In the latest iteration of Ubuntu Desktop 22.04LTS, you may find yourself asking, “Where is pam_tally2?” The answer is simple: it’s no longer there. This module has been deprecated and is replaced by pam_faillock. This change was made in the libpam-modules package. In this article, we will delve into what this means and how you can adapt to this change.
In Ubuntu Desktop 22.04LTS, the pam_tally2 module has been deprecated and replaced with pam_faillock. This change was made in the libpam-modules package. To locate and remove instances of pam_tally2, you can use commands like grep or find in the /etc/pam.d folder. For more information on using pam_faillock, refer to the pam_faillock man page.
Understanding pam_tally2 and its Replacement
pam_tally2 was a module that helped administrators in tracking and managing failed login attempts. However, in Ubuntu Desktop 22.04LTS, this module has been replaced with pam_faillock. This new module provides similar functionality for tracking failed login attempts and locking user accounts after a certain number of unsuccessful attempts.
Locating and Removing pam_tally2
To transition from pam_tally2 to pam_faillock, you first need to locate instances of the pam_tally2 module in your system’s configuration files. These files are usually located within the /etc/pam.d folder.
You can use commands like grep or find to search for these instances. For example:
sudo find /etc/ -type f -exec grep -l -i "pam_tally" {} \;This command will search for files (-type f) in the /etc/ directory that contain the string “pam_tally”. The -exec option allows you to execute a command (in this case, grep -l -i "pam_tally") on each file found. The {} placeholder represents the current file being processed, and the \; signifies the end of the -exec command.
After running this command, you’ll get a list of files that reference pam_tally or pam_tally2.
Once you locate the instances, you should remove the lines that reference pam_tally or pam_tally2 and any associated backup files (e.g., .bak files) that you may have created. It’s important to note that simply commenting out the entries may not be enough, so make sure to remove the lines entirely.
Understanding and Using pam_faillock
With pam_tally2 removed, you can now start using pam_faillock. This module provides similar functionality to pam_tally2 and is the recommended replacement in Ubuntu 22.04LTS.
For more information on the pam_faillock module and its usage, you can refer to the pam_faillock man page:
http://manpages.ubuntu.com/manpages/jammy/en/man8/pam_faillock.8.html
Conclusion
The deprecation of pam_tally2 in Ubuntu Desktop 22.04LTS may initially seem daunting, but the transition to pam_faillock is straightforward. By locating and removing instances of pam_tally2 and understanding the usage of pam_faillock, you can ensure your system is up-to-date and secure.
Remember, if you encounter any issues or need further assistance, don’t hesitate to seek help from the Ubuntu community or other online resources.
pam_tally2 is a module that helps administrators track and manage failed login attempts on a system.
pam_tally2 was replaced with pam_faillock in Ubuntu Desktop 22.04LTS to provide similar functionality for tracking failed login attempts and locking user accounts after a certain number of unsuccessful attempts.
You can use commands like grep or find to search for instances of pam_tally2 in your system’s configuration files. For example, you can use the command sudo find /etc/ -type f -exec grep -l -i "pam_tally" {} \; to search for files that contain the string "pam_tally" in the /etc/ directory.
After locating instances of pam_tally2, you should remove the lines that reference pam_tally or pam_tally2 and any associated backup files. It’s important to remove the lines entirely, instead of just commenting them out.
The recommended replacement for pam_tally2 in Ubuntu 22.04LTS is pam_faillock. It provides similar functionality for tracking failed login attempts and locking user accounts.
You can refer to the pam_faillock man page for more information on the module and its usage. The man page can be accessed at http://manpages.ubuntu.com/manpages/jammy/en/man8/pam_faillock.8.html.
