I need to add 4 lines of syntax into /etc/pam.d/{password-auth,system-auth}:
Disregard the extra backicks, they are for emphasis only.
`auth required pam_faillock.so preauth silent audit deny=5 even_deny_root fail_interval=900 unlock_time=900`
`auth sufficient pam_unix.so try_first_pass`
`auth [default=die] pam_faillock.so authfail audit deny=5 even_deny_root fail_interval=900 unlock_time=900`
`account required pam_faillock.so`
My question is related to the relative positioning of these lines of syntax.
I see them in different files I reference located in different places. How do I know what order to place them, in relation to all of the other lines of syntax already present?
I know this is a very sensitive technology and obviously for security purposes.
Any guidance in an authorative manner would be greatly appreciated.