|
33 |
|
33 |
|
34 |
name = 'faillog' |
34 |
name = 'faillog' |
35 |
description = 'The listener module resets the faillog count' |
35 |
description = 'The listener module resets the faillog count' |
36 |
filter = 'objectClass=shadowAccount' |
36 |
filter = '(objectClass=shadowAccount)' |
37 |
attributes = [] |
37 |
attributes = [] |
38 |
|
38 |
|
39 |
__package__ = '' # workaround for PEP 366 |
39 |
__package__ = '' # workaround for PEP 366 |
Lines 55-60
def handler(dn, new, old):
|
Link Here
|
---|
|
55 |
listener.run('/sbin/pam_tally', ['pam_tally', '--user', new['uid'][0], '--reset']) |
55 |
listener.run('/sbin/pam_tally', ['pam_tally', '--user', new['uid'][0], '--reset']) |
56 |
finally: |
56 |
finally: |
57 |
listener.unsetuid() |
57 |
listener.unsetuid() |
|
|
58 |
elif __login_is_locked(new) and not __login_is_locked(old): |
59 |
if listener.configRegistry.is_true('auth/faillog'): |
60 |
# set local bad password count high enouth for this system: |
61 |
try: |
62 |
limit = int(listener.configRegistry.get('auth/faillog/limit', '5')) |
63 |
except TypeError: |
64 |
limit = 5 |
65 |
listener.setuid(0) |
66 |
try: |
67 |
ud.debug(ud.LISTENER, ud.PROCESS, 'Trigger faillog for user %s' % new['uid'][0]) |
68 |
listener.run('/sbin/pam_tally', ['pam_tally', '--user', new['uid'][0], '--reset=%s' % (limit + 1,)]) |
69 |
finally: |
70 |
listener.unsetuid() |
71 |
elif old: |
72 |
# clean up on delete: reset local bad password count |
73 |
listener.setuid(0) |
74 |
try: |
75 |
ud.debug(ud.LISTENER, ud.PROCESS, 'Reset faillog for user %s' % new['uid'][0]) |
76 |
listener.run('/sbin/pam_tally', ['pam_tally', '--user', new['uid'][0], '--reset']) |
77 |
finally: |
78 |
listener.unsetuid() |
58 |
|
79 |
|
59 |
|
80 |
|
60 |
def initialize(): |
81 |
def initialize(): |