templates/system-login.tpl: remove duplicate block from system-auth (again)

Signed-off-by: Sam James <sam@gentoo.org>

2 files changed, 6 insertions, 5 deletions

diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl
index f8484f1..11319d6 100644
--- a/templates/system-auth.tpl
+++ b/templates/system-auth.tpl
@@ -9,11 +9,6 @@ auth        [success=1 default=ignore]      pam_krb5.so {{ krb5_params }}
 
 auth		required	pam_unix.so try_first_pass {{ likeauth }} {{ nullok|default('', true) }} {{ debug|default('', true) }}
 auth		optional	pam_permit.so
-{% if not minimal %}
-auth            required        pam_faillock.so preauth silent audit deny=3 unlock_time=600
-auth            sufficient      pam_unix.so {{ nullok|default('', true) }} try_first_pass
-auth            [default=die]   pam_faillock.so authfail audit deny=3 unlock_time=600
-{% endif %}
 
 {% if krb5 %}
 account		[success=1 default=ignore]	pam_krb5.so {{ krb5_params }}
diff --git a/templates/system-login.tpl b/templates/system-login.tpl
index 889c2d7..25843f5 100644
--- a/templates/system-login.tpl
+++ b/templates/system-login.tpl
@@ -2,6 +2,12 @@ auth		required	pam_shells.so {{ debug|default('', true) }}
 auth		required	pam_nologin.so
 auth		include		system-auth
 
+{% if not minimal %}
+auth            required        pam_faillock.so preauth conf=/etc/security/faillock.conf
+auth            sufficient      pam_unix.so nullok try_first_pass
+auth            [default=die]   pam_faillock.so authfail
+{% endif %}
+
 account		required	pam_access.so {{ debug|default('', true) }}
 account		required	pam_nologin.so
 account		include		system-auth