from small one page howto to huge articles all in one place

Other .linuxhowtos.org sites:toolsntoys.linuxhowtos.org
gentoo.linuxhowtos.org

poll results

Last additions:

words:

887

views:

195651

userrating:

average rating: 1.7 (102 votes) (1=very good 6=terrible)

May 25th. 2007:

Words

486

Views

252057

why adblockers are bad

Workaround and fixes for the current Core Dump Handling vulnerability affected kernels

words:

161

views:

140921

userrating:

average rating: 1.4 (42 votes) (1=very good 6=terrible)

April, 26th. 2006:

Words

Views

100785

New subdomain: toolsntoys.linuxhowtos.org

You are here: manpages

FAILLOG

Section: System Management Commands (8)
Updated: 05/17/2017
Index Return to Main Contents

NAME

faillog - display faillog records or set login failure limits

SYNOPSIS

faillog [options]

DESCRIPTION

faillog

displays the contents of the failure log database (/var/log/faillog). It can also set the failure counters and limits. When faillog is run without arguments, it only displays the faillog records of the users who had a login failure.

OPTIONS

The options which apply to the faillog command are:

-a, --all

Display (or act on) faillog records for all users having an entry in the faillog database.

The range of users can be restricted with the -u option.

In display mode, this is still restricted to existing users but forces the display of the faillog entries even if they are empty.

With the -l, -m, -r, -t options, the users' records are changed, even if the user does not exist on the system. This is useful to reset records of users that have been deleted or to set a policy in advance for a range of users.

-h, --help

: Display help message and exit.

-l, --lock-secs SEC

: Lock account for SEC seconds after failed login.
Write access to /var/log/faillog is required for this option.

-m, --maximum MAX

Set the maximum number of login failures after the account is disabled to MAX.

Selecting a MAX value of 0 has the effect of not placing a limit on the number of failed logins.

The maximum failure count should always be 0 for root to prevent a denial of services attack against the system.

Write access to /var/log/faillog is required for this option.

-r, --reset

: Reset the counters of login failures.
Write access to /var/log/faillog is required for this option.

-R, --root CHROOT_DIR

: Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.

-t, --time DAYS

: Display faillog records more recent than DAYS.

-u, --user LOGIN|RANGE

: Display faillog record or maintains failure counters and limits (if used with -l, -m or -r options) only for the specified user(s).
The users can be specified by a login name, a numerical user ID, or a RANGE of users. This RANGE of users can be specified with a min and max values (UID_MIN-UID_MAX), a max value (-UID_MAX), or a min value (UID_MIN-).

When none of the -l, -m, or -r options are used, faillog displays the faillog record of the specified user(s).

CAVEATS

faillog only prints out users with no successful login since the last failure. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the -u flag, or print out all users with the -a flag.

FILES

/var/log/faillog

: Failure logging file.

www.LinuxHowtos.org howtos, tips&tricks and tutorials for linux