Issue
What were you trying to do that didn't work?
pam_faillock does not create tallydir if it has not existed. It appears that the code change does not take effect.
With below line in /etc/security/faillock.conf:
{{dir = /var/log/faillock}}
Below error message is logged in /var/log/secure:
Dec 19 17:54:27 node-0 sshd[75560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.x.y user=root
Dec 19 17:54:27 node-0 sshd[75560]: pam_faillock(sshd:auth): Error opening the tally file for root: No such file or directory
Dec 19 17:54:29 node-0 sshd[75556]: error: PAM: Authentication failure for root from 192.168.x.y
Below command fails:
faillock
faillock: Error reading tally directory: No such file or directory
Please provide the package NVR for which bug is seen:
# rpm -qa | grep pam
pam-1.3.1-25.el8.x86_64
How reproducible:
100%, when "dir" option in set, and tallydir does not exist
Steps to reproduce
Set dir option in /etc/security/faillock.conf with non-existence folder
Observe /var/log/secure for failure authentication
Run "faillock" at command line.
Expected results
tallydir is created automatically
Actual results
tallydir is not created as expected. Error returns.
