How to make exception in password locking via pam_tally2 for specific user?

linux authentication pam

You can use the pam_succeed_if module in your stack to provide exceptions for some users. Check the pam_succeed_if(8) manpage for in-depth explanation of the syntax. An example would be:

auth [success=1 default=ignore] pam_succeed_if.so gid eq 2000
auth required                   pam_tally2.so deny=5 onerr=fail unlock_time=1200

That means, if the pam_succeed_if test returns successfully, i.e., for all users in the group whose GID is 2000, skip the following test (pam_tally2); if the test returns failure, ignore it and continue.

Several pam_succeed_if tests can be stacked up for fine-grained control.

Related

AOT - Angular 6 - Directive SomeComponent, Expected 0 arguments, but got 1. for self made Component
Reasons not to build your own bug tracking system [closed]
Python socket receive - incoming packets always have a different size
Java: Enumeration from Set<String>
Insert variable values in the middle of a string
Cannot resolve method 'getSupportFragmentManager ( )' inside Fragment
ZSH Agnoster Theme showing machine name
Why some iphone apps won't finish ssl handshake with Charles Proxy?
How to set image to fit width of the page using jsPDF?
Exception handling try catch inside catch
Class '\App\User' not found in Laravel when changing the namespace
How to Compare two Arrays are Equal using Javascript? [duplicate]