Replace unsupported cracklib with pwquality rules

Author: teacup-on-rockingchair

products/sle16/profiles/pci-dss-4.profile

@@ -27,6 +27,7 @@ selections:
     - var_multiple_time_servers=suse
     - var_multiple_time_pools=suse
     - var_accounts_tmout=15_min
+    - var_accounts_passwords_pam_faillock_dir=run
     - audit_rules_enable_syscall_auditing
     - '!ntpd_specify_multiple_servers'
     - '!ntpd_specify_remote_server'
@@ -36,25 +37,20 @@ selections:
     - '!package_libreswan_installed'
     - '!use_pam_wheel_for_su'
     - '!aide_periodic_cron_checking'
-    - '!accounts_password_pam_dcredit'
     - '!accounts_password_pam_pwhistory_remember_system_auth'
     - '!sysctl_kernel_core_pattern'
     - '!configure_firewalld_ports'
     - '!accounts_passwords_pam_tally2'
     - '!accounts_passwords_pam_tally2_unlock_time'
     - '!audit_rules_login_events_tallylog'
-    - '!accounts_passwords_pam_faillock_deny'
     - '!file_owner_user_cfg'
-    - '!accounts_passwords_pam_faillock_unlock_time'
     - '!ensure_redhat_gpgkey_installed'
     - '!package_sequoia-sq_installed'
     - '!ensure_almalinux_gpgkey_installed'
     - '!firewalld_loopback_traffic_restricted'
-    - '!accounts_password_pam_lcredit'
     - '!file_group_ownership_var_log_audit'
     - '!package_ftp_removed'
     - '!gnome_gdm_disable_guest_login'
-    - '!accounts_password_pam_minlen'
     - '!no_password_auth_for_systemaccounts'
     - '!file_groupowner_user_cfg'
     - '!ensure_root_password_configured'
@@ -83,3 +79,8 @@ selections:
     - '!set_ipv6_loopback_traffic'
     - '!set_loopback_traffic'
     - '!nftables_ensure_default_deny_policy'
+    - '!cracklib_accounts_password_pam_dcredit'
+    - '!cracklib_accounts_password_pam_lcredit'
+    - '!cracklib_accounts_password_pam_minlen'
+    - '!cracklib_accounts_password_pam_retry'
+    - 'accounts_password_pam_retry'