LinuxÏÂËøÓû§Óë½âËøÎÊÌâ

LinuxÏÂËøÓû§Óë½âËøÎÊÌâ [Ô­´´ 2010-02-03 21:44:35]   
×ֺţº´ó ÖРС
Ò»£ºµÇ¼ʧ°Ü´Î»Ø³¬¹ýÏÞÖÆ
1£©ËøÓû§µÄÉ趨
/etc/pam.d/Ï°üº¬¸÷ÖÖÈÏÖ¤³ÌÐò»ò·þÎñµÄÅäÖÃÎļþ¡£±à¼­ÕâЩ¿ÉÏÞÖÆÈÏ֤ʧ°Ü´ÎÊý£¬µ±Ê§°Ü´ÎÊý³¬¹ýÖ¸¶¨ÖµÊ±Óû§»á±»Ëøס¡£
ÔÚ´Ë£¬ÒÔrun levelΪ3µÄʱºò£¬¶à´ÎµÇ¼µÇ¼ʧ°Ü¼´ËøÓû§ÎªÀý£º
ÔÚ/etc/pam.d/loginÎļþÖÐ×·¼ÓÈçÏÂÁ½ÐУº
auth required /lib/security/pam_tally.so onerr=fail no_magic_root
account required /lib/security/pam_tally.so deny=3 no_magic_root reset
deny=3 ÉèÖõǼʧ°Ü3´Î¾Í½«Óû§Ëøס£¬¸ÃÖµ¿ÉÈÎÒâÉ趨¡£
ÈçÏÂΪȫÎļûÉ趨Àý£º
auth      required pam_securetty.so
auth      required pam_stack.so service=system-auth
auth      required pam_nologin.so
auth      required pam_tally.so onerr=fail no_magic_root
account   required pam_stack.so service=system-auth
account   required pam_tally.so deny=3 no_magic_root reset
password  required pam_stack.so service=system-auth
session   required pam_stack.so service=system-auth
session   optional pam_console.so
ÕâÑùµ±Óû§ÔÚrun level=3µÄÇé¿öϵǼʱ£¬/var/log/faillog»á×Ô¶¯Éú³É£¬裏Ãæ¼Ç¼Óû§µÇ¼ʧ°Ü´ÎÊýµÈÐÅÏ¢¡£
¿ÉÓÃ"faillog -u Óû§Ãû"ÃüÁîÀ´²é¿´¡£
µ±Óû§µÇ¼³É¹¦Ê±£¬ÒÔÇ°µÄµÇ¼ʧ°ÜÐÅÏ¢»áÖØÖá£
2£©Óû§µÄ½âËø
Óû§Òò¶à´ÎµÇ¼ʧ°Ü¶ø±»ËøµÄÇé¿öÏ£¬¿ÉÓÃfaillogÃüÁîÀ´½âËø¡£¾ßÌåÈçÏ£º
faillog -u ̞ -r
´ËÃüÁîʵÐкó£¬faillogÀï¼Ç¼µÄʧ°ÜÐÅÏ¢¼´±»ÖØÖã¬Óû§ÓÖ¿ÉÓÃÁË¡£
¹Øì¶faillogµÄÆäËûÃüÁî¡£¡£²Î¼ûman failog¡£
¶þ£ºÊÖ¶¯Ëø¶¨Óû§½ûֹʹÓÃ
¿ÉÒÔÓÃusermodÃüÁîÀ´Ëø¶¨Óû§ÃÜÂ룬ʹÃÜÂëÎÞЧ£¬¸ÃÓû§Ãû½«²»ÄÜʹÓá£
È磺 usermod -L Óû§Ãû
½âËøÃüÁusermod -U Óû§Ãû