Inicio Explorar Axuda
Rexistro Iniciar sesión
opn
/
hipy-server
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: c3b88479bb
Ramas Etiquetas
hipy-server
/
hipy-all-docker
/
nginx
/
etc
/
security
/
faillock.conf

faillock.conf 2.2 KB
Histórico Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 
  1. # Configuration for locking the user after multiple failed
    2. 

  2. # authentication attempts.
    3. 

  3. #
    4. 

  4. # The directory where the user files with the failure records are kept.
    5. 

  5. # The default is /var/run/faillock.
    6. 

  6. # dir = /var/run/faillock
    7. 

  7. #
    8. 

  8. # Will log the user name into the system log if the user is not found.
    9. 

  9. # Enabled if option is present.
    10. 

  10. # audit
    11. 

  11. #
    12. 

  12. # Don't print informative messages.
    13. 

  13. # Enabled if option is present.
    14. 

  14. # silent
    15. 

  15. #
    16. 

  16. # Don't log informative messages via syslog.
    17. 

  17. # Enabled if option is present.
    18. 

  18. # no_log_info
    19. 

  19. #
    20. 

  20. # Only track failed user authentications attempts for local users
    21. 

  21. # in /etc/passwd and ignore centralized (AD, IdM, LDAP, etc.) users.
    22. 

  22. # The `faillock` command will also no longer track user failed
    23. 

  23. # authentication attempts. Enabling this option will prevent a
    24. 

  24. # double-lockout scenario where a user is locked out locally and
    25. 

  25. # in the centralized mechanism.
    26. 

  26. # Enabled if option is present.
    27. 

  27. # local_users_only
    28. 

  28. #
    29. 

  29. # Deny access if the number of consecutive authentication failures
    30. 

  30. # for this user during the recent interval exceeds n tries.
    31. 

  31. # The default is 3.
    32. 

  32. # deny = 3
    33. 

  33. #
    34. 

  34. # The length of the interval during which the consecutive
    35. 

  35. # authentication failures must happen for the user account
    36. 

  36. # lock out is <replaceable>n</replaceable> seconds.
    37. 

  37. # The default is 900 (15 minutes).
    38. 

  38. # fail_interval = 900
    39. 

  39. #
    40. 

  40. # The access will be re-enabled after n seconds after the lock out.
    41. 

  41. # The value 0 has the same meaning as value `never` - the access
    42. 

  42. # will not be re-enabled without resetting the faillock
    43. 

  43. # entries by the `faillock` command.
    44. 

  44. # The default is 600 (10 minutes).
    45. 

  45. # unlock_time = 600
    46. 

  46. #
    47. 

  47. # Root account can become locked as well as regular accounts.
    48. 

  48. # Enabled if option is present.
    49. 

  49. # even_deny_root
    50. 

  50. #
    51. 

  51. # This option implies the `even_deny_root` option.
    52. 

  52. # Allow access after n seconds to root account after the
    53. 

  53. # account is locked. In case the option is not specified
    54. 

  54. # the value is the same as of the `unlock_time` option.
    55. 

  55. # root_unlock_time = 900
    56. 

  56. #
    57. 

  57. # If a group name is specified with this option, members
    58. 

  58. # of the group will be handled by this module the same as
    59. 

  59. # the root account (the options `even_deny_root>` and
    60. 

  60. # `root_unlock_time` will apply to them.
    61. 

  61. # By default, the option is not set.
    62. 

  62. # admin_group = <admin_group_name>
    63.