Re: /var/log/faillog

To: debian-user@lists.debian.org
Subject: Re: /var/log/faillog
From: Camaleón <noelamac@gmail.com>
Date: Sat, 1 Sep 2012 16:30:33 +0000 (UTC)
Message-id: <[🔎] k1td79$ko4$13@ger.gmane.org>
References: <[🔎] 878vctj1ng.fsf@yun.yagibdah.de>

On Sat, 01 Sep 2012 15:47:15 +0200, lee wrote:

> how come that failed logins aren't recorded in /var/log/faillog?  

I tend to review "/var/log/auth.log" for success/failed logins.

> The file exists and is from July this year.  When I run "faillog -a", it
> lists entries like:
> 
> 
> lee             0        0   01/01/70 01:00:00 +0100

I get similar results. Maybe is that it needs to be configured first 
somehow :-?

> There have been failed logins, though, and logging them is enabled in
> /etc/login.defs.  Interestingly, I can run "faillog -a" as ordinary user
> and get the same results as when running it as root.  That arises
> privacy concerns.  Is it supposed to be like this?

Yes, it can lead to privacy concerns. You can change the file permissions 
to be more conservative (read-write only by user-group which is set to 
"root") when running over a multi-user system.

Greetings,

-- 
Camaleón

Reply to:

References:
- /var/log/faillog
  - From: lee <lee@yun.yagibdah.de>

Prev by Date: Re: Re: upgrading to wheezy: punctual list of issues
Next by Date: Re: xsesssion-errors
Previous by thread: /var/log/faillog
Next by thread: Re: /var/log/faillog
Index(es):
- Date
- Thread