RedHat9 Enterprise linux hardening with pam.d

Hi everybody,

I want to do RHEL9 linux hardening on unlock_time=600 and retry=5 (ID 5.5.1). However it will overwrite the content if I use authselect command and manual modify the file /etc/pam.d/system-auth and /etc/pam.d/password-auth.

Could someone help on this issue with authselect to set retry=5 and unlock_time=600 ?

you can refer attachment.