When attempting to su to another user, in this case mysql, you receive the message “Account locked due to xx failed logins”
Condition – /etc/pam.d/password-auth has already been configured
Even if you reset the password in Linux by using the following command, you still receive the message.
passwd username
Attempt to switch user to mysql
[user@host ~]$ su mysql Account locked due to 10 failed logins Password: su: incorrect password
Check the counter for the specific user with the following command:
[root@host user]# pam_tally2 --user=mysql Login Failures Latest failure From mysql 17 12/01/15 09:14:42 pts/3
Reset or unlock the user account to enable access again
[root@host user]# pam_tally2 --user=mysql --reset Login Failures Latest failure From mysql 17 12/01/15 09:14:42 pts/3
Verify the counter has been reset for specific user
[root@host user]# pam_tally2 --user=mysql Login Failures Latest failure From mysql 0
Should be able to login as user now with no problem
[user@host ~]$ su - mysql Password: EnterPassword [mysql@host ~]$
The PAM module is part of all Linux distribution. Do ‘man pam_tally2‘ from the command line to learn more about it.