security/faillock.conf'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
|
||||
AUTHRULE='auth required pam_faillock.so'
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue