如何在 Centos 上禁用“上次登錄失敗”消息？

當特定使用者從控制台登錄 Centos 機器時，如何禁用以下消息？

Last failed login: Sun Jun 30 22:32:35 EST 2018 from 192.168.142.71 on ssh:notty
There were 3 failed login attempts since the last successful login.

注意：使用者是非root使用者。

假設 CentOS 7。

~# cat /etc/pam.d/postlogin 
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.

session     [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet
session     [default=1]   pam_lastlog.so nowtmp showfailed
session     optional      pam_lastlog.so silent noupdate showfailed

這裡showfailed選項負責有關登錄失敗的消息。

注意：在我的機器上預設沒有安裝 authconfig，所以我不太擔心更改被破壞。

只需刪除此選項即可禁用所有使用者的消息。AFAIK 每使用者 PAM 配置有點傻，這就是我想出的：

# cat /etc/pam.d/postlogin 
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.

session     [success=ignore default=3] pam_succeed_if.so user in that_non_root_user
session     [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet
session     [default=4]   pam_lastlog.so nowtmp
session     [default=3]   pam_lastlog.so silent noupdate
session     [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet
session     [default=1]   pam_lastlog.so nowtmp showfailed
session     optional      pam_lastlog.so silent noupdate showfailed

引用自：https://unix.stackexchange.com/questions/462046