CentOS - Dec 2010 - pam account lockout duration

hey list

 I'm doing a PCI audit for my company.  One of the requirements is to
specify a lockout duration of 30 minutes after 6 failed login
attempts:

 For a sample of system components, obtain and insp 8.5.14
rd parameters  system configuration settings to verify that passwo
ed out, it  are set to require that once a user account is lock
 a system  remains locked for a minimum of 30 minutes or until
administrator resets the account


 I'm pretty sure this is a pam thing but does anyone know how this can
best be achieved?

thanks!

-- 
GPG me!!

gpg --keyserver pgp.mit.edu --recv-keys F186197B

see cis rhel 5.5 documentation and latest version of it for configuration
examples. or use compensative controls.

is it really sampled? usually no ;)

eero,
rhce
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.centos.org/pipermail/centos/attachments/20101223/bae12297/attachment-0001.html>