[Bug 236891] New: GUI login interface Doesn't log failed logins
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=236891 Summary: GUI login interface Doesn't log failed logins Product: openSUSE 10.2 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: X.Org AssignedTo: sndirsch@novell.com ReportedBy: fm0nk3y@yahoo.co.uk QAContact: sndirsch@novell.com OK on using lastb I found this would successfully log to var/log/btmp, so finally working out that because of X-sessions we had :0 as logged in last. I have found no way or where that failed logins are recorded if initiated via th GUI interface. I presume this is because it is using pam authentication. So having looked in var/log/messages for a record I can not find any, I've tried various words to grep for and looked but to no joy. As admin may find the need to monitor failed login attempts or anyone who's interested in the security of there system is this not a flaw? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=236891 sndirsch@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|sndirsch@novell.com |security-team@suse.de Component|X.Org |Other -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=236891 thomas@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |security-team@suse.de AssignedTo|security-team@suse.de |werner@novell.com ------- Comment #1 from thomas@novell.com 2007-01-22 02:58 MST ------- reassign to maintainer... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=236891 lnussel@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|werner@novell.com |kukuk@novell.com ------- Comment #2 from lnussel@novell.com 2007-01-22 03:13 MST ------- the code for maintaining btmp is only in the login program. Therefore only failed text console logins get recorded. The place where one could implement that in a central way that no application can bypass would be pam_authenticate() itself. Ie after control was dispatched to modules and the final retcode is authentication failure. The pam design does not provide hooks for that place though AFAIK. Good feature request for PAM IMO. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=236891 kukuk@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WONTFIX ------- Comment #3 from kukuk@novell.com 2007-01-22 03:34 MST ------- libpam has audit support, and as far as I know you can use that for this. We will not add btmp support to libpam itself. But with pam_tally you can use the faillog counter, and it should be possible to write in the same/similar way a PAM module for btmp. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com