Re: console login : number of access failures
On Wed, Nov 28, 2007 at 02:18:23PM +0100, daniele pendenza wrote:
> 1- by default on our Debian system after a successful login through a
> tty we are presented with the number of failures (unsuccesful logins)
> that took place before using the same login name.For a non root user
> this number is correct.
>
> But what about the root user ? That number is "correct" unless no one
> tried to do "su logins" (login using the command su).
> Do you think that su-logins must be considered as "general logins" and
> then the super user must know how many unsuccessful "su-logins" took
> place ? And what about the date and time of the last root login ? :-)
> Well, as a solution one could forbid the "su-login" but sometimes that
> command can be useful.
I have pam set up so that only members of group adm can do su. I also
have my logchecker email me auth failures. Since root should never log
in directly (except at single-user), root wouldn't normally see such
login notices anyway.
>
> 2 - by default whenever I press CTRL-D to log out as a non root user the
> screen is cleaned ... whenever I press CTRL-D to log out as a root user
> the screen is not cleaned - and maybe a non root user can see what the
> root did before ! Why did they choose this behavior ??
>
So look in the user's .bash_logout and put the appropriate entry in
root's .bash_logout.
Doug.
Reply to: