add "local_users_only" to pam_pwquality in default configuration

pam.spec

@@ -3,7 +3,7 @@
 Summary: An extensible library which provides authentication for applications
 Name: pam
 Version: 1.1.7
-Release: 1%{?dist}
+Release: 2%{?dist}
 # The library is BSD licensed with option to relicense as GPLv2+
 # - this option is redundant as the BSD license allows that anyway.
 # pam_timestamp, pam_loginuid, and pam_console modules are GPLv2+.
@@ -370,6 +370,9 @@ fi
 %doc doc/adg/*.txt doc/adg/html
 
 %changelog
+* Mon Sep 30 2013 Tomáš Mráz <tmraz@redhat.com> 1.1.7-2
+- add "local_users_only" to pam_pwquality in default configuration
+
 * Fri Sep 13 2013 Tomáš Mráz <tmraz@redhat.com> 1.1.7-1
 - new upstream release
 

password-auth.pamd

@@ -7,7 +7,7 @@ auth        required      pam_deny.so
 
 account     required      pam_unix.so
 
-password    requisite     pam_pwquality.so try_first_pass retry=3 authtok_type=
+password    requisite     pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=
 password    sufficient    pam_unix.so try_first_pass use_authtok nullok sha512 shadow
 password    required      pam_deny.so
 

system-auth.pamd

@@ -7,7 +7,7 @@ auth        required      pam_deny.so
 
 account     required      pam_unix.so
 
-password    requisite     pam_pwquality.so try_first_pass retry=3 authtok_type=
+password    requisite     pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=
 password    sufficient    pam_unix.so try_first_pass use_authtok nullok sha512 shadow
 password    required      pam_deny.so