#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.

auth required 		pam_env.so
auth sufficient 	pam_unix.so nullok try_first_pass
auth requisite 		pam_succeed_if.so uid >= 500 quiet
auth required 		pam_deny.so

account required 	pam_unix.so
account sufficient 	pam_localuser.so
account sufficient 	pam_succeed_if.so uid < 500 quiet
account required 	pam_permit.so

password requisite 		pam_cracklib.so try_first_pass retry=3 type= dcredit=-2 ucredit=-2 lcredit=-2 ocredit=-2 minlen=8
password sufficient 	pam_unix.so sha512 shadow nullok try_first_pass use_authtok remember=5
password required 		pam_deny.so
password required       pam_pwhistory.so remember=5 use_authtok

session optional 				   pam_keyinit.so revoke
session required 				   pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required 				   pam_unix.so

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth 		required 	pam_env.so
auth 		required 	pam_tally2.so file=/var/log/tallylog deny=3 even_deny_root unlock_time=1800
auth 		sufficient 	pam_unix.so nullok try_first_pass
auth 		requisite	pam_succeed_if.so uid >= 500 quiet
auth 		required 	pam_deny.so

account 	required 	pam_unix.so
account 	required 	pam_tally2.so
account 	sufficient 	pam_localuser.so
account 	sufficient 	pam_succeed_if.so uid < 500 quiet
account 	required 	pam_permit.so

password 	requisite 		pam_cracklib.so try_first_pass retry=3 type=
password 	sufficient 		pam_unix.so use_authtok sha512 shadow remember=5
password 	required 	  	pam_deny.so
password  	required     	pam_pwhistory.so remember=5 use_authtok

session 	optional 		pam_keyinit.so revoke
session 	required 		pam_limits.so
session 	[success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session 	required 		pam_unix.so