pam: Disable sensitive log & nullok

pam_unix logs user name when sessions are established, quiet
the same in configuraiton. This is done to avoid logging user name
as logs will be exported as part of debug log dump etc, thereby
compramising sensitive information.
Also disallow nullok login from security point of it.

Tested:
1. Verified that session establishment are not recorded with user
name.
2. Verfieid webui, redfish, ipmi, ssh login works as expected.

(From meta-phosphor rev: 15a293b458ef2f013356f9746c0ac7a20e59c1c1)

Change-Id: Ic0fcdbfd9a5968fa55a27b7d2de379f8ba131cac
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/meta-phosphor/recipes-extended/pam/libpam/pam.d/common-auth b/meta-phosphor/recipes-extended/pam/libpam/pam.d/common-auth
index 58ed74f..8eef164 100644
--- a/meta-phosphor/recipes-extended/pam/libpam/pam.d/common-auth
+++ b/meta-phosphor/recipes-extended/pam/libpam/pam.d/common-auth
@@ -10,7 +10,7 @@
 # here are the per-package modules (the "Primary" block)
 auth	[success=ok user_unknown=ignore default=2]	pam_tally2.so deny=0 unlock_time=0
 # Try for local user first, and then try for ldap
-auth	[success=2 default=ignore]	pam_unix.so nullok_secure
+auth	[success=2 default=ignore]	pam_unix.so quiet
 -auth    [success=1 default=ignore]  	pam_ldap.so ignore_unknown_user ignore_authinfo_unavail
 # here's the fallback if no module succeeds
 auth	requisite			pam_deny.so