Hey Andrew----long time.  :)

The site you are looking for is "http://www.linux-pam.org", they have online and offline docs, as well as pointers to their mailing list.

R,
-Joe Wulf


From: Andrew Gilmore <agilmore2@gmail.com>
To: scap-security-guide@lists.fedorahosted.org
Sent: Friday, October 19, 2012 12:23 PM
Subject: Proper forums for these questions?

So in digging through all this, I'm finding a couple of things that either aren't working right or that will require alterations to my current configuration to comply.

Where do I ask the following questions? It seems that this group isn't the place, but my google-fu is coming up short.

auth pam_tally2 ... deny=5 
in /etc/pam.d/system_auth doesn't appear to reset if I successfully enter my password after a failure. Eventually I get locked out and the audit scripts do not appear to allow "unlock="
What is the best practice for application of pam_tally2? 

SRG requires no .forward files. I currently do some data processing on automated emails via procmail configured in .forward in a dedicated user. What is the best practice for configuring such?

Andrew


_______________________________________________
scap-security-guide mailing list
scap-security-guide@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide