What were you trying to do that didn't work?

pam_faillock does not create tallydir if it has not existed. It appears that the code change does not take effect.

With below line in /etc/security/faillock.conf:

{{dir = /var/log/faillock}}

Below error message is logged in /var/log/secure:

Dec 19 17:54:27 node-0 sshd[75560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.x.y  user=root
Dec 19 17:54:27 node-0 sshd[75560]: pam_faillock(sshd:auth): Error opening the tally file for root: No such file or directory
Dec 19 17:54:29 node-0 sshd[75556]: error: PAM: Authentication failure for root from 192.168.x.y

Below command fails:

1. faillock

faillock: Error reading tally directory: No such file or directory

Please provide the package NVR for which bug is seen:

# rpm -qa | grep pam
pam-1.3.1-25.el8.x86_64

How reproducible:

100%, when "dir" option in set, and tallydir does not exist

Steps to reproduce

1. Set dir option in /etc/security/faillock.conf with non-existence folder
2. Observe /var/log/secure for failure authentication
3. Run "faillock" at command line.

Expected results

tallydir is created automatically

Actual results

tallydir is not created as expected. Error returns.