skip counting failed login attempts from dovecot

Failed dovecot logins should not result in account getting locked. revert "use pam_tally2 only for login"
2025-07-14 18:00:54 +07:00 · 2021-01-27 05:49:34 -05:00
parent 480f74cab6
commit 9622f28e25
2 changed files with 39 additions and 1 deletions
--- a/usr/share/pam-configs/tally2-security-misc
+++ b/usr/share/pam-configs/tally2-security-misc
@ -4,7 +4,7 @@ Priority: 290
 Auth-Type: Primary
 Auth:
 	optional	pam_exec.so	debug stdout seteuid /usr/lib/security-misc/pam_tally2-info
-	[success=1 default=ignore]	pam_exec.so	seteuid quiet /usr/lib/security-misc/pam_only_if_login
+	[success=1 default=ignore]	pam_exec.so	seteuid quiet /usr/lib/security-misc/pam_tally2_not_if_x
 	requisite	pam_tally2.so even_deny_root deny=50 onerr=fail audit debug
 Account-Type: Primary
 Account: