i tried to create setting below to implement cis check (Ensure lockout for failed password attempts is configured)
auth required pam_faillock.so preauth audit silent deny=5 unlock_time=900
auth sufficient pam_unix.so
auth [default=die] pam_faillock.so authfail audit deny=5 unlock_time=900
auth sufficient pam_faillock.so authsucc audit deny=5 unlock_time=900
But this setting is not working . Can you guide me how can i implement this check on coreOS .