--- modules/pam_tally/pam_tally.8.xml
+++ modules/pam_tally/pam_tally.8.xml	2009/03/27 10:49:17
@@ -81,7 +81,13 @@
 
     <para>
       This module maintains a count of attempted accesses, can
-      reset count on success, can deny access if too many attempts fail.
+      reset count on success, can deny access if too many attempts
+      fail.
+    </para>
+    <para>
+      pam_tally has several limitations, which are solved with
+      pam_tally2. For this reason pam_tally is deprecated and
+      will be removed in a future release.
     </para>
     <para>
       pam_tally comes in two parts:
--- modules/pam_tally/pam_tally.c
+++ modules/pam_tally/pam_tally.c	2009/03/27 10:52:56
@@ -630,6 +630,8 @@
   const char
     *user;
 
+  pam_syslog (pamh, LOG_INFO, "pam_tally is deprecated and obsoleted by pam_tally2");
+
   rvcheck = tally_parse_args(pamh, opts, PHASE_AUTH, argc, argv);
   if ( rvcheck != PAM_SUCCESS )
       RETURN_ERROR( rvcheck );
@@ -664,6 +666,8 @@
   const char
     *user;
 
+  pam_syslog (pamh, LOG_INFO, "pam_tally is deprecated and obsoleted by pam_tally2");
+
   rv = tally_parse_args(pamh, opts, PHASE_AUTH, argc, argv);
   if ( rv != PAM_SUCCESS )
       RETURN_ERROR( rv );
@@ -709,6 +713,8 @@
   const char
     *user;
 
+  pam_syslog (pamh, LOG_INFO, "pam_tally is deprecated and obsoleted by pam_tally2");
+
   rv = tally_parse_args(pamh, opts, PHASE_ACCOUNT, argc, argv);
   if ( rv != PAM_SUCCESS )
       RETURN_ERROR( rv );
@@ -815,6 +821,8 @@
     exit(0);
   }
 
+  fprintf (stderr, "\npam_tally is deprecated and pam_tally2 should be used instead\n\n");
+
   umask(077);
 
   /*