I am using xscreensaver to lock my screen. When the screen is locked,
any mouse movement brings up the login dialog. After a timeout, login
fails with the message "authentication via PAM timed out"
The problem is that since nobody tried to log in (i.e. nobody typed
password and confirmed with enter), this should not be considered a
login attempt. And therefore should not be logged as such (should not be
loged at all)
I often move the mouse just to make sure my screen is locked. Then, my
auth log is flooded with useless logs which make the other, important
information harder to see.
Is there any way to fix this ?
I am using xscreensaver 5.15-3 installed from a package in Debian
Wheezy. I would be happy to recompile my package, if this problem could
be fixed.
UPDATE:
I have noticed, xscreensaver
is using it's own pam
configuration file: /etc/pam.d/xscreensaver
. Is there perhaps a way to modify the pam file to fix this problem? Perhaps ignoring "login attempts" when the password is empty?
Best Answer
If OP wants offical quote, Jamie Zawinski thinks PAM is the culprit to blame. He also includes a patch in that Debian bug report as well, treating timeout / empty password / pressing [ESC] as login cancellation and will supposedly ignore those attempts. That's likely what you want.
Additional info: the bug is still open right now.