Blame SOURCES/scap-security-guide-0.1.20-rhel7-shared-fix-limit-password-reuse-remediation.patch

2b7b16
diff --git a/RHEL/7/input/profiles/rht-ccp.xml b/RHEL/7/input/profiles/rht-ccp.xml
2b7b16
index e611421..5236ffa 100644
2b7b16
--- a/RHEL/7/input/profiles/rht-ccp.xml
2b7b16
+++ b/RHEL/7/input/profiles/rht-ccp.xml
2b7b16
@@ -18,7 +18,7 @@
2b7b16
 <refine-value idref="var_password_pam_ocredit" selector="2"/>
2b7b16
 <refine-value idref="var_password_pam_lcredit" selector="2"/>
2b7b16
 <refine-value idref="var_password_pam_difok" selector="3"/>
2b7b16
-<refine-value idref="var_password_history_retain_limit" selector="5"/>
2b7b16
+<refine-value idref="var_password_pam_unix_remember" selector="5"/>
2b7b16
 <refine-value idref="var_accounts_user_umask" selector="077"/>
2b7b16
 <refine-value idref="login_banner_text" selector="usgcb_default"/>
2b7b16
 
2b7b16
diff --git a/shared/fixes/bash/accounts_password_pam_unix_remember.sh b/shared/fixes/bash/accounts_password_pam_unix_remember.sh
2b7b16
index 04e0767..98aecef 100644
2b7b16
--- a/shared/fixes/bash/accounts_password_pam_unix_remember.sh
2b7b16
+++ b/shared/fixes/bash/accounts_password_pam_unix_remember.sh
2b7b16
@@ -4,5 +4,5 @@ populate var_password_pam_unix_remember
2b7b16
 if grep -q "remember=" /etc/pam.d/system-auth; then   
2b7b16
 	sed -i --follow-symlink "s/\(remember *= *\).*/\1$var_password_pam_unix_remember/" /etc/pam.d/system-auth
2b7b16
 else
2b7b16
-	sed -i --follow-symlink "/^password[\s]sufficient[\s]pam_unix.so/ s/$/ remember=$var_password_pam_unix_remember/" /etc/pam.d/system-auth
2b7b16
+	sed -i --follow-symlink "/^password[[:space:]]\+sufficient[[:space:]]\+pam_unix.so/ s/$/ remember=$var_password_pam_unix_remember/" /etc/pam.d/system-auth
2b7b16
 fi