summaryrefslogtreecommitdiffstats
path: root/man/man8/faillog.8
diff options
context:
space:
mode:
Diffstat (limited to 'man/man8/faillog.8')
-rw-r--r--man/man8/faillog.8165
1 files changed, 165 insertions, 0 deletions
diff --git a/man/man8/faillog.8 b/man/man8/faillog.8
new file mode 100644
index 0000000..dd2285c
--- /dev/null
+++ b/man/man8/faillog.8
@@ -0,0 +1,165 @@
+'\" t
+.\" Title: faillog
+.\" Author: Julianne Frances Haugh
+.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/>
+.\" Date: 11/08/2022
+.\" Manual: System Management Commands
+.\" Source: shadow-utils 4.13
+.\" Language: English
+.\"
+.TH "FAILLOG" "8" "11/08/2022" "shadow\-utils 4\&.13" "System Management Commands"
+.\" -----------------------------------------------------------------
+.\" * Define some portability stuff
+.\" -----------------------------------------------------------------
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" http://bugs.debian.org/507673
+.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\" -----------------------------------------------------------------
+.\" * set default formatting
+.\" -----------------------------------------------------------------
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.\" -----------------------------------------------------------------
+.\" * MAIN CONTENT STARTS HERE *
+.\" -----------------------------------------------------------------
+.SH "NAME"
+faillog \- display faillog records or set login failure limits
+.SH "SYNOPSIS"
+.HP \w'\fBfaillog\fR\ 'u
+\fBfaillog\fR [\fIoptions\fR]
+.SH "DESCRIPTION"
+.PP
+\fBfaillog\fR
+displays the contents of the failure log database (/var/log/faillog)\&. It can also set the failure counters and limits\&. When
+\fBfaillog\fR
+is run without arguments, it only displays the faillog records of the users who had a login failure\&.
+.SH "OPTIONS"
+.PP
+The options which apply to the
+\fBfaillog\fR
+command are:
+.PP
+\fB\-a\fR, \fB\-\-all\fR
+.RS 4
+Display (or act on) faillog records for all users having an entry in the
+faillog
+database\&.
+.sp
+The range of users can be restricted with the
+\fB\-u\fR
+option\&.
+.sp
+In display mode, this is still restricted to existing users but forces the display of the faillog entries even if they are empty\&.
+.sp
+With the
+\fB\-l\fR,
+\fB\-m\fR,
+\fB\-r\fR,
+\fB\-t\fR
+options, the users\*(Aq records are changed, even if the user does not exist on the system\&. This is useful to reset records of users that have been deleted or to set a policy in advance for a range of users\&.
+.RE
+.PP
+\fB\-h\fR, \fB\-\-help\fR
+.RS 4
+Display help message and exit\&.
+.RE
+.PP
+\fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fISEC\fR
+.RS 4
+Lock account for
+\fISEC\fR
+seconds after failed login\&.
+.sp
+Write access to
+/var/log/faillog
+is required for this option\&.
+.RE
+.PP
+\fB\-m\fR, \fB\-\-maximum\fR\ \&\fIMAX\fR
+.RS 4
+Set the maximum number of login failures after the account is disabled to
+\fIMAX\fR\&.
+.sp
+Selecting a
+\fIMAX\fR
+value of 0 has the effect of not placing a limit on the number of failed logins\&.
+.sp
+The maximum failure count should always be 0 for
+\fIroot\fR
+to prevent a denial of services attack against the system\&.
+.sp
+Write access to
+/var/log/faillog
+is required for this option\&.
+.RE
+.PP
+\fB\-r\fR, \fB\-\-reset\fR
+.RS 4
+Reset the counters of login failures\&.
+.sp
+Write access to
+/var/log/faillog
+is required for this option\&.
+.RE
+.PP
+\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR
+.RS 4
+Apply changes in the
+\fICHROOT_DIR\fR
+directory and use the configuration files from the
+\fICHROOT_DIR\fR
+directory\&. Only absolute paths are supported\&.
+.RE
+.PP
+\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR
+.RS 4
+Display faillog records more recent than
+\fIDAYS\fR\&.
+.RE
+.PP
+\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR
+.RS 4
+Display faillog record or maintains failure counters and limits (if used with
+\fB\-l\fR,
+\fB\-m\fR
+or
+\fB\-r\fR
+options) only for the specified user(s)\&.
+.sp
+The users can be specified by a login name, a numerical user ID, or a
+\fIRANGE\fR
+of users\&. This
+\fIRANGE\fR
+of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&.
+.RE
+.PP
+When none of the
+\fB\-l\fR,
+\fB\-m\fR, or
+\fB\-r\fR
+options are used,
+\fBfaillog\fR
+displays the faillog record of the specified user(s)\&.
+.SH "CAVEATS"
+.PP
+\fBfaillog\fR
+only prints out users with no successful login since the last failure\&. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the
+\fB\-u\fR
+flag, or print out all users with the
+\fB\-a\fR
+flag\&.
+.SH "FILES"
+.PP
+/var/log/faillog
+.RS 4
+Failure logging file\&.
+.RE
+.SH "SEE ALSO"
+.PP
+\fBlogin\fR(1),
+\fBfaillog\fR(5)\&.