How can I disable the message below when a specific user logs into a Centos machine from console?
Last failed login: Sun Jun 30 22:32:35 EST 2018 from 192.168.142.71 on ssh:notty
There were 3 failed login attempts since the last successful login.
Note: the user is non-root user.
Assuming CentOS 7.
~# cat /etc/pam.d/postlogin
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
session [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet
session [default=1] pam_lastlog.so nowtmp showfailed
session optional pam_lastlog.so silent noupdate showfailed
Here showfailed option is responsible for the message about failed logins.
Note: On my machine authconfig is not installed by default, so I'm not too worried about changes being destroyed.
Simply removing this option will disable the message for all users. AFAIK per-user PAM configuration is kinda silly, this is what I came up with:
# cat /etc/pam.d/postlogin
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
session [success=ignore default=3] pam_succeed_if.so user in that_non_root_user
session [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet
session [default=4] pam_lastlog.so nowtmp
session [default=3] pam_lastlog.so silent noupdate
session [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet
session [default=1] pam_lastlog.so nowtmp showfailed
session optional pam_lastlog.so silent noupdate showfailed
