Re: Sarge: Lost # of failed logins

To: debian-user@lists.debian.org
Subject: Re: Sarge: Lost # of failed logins
From: Florian Kulzer <florian.kulzer+debian@icfo.es>
Date: Sat, 28 Jul 2007 14:56:47 +0200
Message-id: <[🔎] 20070728125647.GA14953@localhost>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 46AA985A.2050203@earthlink.net>
References: <[🔎] 20070726195127.GD12790@dementia.proulx.com> <[🔎] 20070726202949.GA15659@localhost> <[🔎] 20070726235200.GB31687@dementia.proulx.com> <[🔎] 20070727034449.GK31753@localhost.localdomain> <[🔎] 20070727105732.GA7312@localhost> <[🔎] 46A9F836.1010809@earthlink.net> <[🔎] 20070727141630.GA13841@localhost> <[🔎] 46AA4D52.9050804@earthlink.net> <[🔎] 20070727225534.GU31753@localhost.localdomain> <[🔎] 46AA985A.2050203@earthlink.net>

On Fri, Jul 27, 2007 at 20:14:02 -0500, Mumia W.. wrote:
> On 07/27/2007 05:55 PM, Andrew Sackville-West wrote:
>> On Fri, Jul 27, 2007 at 02:53:54PM -0500, Mumia W.. wrote:
>>> [...]
>>> The "faillog" command doesn't give any output to me, and /var/log/faillog 
>>> is still zero bytes.
>> so, what mechanism writes the faillog. Maybe it panics on bad perms?
>> mine are 0644 root:root
>> A
>
> Same here.

I can remove /var/log/faillog on my system (Sid-amd64) and create a new
one with "touch" (empty file, permissions like yours). After the first
failed login the file is 32KB long (the same length as it had before)
and both the login failure messages and the faillog command work
normally again.

I would of course be very worried if the faillog file disappeared on its
own all of a sudden. (Now that I have become aware of its existence in
the course of this thread.) Likewise, it would be suspicious if the
empty "seed" file remained unchanged after subsequent login failures.

-- 
Regards,            | http://users.icfo.es/Florian.Kulzer
          Florian   |

Reply to:

References:
- Re: Sarge: Lost # of failed logins
  - From: bob@proulx.com (Bob Proulx)
- Re: Sarge: Lost # of failed logins
  - From: Florian Kulzer <florian.kulzer+debian@icfo.es>
- Re: Sarge: Lost # of failed logins
  - From: bob@proulx.com (Bob Proulx)
- Re: Sarge: Lost # of failed logins
  - From: Andrew Sackville-West <andrew@farwestbilliards.com>
- Re: Sarge: Lost # of failed logins
  - From: Florian Kulzer <florian.kulzer+debian@icfo.es>
- Re: Sarge: Lost # of failed logins
  - From: "Mumia W.." <paduille.4061.mumia.w+nospam@earthlink.net>
- Re: Sarge: Lost # of failed logins
  - From: Florian Kulzer <florian.kulzer+debian@icfo.es>
- Re: Sarge: Lost # of failed logins
  - From: "Mumia W.." <paduille.4061.mumia.w+nospam@earthlink.net>
- Re: Sarge: Lost # of failed logins
  - From: Andrew Sackville-West <andrew@farwestbilliards.com>
- Re: Sarge: Lost # of failed logins
  - From: "Mumia W.." <paduille.4061.mumia.w+nospam@earthlink.net>

Prev by Date: where is linux-2.6_2.6.22-2.diff.gz?
Next by Date: problems installing with 'writemaster' CDROM
Previous by thread: Re: Sarge: Lost # of failed logins
Next by thread: Re: Sarge: Lost # of failed logins
Index(es):
- Date
- Thread