mirror of
https://github.com/basecamp/omarchy.git
synced 2026-02-17 15:25:37 +00:00
17 lines
791 B
Bash
17 lines
791 B
Bash
OMARCHY_DESCRIPTION="Lockout Limit"
|
|
|
|
omarchy_install() {
|
|
# Increase lockout limit to 10 and decrease timeout to 2 minutes
|
|
sudo sed -i 's|^\(auth\s\+required\s\+pam_faillock.so\)\s\+preauth.*$|\1 preauth silent deny=10 unlock_time=120|' "/etc/pam.d/system-auth"
|
|
sudo sed -i 's|^\(auth\s\+\[default=die\]\s\+pam_faillock.so\)\s\+authfail.*$|\1 authfail deny=10 unlock_time=120|' "/etc/pam.d/system-auth"
|
|
}
|
|
|
|
omarchy_verify() {
|
|
[[ -f /etc/pam.d/system-auth ]] || add_error "PAM system-auth file missing"
|
|
|
|
if [[ -f /etc/pam.d/system-auth ]]; then
|
|
grep -q "pam_faillock.so.*deny=10" /etc/pam.d/system-auth || add_error "Faillock deny limit not set to 10"
|
|
grep -q "pam_faillock.so.*unlock_time=120" /etc/pam.d/system-auth || add_error "Faillock unlock time not set to 120"
|
|
fi
|
|
}
|