#!/bin/bash
ROOT_UID=0
E_ROOT=2
DATE=$(date +%Y%m%d)
if [ $UID -ne $ROOT_UID ];then
	echo "You must run this script use root ..."
	exit $E_ROOT
fi
PASSWD_FILE=/etc/pam.d/passwd
LOGIN_FILE=/etc/pam.d/login
KDE_FILE=/etc/pam.d/kde
SSHD_FILE=/etc/pam.d/sshd
sed -i.bak_$DATE '/pam_cracklib.so/d' ${PASSWD_FILE}
sed -i.bak_$DATE '/pam_tally.so/d' ${LOGIN_FILE}
sed -i.bak_$DATE '/pam_tally.so/d' ${KDE_FILE}
sed -i.bak_$DATE '/pam_tally.so/d' ${SSHD_FILE}
sed -i "/pam_unix_passwd.so/i\password	required pam_cracklib.so retry=3 minlen=12 difok=3 ucredit=1 lcredit=2 dcredit=1 ocredit=1" ${PASSWD_FILE}
echo "auth       required     /lib64/security/pam_tally.so per_user unlock_time=600 onerr=succeed audit deny=3">> ${LOGIN_FILE}
echo "auth       required     /lib64/security/pam_tally.so per_user unlock_time=600 onerr=succeed audit deny=3">> ${KDE_FILE}
echo "auth       required     /lib64/security/pam_tally.so per_user unlock_time=600 onerr=succeed audit deny=3">> ${SSHD_FILE}