View | Details | Raw Unified | Return to bug 52892
Collapse All | Expand All

(-)a/base/univention-pam/faillog.py (-1 / +22 lines)
Lines 33-39 Link Here
33 

          33
          

        

        

          34
          
name = 'faillog'

          34
          
name = 'faillog'

        

        

          35
          
description = 'The listener module resets the faillog count'

          35
          
description = 'The listener module resets the faillog count'

        

          
            

              36
              
filter = 'objectClass=shadowAccount'


              36
              
filter = '(objectClass=shadowAccount)'

            

        

          37
          
attributes = []

          37
          
attributes = []

        

        

          38
          

          38
          

        

        

          39
          
__package__ = ''  # workaround for PEP 366

          39
          
__package__ = ''  # workaround for PEP 366

        

  

    
      
            Lines 55-60
          def handler(dn, new, old):
      
      
        Link Here
      
    
  

        

          55
          
				listener.run('/sbin/pam_tally', ['pam_tally', '--user', new['uid'][0], '--reset'])

          55
          
				listener.run('/sbin/pam_tally', ['pam_tally', '--user', new['uid'][0], '--reset'])

        

        

          56
          
			finally:

          56
          
			finally:

        

        

          57
          
				listener.unsetuid()

          57
          
				listener.unsetuid()

        

            

              
              
              58
              
		elif __login_is_locked(new) and not __login_is_locked(old):

            

            

              59
              
			if listener.configRegistry.is_true('auth/faillog'):

            

            

              60
              
				# set local bad password count high enouth for this system:

            

            

              61
              
				try:

            

            

              62
              
					limit = int(listener.configRegistry.get('auth/faillog/limit', '5'))

            

            

              63
              
				except TypeError:

            

            

              64
              
					limit = 5

            

            

              65
              
				listener.setuid(0)

            

            

              66
              
				try:

            

            

              67
              
					ud.debug(ud.LISTENER, ud.PROCESS, 'Trigger faillog for user %s' % new['uid'][0])

            

            

              68
              
					listener.run('/sbin/pam_tally', ['pam_tally', '--user', new['uid'][0], '--reset=%s' % (limit + 1,)])

            

            

              69
              
				finally:

            

            

              70
              
					listener.unsetuid()

            

            

              71
              
	elif old:

            

            

              72
              
		# clean up on delete: reset local bad password count

            

            

              73
              
		listener.setuid(0)

            

            

              74
              
		try:

            

            

              75
              
			ud.debug(ud.LISTENER, ud.PROCESS, 'Reset faillog for user %s' % new['uid'][0])

            

            

              76
              
			listener.run('/sbin/pam_tally', ['pam_tally', '--user', new['uid'][0], '--reset'])

            

            

              77
              
		finally:

            

            

              78
              
			listener.unsetuid()

            

        

          58
          

          79
          

        

        

          59
          

          80
          

        

        

          60
          
def initialize():

          81
          
def initialize():

        






  

  Return to bug 52892