/etc/pam.d/passwd for RHEL 7 or is there a way to include a custom file path ?

[linuxdan]

DISA STIG for RHEL 7 calls for a non-default line in /etc/pam.d/passwd

RHEL-07-010119

https://www.stigviewer.com/stig/red_hat_enterprise_linux_7/2017-12-14/finding/V-73159

[ghoneycutt]

Thanks @linuxdan

You can specify the values you want for that file using parameters. Checkout https://github.com/ghoneycutt/puppet-module-pam#pam_password_lines

[linuxdan]

Are you sure ? Looking thru the code, $pam_password_lines is loaded into $my_pam_password_lines which is used in template('pam/pam.conf.erb'), which is neither referenced for RHEL 7 nor does it point to a file path of /etc/pam.d/passwd