search

tom-krieger / cis_security_hardening

Define a complete security baseline and monitor the baseline's rules. The definition of the baseline should be done in Hiera. The purpose of the module is to give the ability to setup a complete security baseline which not necessarily have to stick to industry security guides like the CIS benchmarks.
Apache License 2.0
15 stars 10 forks source link

Feature ubuntu 22.04 #60

Closed tom-krieger closed 1 year ago

andrico21 commented 4 months ago

Hi there, it seems "debug" parameter is unsupported for Ubuntu 22.04 pam faillock module: image

cat /etc/os-release
PRETTY_NAME="Ubuntu 22.04.4 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.4 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
...
cat /etc/pam.d/common-auth
auth    required                        pam_faillock.so preauth debug
auth    [success=1 default=ignore]      pam_unix.so nullok
auth    [default=die]                   pam_faillock.so authfail debug
auth    sufficient                      pam_faillock.so authsucc debug
auth    requisite                       pam_deny.so
auth    required                        pam_permit.so