RHEL4U6 and pam_ccreds

Refer to https://bugzilla.redhat.com/show_bug.cgi?id=478446

$ uname -m
x86_64
$ cat /etc/issue
Red Hat Enterprise Linux AS release 4 (Nahant Update 6)
Kernel \r on an \m

Here is a working version of ‘system-auth’ file with pam_ccreds enabled:

auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so nullok
auth requisite /lib/security/$ISA/pam_succeed_if.so uid >= 500 quiet
auth [authinfo_unavail=ignore success=1 default=2] /lib/security/$ISA/pam_ldap.so use_first_pass
auth [success=done default=die] /lib/security/$ISA/pam_ccreds.so use_first_pass action=validate
auth [default=done] /lib/security/$ISA/pam_ccreds.so action=store
auth optional /lib/security/$ISA/pam_ccreds.so action=update
auth required /lib/security/$ISA/pam_deny.so

account required /lib/security/$ISA/pam_unix.so broken_shadow
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 500 quiet
account [authinfo_unavail=ignore default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_ldap.so
account required /lib/security/$ISA/pam_permit.so

password requisite /lib/security/$ISA/pam_cracklib.so try_first_pass retry=3
password sufficient /lib/security/$ISA/pam_unix.so md5 shadow nullok try_first_pass use_authtok
password sufficient /lib/security/$ISA/pam_ldap.so use_authtok
password required /lib/security/$ISA/pam_deny.so

session optional /lib/security/$ISA/pam_keyinit.so revoke
session required /lib/security/$ISA/pam_limits.so
session [success=1 default=ignore] /lib/security/$ISA/pam_succeed_if.so service in crond quiet use_uid
session required /lib/security/$ISA/pam_unix.so
session required /lib/security/$ISA/pam_mkhomedir.so umask=0077 skel=/etc/skel
session optional /lib/security/$ISA/pam_ldap.so