From a686f2401cb846c1686a2d6324df3de1c76eb632 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Tue, 29 Nov 2016 18:10:27 +0000
Subject: [PATCH] Limit number of login attempts

---
 src/freedombone-utils-setup | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/freedombone-utils-setup b/src/freedombone-utils-setup
index 50137f2d..d04ff765 100755
--- a/src/freedombone-utils-setup
+++ b/src/freedombone-utils-setup
@@ -381,10 +381,16 @@ function set_max_login_tries {
     max_tries=$1
 
     if ! grep ' deny=' /etc/pam.d/common-auth; then
-        sed -i "/pam_deny.so/a auth    required    pam_tally2.so    onerr=fail unlock_time=1800 deny=$max_tries" /etc/pam.d/common-auth
+        sed -i "/pam_deny.so/a auth    required\t\t\tpam_tally.so    onerr=fail no_lock_time per_user deny=$max_tries" /etc/pam.d/common-auth
     else
         sed -i "s| deny=.*| deny=$max_tries|g" /etc/pam.d/common-auth
     fi
+
+    if ! grep ' deny=' /etc/pam.d/common-account; then
+        sed -i '/pam_deny.so/a account required\t\t\tpam_tally.so' /etc/pam.d/common-account
+    else
+        sed -i "s| deny=.*| deny=$max_tries|g" /etc/pam.d/common-account
+    fi
 }
 
 function setup_firewall {