diff options
Diffstat (limited to 'man/man8/faillog.8')
-rw-r--r-- | man/man8/faillog.8 | 165 |
1 files changed, 165 insertions, 0 deletions
diff --git a/man/man8/faillog.8 b/man/man8/faillog.8 new file mode 100644 index 0000000..dd2285c --- /dev/null +++ b/man/man8/faillog.8 @@ -0,0 +1,165 @@ +'\" t +.\" Title: faillog +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/> +.\" Date: 11/08/2022 +.\" Manual: System Management Commands +.\" Source: shadow-utils 4.13 +.\" Language: English +.\" +.TH "FAILLOG" "8" "11/08/2022" "shadow\-utils 4\&.13" "System Management Commands" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +faillog \- display faillog records or set login failure limits +.SH "SYNOPSIS" +.HP \w'\fBfaillog\fR\ 'u +\fBfaillog\fR [\fIoptions\fR] +.SH "DESCRIPTION" +.PP +\fBfaillog\fR +displays the contents of the failure log database (/var/log/faillog)\&. It can also set the failure counters and limits\&. When +\fBfaillog\fR +is run without arguments, it only displays the faillog records of the users who had a login failure\&. +.SH "OPTIONS" +.PP +The options which apply to the +\fBfaillog\fR +command are: +.PP +\fB\-a\fR, \fB\-\-all\fR +.RS 4 +Display (or act on) faillog records for all users having an entry in the +faillog +database\&. +.sp +The range of users can be restricted with the +\fB\-u\fR +option\&. +.sp +In display mode, this is still restricted to existing users but forces the display of the faillog entries even if they are empty\&. +.sp +With the +\fB\-l\fR, +\fB\-m\fR, +\fB\-r\fR, +\fB\-t\fR +options, the users\*(Aq records are changed, even if the user does not exist on the system\&. This is useful to reset records of users that have been deleted or to set a policy in advance for a range of users\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +Display help message and exit\&. +.RE +.PP +\fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fISEC\fR +.RS 4 +Lock account for +\fISEC\fR +seconds after failed login\&. +.sp +Write access to +/var/log/faillog +is required for this option\&. +.RE +.PP +\fB\-m\fR, \fB\-\-maximum\fR\ \&\fIMAX\fR +.RS 4 +Set the maximum number of login failures after the account is disabled to +\fIMAX\fR\&. +.sp +Selecting a +\fIMAX\fR +value of 0 has the effect of not placing a limit on the number of failed logins\&. +.sp +The maximum failure count should always be 0 for +\fIroot\fR +to prevent a denial of services attack against the system\&. +.sp +Write access to +/var/log/faillog +is required for this option\&. +.RE +.PP +\fB\-r\fR, \fB\-\-reset\fR +.RS 4 +Reset the counters of login failures\&. +.sp +Write access to +/var/log/faillog +is required for this option\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. Only absolute paths are supported\&. +.RE +.PP +\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR +.RS 4 +Display faillog records more recent than +\fIDAYS\fR\&. +.RE +.PP +\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR +.RS 4 +Display faillog record or maintains failure counters and limits (if used with +\fB\-l\fR, +\fB\-m\fR +or +\fB\-r\fR +options) only for the specified user(s)\&. +.sp +The users can be specified by a login name, a numerical user ID, or a +\fIRANGE\fR +of users\&. This +\fIRANGE\fR +of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. +.RE +.PP +When none of the +\fB\-l\fR, +\fB\-m\fR, or +\fB\-r\fR +options are used, +\fBfaillog\fR +displays the faillog record of the specified user(s)\&. +.SH "CAVEATS" +.PP +\fBfaillog\fR +only prints out users with no successful login since the last failure\&. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the +\fB\-u\fR +flag, or print out all users with the +\fB\-a\fR +flag\&. +.SH "FILES" +.PP +/var/log/faillog +.RS 4 +Failure logging file\&. +.RE +.SH "SEE ALSO" +.PP +\fBlogin\fR(1), +\fBfaillog\fR(5)\&. |