'\" t .\" Title: faillog .\" Author: Julianne Frances Haugh .\" Generator: DocBook XSL Stylesheets v1.79.1 .\" Date: 07/27/2018 .\" Manual: System Management Commands .\" Source: shadow-utils 4.5 .\" Language: English .\" .TH "FAILLOG" "8" "07/27/2018" "shadow\-utils 4\&.5" "System Management Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .\" http://bugs.debian.org/507673 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" faillog \- display faillog records or set login failure limits .SH "SYNOPSIS" .HP \w'\fBfaillog\fR\ 'u \fBfaillog\fR [\fIoptions\fR] .SH "DESCRIPTION" .PP \fBfaillog\fR displays the contents of the failure log database (/var/log/faillog)\&. It can also set the failure counters and limits\&. When \fBfaillog\fR is run without arguments, it only displays the faillog records of the users who had a login failure\&. .SH "OPTIONS" .PP The options which apply to the \fBfaillog\fR command are: .PP \fB\-a\fR, \fB\-\-all\fR .RS 4 Display (or act on) faillog records for all users having an entry in the faillog database\&. .sp The range of users can be restricted with the \fB\-u\fR option\&. .sp In display mode, this is still restricted to existing users but forces the display of the faillog entries even if they are empty\&. .sp With the \fB\-l\fR, \fB\-m\fR, \fB\-r\fR, \fB\-t\fR options, the users\*(Aq records are changed, even if the user does not exist on the system\&. This is useful to reset records of users that have been deleted or to set a policy in advance for a range of users\&. .RE .PP \fB\-h\fR, \fB\-\-help\fR .RS 4 Display help message and exit\&. .RE .PP \fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fISEC\fR .RS 4 Lock account for \fISEC\fR seconds after failed login\&. .sp Write access to /var/log/faillog is required for this option\&. .RE .PP \fB\-m\fR, \fB\-\-maximum\fR\ \&\fIMAX\fR .RS 4 Set the maximum number of login failures after the account is disabled to \fIMAX\fR\&. .sp Selecting a \fIMAX\fR value of 0 has the effect of not placing a limit on the number of failed logins\&. .sp The maximum failure count should always be 0 for \fIroot\fR to prevent a denial of services attack against the system\&. .sp Write access to /var/log/faillog is required for this option\&. .RE .PP \fB\-r\fR, \fB\-\-reset\fR .RS 4 Reset the counters of login failures\&. .sp Write access to /var/log/faillog is required for this option\&. .RE .PP \fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR .RS 4 Apply changes in the \fICHROOT_DIR\fR directory and use the configuration files from the \fICHROOT_DIR\fR directory\&. .RE .PP \fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR .RS 4 Display faillog records more recent than \fIDAYS\fR\&. .RE .PP \fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR .RS 4 Display faillog record or maintains failure counters and limits (if used with \fB\-l\fR, \fB\-m\fR or \fB\-r\fR options) only for the specified user(s)\&. .sp The users can be specified by a login name, a numerical user ID, or a \fIRANGE\fR of users\&. This \fIRANGE\fR of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. .RE .PP When none of the \fB\-l\fR, \fB\-m\fR, or \fB\-r\fR options are used, \fBfaillog\fR displays the faillog record of the specified user(s)\&. .SH "CAVEATS" .PP \fBfaillog\fR only prints out users with no successful login since the last failure\&. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the \fB\-u\fR flag, or print out all users with the \fB\-a\fR flag\&. .SH "FILES" .PP /var/log/faillog .RS 4 Failure logging file\&. .RE .SH "SEE ALSO" .PP \fBlogin\fR(1), \fBfaillog\fR(5)\&.