meta-ampere: pam: set default unlock time to 1800

Ampere account lockout policy is defined as:
'Five consecutive failed login attempts will lock the account for 30 minutes".
While the login attempt was set to 5 already, the 30-minute lock period
(auto-unlock) has not been set.
This commit adds the missing 30-minute lockout by default.

Tested:
1. Enter WebUI -> User management
2. Click on Account policy settings and check if:
  - Max failed login attempts: 5
  - User unlock method: Automatic after timeout
  - Timeout duration (seconds): 1800

Signed-off-by: Thang Q. Nguyen <thang@os.amperecomputing.com>
Change-Id: Ieed9a719c424a289687e66314f4c68de5d108b6e

1 files changed, 1 insertions, 1 deletions

diff --git a/meta-ampere/meta-common/recipes-extended/pam/libpam/pam.d/common-auth b/meta-ampere/meta-common/recipes-extended/pam/libpam/pam.d/common-auth
index c79219f24d..508ef7a0cc 100644
--- a/meta-ampere/meta-common/recipes-extended/pam/libpam/pam.d/common-auth
+++ b/meta-ampere/meta-common/recipes-extended/pam/libpam/pam.d/common-auth
@@ -8,7 +8,7 @@
 # traditional Unix authentication mechanisms.
 
 # here are the per-package modules (the "Primary" block)
-auth	[success=ok user_unknown=ignore default=2]	pam_tally2.so deny=5 unlock_time=0
+auth	[success=ok user_unknown=ignore default=2]	pam_tally2.so deny=5 unlock_time=1800
 # Try for local user first, and then try for ldap
 auth	[success=2 default=ignore]	pam_unix.so quiet
 -auth    [success=1 default=ignore]  	pam_ldap.so ignore_unknown_user ignore_authinfo_unavail