For security reason, the system must limit users to 10 simultaneous system logins, or a site-defined number, in accordance with operational requirements. This is required by STIG here: https://www.stigviewer.com/stig/red_hat_enterprise_linux_5/2013-04-10/finding/V-22298 In oe-core/meta/recipes-extended/pam/libpam_1.1.6.bb, /etc/security/limits.conf is not defined as CONFFILES of package libpam-runtime, even after user change the definition to limit 10 logins, it will be overwrite after upgrade this rpm package.
