PAM replacements for login.defs?

mwoodiupui · Posted: Mon May 17, 2021 5:58 pm Post subject: PAM replacements for login.defs?

/etc/login.defs is littered with notes: "NOTE: This setting should be configured via /etc/pam.d/ and not in this file."

Uh, okay, how?

The specific issue that brought me here is failure to find any alternative to setting

eccerr0r · Posted: Wed May 19, 2021 11:53 pm Post subject:

Have a feeling some of the notes may be false...

Did you try enabling and it still doesn't work? Might have to make sure there's an empty file there before it starts logging...

Which specific program do you want logging?
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching?

mwoodiupui · Posted: Thu May 20, 2021 7:28 pm Post subject:

I enabled FTMP_FILE, and it is logging to btmp all of the kiddies who are constantly trying to break in via SSH. But that note makes me think that some maintainer is working to disable it altogether in favor of PAM, so why not just do what the maintainer wants me to do, as long as I get the log?

eccerr0r · Posted: Thu May 20, 2021 7:44 pm Post subject:

Seems pam isn't the only btmp user, so that's why there's some concern - depends on the actual and individual programs to maintain btmp.
Since sshd does not go through login, login.defs doesn't quite make sense here either.

Looks like pam_lastlog deals with btmp, but can't seem to find much configuration, it will use it directly - I didn't need to configure it, it started writing to btmp after I created it (and made sure the mode is correct.) The btmp file seems to be a compile time option as well...
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching?