diff --git a/gdm-2.16.0-wtmp.patch b/gdm-2.16.0-wtmp.patch
new file mode 100644
index 0000000..892b110
--- /dev/null
+++ b/gdm-2.16.0-wtmp.patch
@@ -0,0 +1,268 @@
+--- gdm-2.16.0/config/PostSession.in.wtmp	2006-10-15 20:09:47.000000000 -0400
++++ gdm-2.16.0/config/PostSession.in	2006-10-15 20:10:00.000000000 -0400
+@@ -19,8 +19,4 @@ gdmwhich () {
+   echo "$OUTPUT"
+ }
+ 
+-SESSREG=`gdmwhich sessreg`
+-if [ "x$SESSREG" != "x" ] ; then
+-	"$SESSREG" -d -w /var/log/wtmp -u /var/run/utmp -x "$X_SERVERS" -h "$REMOTE_HOST" -l "$DISPLAY" "$USER"
+-fi
+ exit 0
+--- gdm-2.16.0/config/PreSession.in.wtmp	2006-04-26 21:06:05.000000000 -0400
++++ gdm-2.16.0/config/PreSession.in	2006-10-15 20:05:45.000000000 -0400
+@@ -68,17 +68,4 @@ if [ "x$XSETROOT" != "x" ] ; then
+ 	"$XSETROOT" -cursor_name left_ptr -solid "$BACKCOLOR"
+ fi
+ 
+-
+-SESSREG=`gdmwhich sessreg`
+-if [ "x$SESSREG" != "x" ] ; then
+-	# some output for easy debugging
+-	echo "$0: Registering your session with wtmp and utmp"
+-	echo "$0: running: $SESSREG -a -w /var/log/wtmp -u /var/run/utmp -x \"$X_SERVERS\" -h \"$REMOTE_HOST\" -l \"$DISPLAY\" \"$USER\""
+-
+-	exec "$SESSREG" -a -w /var/log/wtmp -u /var/run/utmp -x "$X_SERVERS" -h "$REMOTE_HOST" -l "$DISPLAY" "$USER"
+-	# this is not reached
+-fi
+-
+-# some output for easy debugging
+-echo "$0: could not find the sessreg utility, cannot update wtmp and utmp"
+ exit 0
+--- gdm-2.16.0/daemon/slave.c.wtmp	2006-10-15 20:05:45.000000000 -0400
++++ gdm-2.16.0/daemon/slave.c	2006-10-15 20:05:45.000000000 -0400
+@@ -4315,6 +4315,14 @@ gdm_slave_session_start (void)
+     g_free (language);
+     g_free (gnome_session);
+ 
++    gdm_verify_write_record (d,
++			     GDM_VERIFY_RECORD_TYPE_LOGIN,
++			     pwent->pw_name,
++			     d->name, 
++			     !d->attached? d->hostname : NULL,
++			     pid);
++
++
+     gdm_slave_send_num (GDM_SOP_SESSPID, pid);
+ 
+     gdm_sigchld_block_push ();
+@@ -4363,6 +4371,17 @@ gdm_slave_session_start (void)
+ 				uid, gid);
+     }
+ 
++    if ((pid != 0) && (d->last_sess_status != -1)) {
++	    gdm_debug ("session '%d' exited with status '%d', recording logout",
++		       pid, d->last_sess_status);
++	    gdm_verify_write_record (d,
++				     GDM_VERIFY_RECORD_TYPE_LOGOUT,
++				     pwent->pw_name,
++				     d->name, 
++				     !d->attached? d->hostname : NULL,
++				     pid);
++    }
++
+     gdm_slave_session_stop (pid != 0 /* run_post_session */,
+ 			    FALSE /* no_shutdown_check */);
+ 
+@@ -4721,7 +4740,7 @@ gdm_slave_child_handler (int sig)
+ 		}
+ 	} else if (pid != 0 && pid == d->sesspid) {
+ 		d->sesspid = 0;
+-		if (WIFEXITED (status))
++		if (WIFEXITED (status)) 
+ 			d->last_sess_status = WEXITSTATUS (status);
+ 		else
+ 			d->last_sess_status = -1;
+--- gdm-2.16.0/daemon/verify.h.wtmp	2005-11-03 19:51:21.000000000 -0500
++++ gdm-2.16.0/daemon/verify.h	2006-10-15 20:05:45.000000000 -0400
+@@ -21,6 +21,12 @@
+ 
+ #include "gdm.h"
+ 
++typedef enum {
++	GDM_VERIFY_RECORD_TYPE_LOGIN,
++	GDM_VERIFY_RECORD_TYPE_LOGOUT,
++	GDM_VERIFY_RECORD_TYPE_FAILED_ATTEMPT
++} GdmVerifyRecordType;
++
+ /* If username is NULL, we ask, if local is FALSE, don't start
+  * the timed login timer */
+ gchar *gdm_verify_user    (GdmDisplay *d,
+@@ -30,6 +36,13 @@ gchar *gdm_verify_user    (GdmDisplay *d
+ void   gdm_verify_cleanup (GdmDisplay *d);
+ void   gdm_verify_check   (void);
+ void   gdm_verify_select_user (const char *user);
++void   gdm_verify_write_record (GdmDisplay *d,
++				GdmVerifyRecordType record_type,
++				const gchar *username,
++				const gchar *console_name,
++				const gchar *host_name,
++				GPid  pid);
++
+ /* used in pam */
+ gboolean gdm_verify_setup_env (GdmDisplay *d);
+ gboolean gdm_verify_setup_user (GdmDisplay *d,
+--- gdm-2.16.0/daemon/verify-pam.c.wtmp	2006-10-15 20:05:45.000000000 -0400
++++ gdm-2.16.0/daemon/verify-pam.c	2006-10-15 20:08:48.000000000 -0400
+@@ -29,6 +29,7 @@
+ #ifdef sun
+ #include <fcntl.h>
+ #endif
++#include <utmp.h>
+ 
+ #include <glib/gi18n.h>
+ 
+@@ -55,6 +56,14 @@
+ #define log_to_audit_system(l,h,d,s)	do { ; } while (0)
+ #endif
+ 
++#ifndef GDM_BAD_RECORDS_FILE
++#define GDM_BAD_RECORDS_FILE "/var/log/btmp"
++#endif
++
++#ifndef GDM_NEW_RECORDS_FILE
++#define GDM_NEW_RECORDS_FILE "/var/log/wtmp"
++#endif
++
+ /* Evil, but this way these things are passed to the child session */
+ static pam_handle_t *pamh = NULL;
+ 
+@@ -417,6 +426,125 @@ gdm_verify_select_user (const char *user
+ 		selected_user = g_strdup (user);
+ }
+ 
++void   
++gdm_verify_write_record (GdmDisplay *d,
++			 GdmVerifyRecordType record_type,
++			 const gchar *username,
++			 const gchar *console_name,
++			 const gchar *host_name,
++			 GPid  pid)
++{
++    struct utmp record = { 0 };
++    GTimeVal now = { 0 };
++    gchar *host;
++
++    gdm_debug ("writing %s record",
++	       record_type == GDM_VERIFY_RECORD_TYPE_LOGIN? "session" :
++	       record_type == GDM_VERIFY_RECORD_TYPE_LOGOUT?  "logout" :
++	       "failed session attempt");
++
++    if (record_type != GDM_VERIFY_RECORD_TYPE_LOGOUT)
++    {
++	    /* it's possible that PAM failed before
++	     * it mapped the user input into a valid username
++	     * so we fallback to try using "(unknown)"
++	     */
++	    if (username != NULL)
++		    strncpy (record.ut_user,
++			     username, 
++			     sizeof (record.ut_user));
++	    else
++		    strncpy (record.ut_user,
++			     "(unknown)",
++			     sizeof (record.ut_user));
++    }
++
++    gdm_debug ("using username %.*s",
++	       sizeof (record.ut_user),
++	       record.ut_user);
++
++    strncpy (record.ut_id, 
++	     console_name + 
++	     strlen (console_name) - 
++	     sizeof (record.ut_id),
++	     sizeof (record.ut_id));
++
++    gdm_debug ("using id %.*s",
++	       sizeof (record.ut_id),
++	       record.ut_id);
++
++    if (g_str_has_prefix (console_name, "/dev/")) {
++	    strncpy (record.ut_line, 
++		     console_name + strlen ("/dev/"),
++		     sizeof (record.ut_line));
++    } else if (g_str_has_prefix (console_name, ":")) {
++	    strncpy (record.ut_line, 
++		     console_name,
++		     sizeof (record.ut_line));
++    }
++
++    gdm_debug ("using line %.*s",
++	       sizeof (record.ut_line),
++	       record.ut_line);
++
++    host = NULL;
++    if ((host_name != NULL) &&
++	g_str_has_prefix (console_name, ":"))
++	    host = g_strdup_printf ("%s%s",
++				    host_name,
++				    console_name);
++    else if ((host_name != NULL) && 
++	     !strstr (console_name, ":"))
++	    host = g_strdup (host_name);
++    else if (!g_str_has_prefix (console_name, ":") &&
++	     strstr (console_name, ":"))
++	    host = g_strdup (console_name);
++
++    if (host)
++    {
++	    strncpy (record.ut_host, host, sizeof (record.ut_host));
++	    g_free (host);
++	    gdm_debug ("using hostname %.*s",
++		       sizeof (record.ut_host),
++		       record.ut_host);
++    }
++
++    g_get_current_time (&now);
++    record.ut_tv.tv_sec = now.tv_sec;
++    record.ut_tv.tv_usec = now.tv_usec;
++
++    gdm_debug ("using time %ld", (glong) record.ut_tv.tv_sec);
++
++    record.ut_type = USER_PROCESS; 
++    gdm_debug ("using type USER_PROCESS"); 
++
++    record.ut_pid = pid;
++
++    gdm_debug ("using pid %d", (gint) record.ut_pid);
++
++    switch (record_type)
++    {
++	    case GDM_VERIFY_RECORD_TYPE_LOGIN:
++		    gdm_debug ("writing session record to " 
++			       GDM_NEW_RECORDS_FILE);
++		    updwtmp (GDM_NEW_RECORDS_FILE, &record);
++		    break;
++
++	    case GDM_VERIFY_RECORD_TYPE_LOGOUT: 
++		    gdm_debug ("writing logout record to " 
++			       GDM_NEW_RECORDS_FILE);
++		    updwtmp (GDM_NEW_RECORDS_FILE, &record);
++		    break;
++
++	    case GDM_VERIFY_RECORD_TYPE_FAILED_ATTEMPT:
++		    gdm_debug ("writing failed session attempt record to " 
++			       GDM_BAD_RECORDS_FILE);
++		    updwtmp (GDM_BAD_RECORDS_FILE, &record);
++		    break;
++    }
++
++}
++
+ static const char *
+ perhaps_translate_message (const char *msg)
+ {
+@@ -1173,6 +1301,12 @@ authenticate_again:
+      * message from the PAM subsystem */
+     if ( ! error_msg_given &&
+ 	gdm_slave_action_pending ()) {
++
++	    gdm_verify_write_record (d, GDM_VERIFY_RECORD_TYPE_FAILED_ATTEMPT,
++				     login == NULL? tmp_PAM_USER : login, display, 
++				     d->attached? NULL : d->hostname,
++				     getpid ());
++
+ 	    /* I'm not sure yet if I should display this message for any other issues - heeten */
+ 	    if (pamerr == PAM_AUTH_ERR ||
+ 		pamerr == PAM_USER_UNKNOWN) {
diff --git a/gdm.spec b/gdm.spec
index 7f96ad2..f429bff 100644
--- a/gdm.spec
+++ b/gdm.spec
@@ -16,7 +16,7 @@
 Summary: The GNOME Display Manager.
 Name: gdm
 Version: 2.16.0
-Release: 15%{?dist}
+Release: 16%{?dist}
 Epoch: 1
 License: LGPL/GPL
 Group: User Interface/X
@@ -44,7 +44,7 @@ Patch20: gdm-2.15.5-reset-pam.patch
 Patch21: gdm-2.16.0-security-tokens.patch
 
 # http://bugzilla.gnome.org/show_bug.cgi?id=347871
-Patch24: gdm-2.15.6-wtmp.patch
+Patch24: gdm-2.16.0-wtmp.patch
 
 # https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=203917
 Patch25: gdm-2.16.0-indic-langs.patch
@@ -315,6 +315,9 @@ fi
 %attr(1770, root, gdm) %dir %{_localstatedir}/gdm
 
 %changelog
+* Sun Oct 15 2006 Ray Strode <rstrode@redhat.com> - 1:2.16.0-16.fc7
+- don't log canceled pam conversations as failed login attempts
+
 * Sun Oct 15 2006 Ray Strode <rstrode@redhat.com> - 1:2.16.0-15.fc7
 - Prefer modules in secmod db over hardcoded coolkey path