security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2025-06-09 01:42:43 -04:00

History

DMHalford 91a76db66b Prevent erroneous "Login blocked after [negative number] attempts" errors For root, faillock appears to always* return an empty string (i.e. no table headers are present), yielding a zero-initialized pam_faillock_output_count and thus resulting in the calculation of a negative failed_login_counter value. This can cause erroneous errors of the form "ERROR: Login blocked after [negative number] attempts" during sudo-ing and screen unlocking. This commit modifies the initialization of failed_login_counter such that it cannot be negative and prevents the display of these incorrect warnings. * Only rudimentary local tests were conducted	2025-05-15 15:42:50 -04:00
..
security-misc	Prevent erroneous "Login blocked after [negative number] attempts" errors	2025-05-15 15:42:50 -04:00

Prevent erroneous "Login blocked after [negative number] attempts" errors

For root, faillock appears to always* return an empty string (i.e. no table headers are present), yielding a zero-initialized pam_faillock_output_count and thus resulting in the calculation of a negative failed_login_counter value.

This can cause erroneous errors of the form "ERROR: Login blocked after [negative number] attempts" during sudo-ing and screen unlocking.

This commit modifies the initialization of failed_login_counter such that it cannot be negative and prevents the display of these incorrect warnings.

* Only rudimentary local tests were conducted

2025-05-15 15:42:50 -04:00

security-misc

Prevent erroneous "Login blocked after [negative number] attempts" errors

2025-05-15 15:42:50 -04:00