The "authconfig" command rewrites the file:

	/etc/pam.d/system-auth

but doesn't allow for complete customization. I want to hand tune the =
system-auth file to introduce desired settings, but those changes are =
discarded when authconfig is later run.  Any alternatives?

There are two types of changes I need to add to /etc/pam.d/system-auth:

a) change default arguments or supply more arguments to existing PAM =
modules:
  a.1) adding argument for password history retention:
      adding "remember=3D4" to the "password .. pam_unix.so"=20
  a.2) changing defaults of existing arguments:
      changing "retry=3D2" or "type=3DFOO" to the "password .. =
pam_cracklib.so".'

b) add new PAM modules to the stack:
for instance, in between existing pam_cracklib and pam_unix modules
      password .. pam_cracklib.so ...
      password .. pam_newmodule use_authtok=20
      password .. pam_unix.so ...

I must provide these additional settings in system-auth to implement our =
security policy, but cannot have authconfig discard them.  Only manner I =
can see to safeguard against authconfig is to remove it from the system. =
 Is there any other method?

Brian Simper