mirror of
https://github.com/Kicksecure/security-misc.git
synced 2024-10-01 08:25:45 -04:00
fix
This commit is contained in:
parent
ad1e722879
commit
421f03ae9e
@ -52,17 +52,18 @@ if [ ! "$grep_result" = "" ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
if [ ! "$console_allowed" = "true" ]; then
|
if [ ! "$console_allowed" = "true" ]; then
|
||||||
echo "$0: ERROR: PAM_USER: '$PAM_USER' is not a member of group 'console'" >&2
|
echo "\
|
||||||
echo "$0: To unlock, run the following command as superuser:" >&2
|
$0: ERROR: PAM_USER: '$PAM_USER' is not a member of group 'console'
|
||||||
echo "$0: (If you still have a sudo/root shell somewhere.)" >&2
|
To unlock, run the following command as superuser:
|
||||||
echo "" >&2
|
(If you still have a sudo/root shell somewhere.)
|
||||||
echo "adduser $PAM_USER console" >&2
|
|
||||||
echo "" >&2
|
adduser $PAM_USER console
|
||||||
echo "$0: However, possibly unlock procedure is required." >&2
|
|
||||||
echo "$0: First boot into recovery mode at grub boot menu and then run above command." >&2
|
However, possibly unlock procedure is required.
|
||||||
echo "$0: See also:" >&2
|
First boot into recovery mode at grub boot menu and then run above command.
|
||||||
echo "https://www.kicksecure.com/wiki/root#console" >&2
|
See also:
|
||||||
echo "" >&2
|
https://www.kicksecure.com/wiki/root#console
|
||||||
|
" >&2
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
@ -76,11 +77,12 @@ fi
|
|||||||
# if [ -f /etc/securetty ]; then
|
# if [ -f /etc/securetty ]; then
|
||||||
# grep_result="$(grep "^[^#]" /etc/securetty)"
|
# grep_result="$(grep "^[^#]" /etc/securetty)"
|
||||||
# if [ "$grep_result" = "" ]; then
|
# if [ "$grep_result" = "" ]; then
|
||||||
# echo "$0: ERROR: Root login is disabled." >&2
|
# echo "\
|
||||||
# echo "$0: ERROR: This is because /etc/securetty is empty." >&2
|
# $0: ERROR: Root login is disabled.
|
||||||
# echo "$0: See also:" >&2
|
# ERROR: This is because /etc/securetty is empty.
|
||||||
# echo "https://www.kicksecure.com/wiki/root#login" >&2
|
# See also:
|
||||||
# echo "" >&2
|
# https://www.kicksecure.com/wiki/root#login
|
||||||
|
# " >&2
|
||||||
# exit 0
|
# exit 0
|
||||||
# fi
|
# fi
|
||||||
# fi
|
# fi
|
||||||
@ -164,37 +166,41 @@ if test -f /etc/security/faillock.conf ; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ "$deny" == *[!0-9]* ]]; then
|
if [[ "$deny" == *[!0-9]* ]]; then
|
||||||
echo "$0: ERROR: deny is not numeric. deny: '$deny'" >&2
|
echo "\
|
||||||
echo "$0: ERROR: Please report this bug." >&2
|
$0: ERROR: deny is not numeric. deny: '$deny'
|
||||||
echo "" >&2
|
ERROR: Please report this bug.
|
||||||
|
" >&2
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
remaining_attempts="$(( $deny - $failed_login_counter ))"
|
remaining_attempts="$(( $deny - $failed_login_counter ))"
|
||||||
|
|
||||||
if [ "$remaining_attempts" -le "0" ]; then
|
if [ "$remaining_attempts" -le "0" ]; then
|
||||||
echo "$0: ERROR: Login blocked after $failed_login_counter attempts." >&2
|
echo "\
|
||||||
echo "$0: To unlock, run the following command as superuser:" >&2
|
$0: ERROR: Login blocked after $failed_login_counter attempts.
|
||||||
echo "$0: (If you still have a sudo/root shell somewhere.)" >&2
|
To unlock, run the following command as superuser:
|
||||||
echo "" >&2
|
(If you still have a sudo/root shell somewhere.)
|
||||||
echo "faillock --reset --user $PAM_USER" >&2
|
|
||||||
echo "" >&2
|
faillock --reset --user $PAM_USER
|
||||||
echo "$0: However, most likely unlock procedure is required." >&2
|
|
||||||
echo "$0: First boot into recovery mode at grub boot menu and then run above command." >&2
|
However, most likely unlock procedure is required.
|
||||||
echo "$0: See also:" >&2
|
First boot into recovery mode at grub boot menu and then run above command.
|
||||||
echo "https://www.kicksecure.com/wiki/root#unlock" >&2
|
See also:
|
||||||
echo "" >&2
|
https://www.kicksecure.com/wiki/root#unlock
|
||||||
|
" >&2
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "$0: WARNING: $failed_login_counter failed login attempts for user_name '$user_name'." >&2
|
echo "\
|
||||||
echo "$0: Login will be blocked after $deny attempts." >&2
|
$0: WARNING: $failed_login_counter failed login attempts for user_name '$user_name'.
|
||||||
echo "$0: You have $remaining_attempts more attempts before unlock procedure is required." >&2
|
Login will be blocked after $deny attempts.
|
||||||
echo "" >&2
|
You have $remaining_attempts more attempts before unlock procedure is required.
|
||||||
|
" >&2
|
||||||
|
|
||||||
if [ "$PAM_SERVICE" = "su" ]; then
|
if [ "$PAM_SERVICE" = "su" ]; then
|
||||||
echo "$0: NOTE: Type the password. When entering the password, no password feedback (no asterisk (\"*\") symbol) will be shown." >&2
|
echo "\
|
||||||
echo "" >&2
|
$0: NOTE: Type the password. When entering the password, no password feedback (no asterisk (\"*\") symbol) will be shown.
|
||||||
|
" >&2
|
||||||
fi
|
fi
|
||||||
|
|
||||||
true "$0: END"
|
true "$0: END"
|
||||||
|
Loading…
Reference in New Issue
Block a user