diff --git a/SOURCES/kbd-1.15.5-vlock-more-pam.patch b/SOURCES/kbd-1.15.5-vlock-more-pam.patch
new file mode 100644
index 0000000..ba34255
--- /dev/null
+++ b/SOURCES/kbd-1.15.5-vlock-more-pam.patch
@@ -0,0 +1,61 @@
+--- a/src/vlock/auth.c
++++ b/src/vlock/auth.c
+@@ -4,7 +4,7 @@
+   PAM authentication routine for vlock, the VT locking program for linux.
+ 
+   Copyright (C) 1994-1998 Michael K. Johnson <johnsonm@redhat.com>
+-  Copyright (C) 2002, 2005 Dmitry V. Levin <ldv@altlinux.org>
++  Copyright (C) 2002, 2005, 2013 Dmitry V. Levin <ldv@altlinux.org>
+ 
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+@@ -36,6 +36,25 @@
+ /* Unrecognized PAM error timeout. */
+ #define	ERROR_TIMEOUT	10
+ 
++static int
++do_account_password_management (pam_handle_t *pamh)
++{
++	int rc;
++
++	/* Whether the authenticated user is allowed to log in? */
++	rc = pam_acct_mgmt (pamh, 0);
++
++	/* Do we need to prompt the user for a new password? */
++	if (rc == PAM_NEW_AUTHTOK_REQD)
++		rc = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
++
++	/* Extend the lifetime of the existing credentials. */
++	if (rc == PAM_SUCCESS)
++		rc = pam_setcred (pamh, PAM_REFRESH_CRED);
++
++	return rc;
++}
++
+ int
+ get_password (pam_handle_t * pamh, const char *username, const char *tty)
+ {
+@@ -84,6 +103,23 @@ get_password (pam_handle_t * pamh, const char *username, const char *tty)
+ 		switch (rc)
+ 		{
+ 			case PAM_SUCCESS:
++				rc = do_account_password_management (pamh);
++
++				if (rc != PAM_SUCCESS)
++				{
++					/*
++					 * The user was authenticated but
++					 * either account or password management
++					 * returned an error.
++					 */
++					printf ("%s.\n\n\n",
++						pam_strerror (pamh, rc));
++					fflush (stdout);
++					pam_end (pamh, rc);
++					pamh = 0;
++					break;
++				}
++
+ 				pam_end (pamh, rc);
+ 				/* Log the fact of console unlocking. */
+ 				syslog (LOG_NOTICE,
diff --git a/SPECS/kbd.spec b/SPECS/kbd.spec
index dbe116c..8c64d4c 100644
--- a/SPECS/kbd.spec
+++ b/SPECS/kbd.spec
@@ -1,6 +1,6 @@
 Name:           kbd
 Version:        1.15.5
-Release:        7%{?dist}
+Release:        10%{?dist}
 Summary:        Tools for configuring the console (keyboard, virtual terminals, etc.)
 
 Group:          System Environment/Base
@@ -24,6 +24,8 @@ Patch3:         kbd-1.15.3-dumpkeys-man.patch
 Patch4:         kbd-1.15.5-loadkeys-regression.patch
 # Patch5: fixes decimal separator in Swiss German keyboard layout, bz 882529
 Patch5:         kbd-1.15.5-sg-decimal-separator.patch
+# Patch6: implement PAM account and password management, backported from upstream
+Patch6:         kbd-1.15.5-vlock-more-pam.patch
 
 BuildRequires:  bison, flex, gettext, pam-devel
 Requires:       initscripts >= 5.86-1
@@ -53,6 +55,7 @@ keymaps etc. Please note that %{name}-misc is not helpful without kbd.
 %patch3 -p1 -b .dumpkeys-man
 %patch4 -p1 -b .loadkeys-regression
 %patch5 -p1 -b .sg-decimal-separator
+%patch6 -p1 -b .vlock-more-pam
 
 # 7-bit maps are obsolete; so are non-euro maps
 pushd data/keymaps/i386
@@ -134,6 +137,16 @@ install -m 644 %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/vlock
 /lib/kbd
 
 %changelog
+* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 1.15.5-10
+- Mass rebuild 2014-01-24
+
+* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 1.15.5-9
+- Mass rebuild 2013-12-27
+
+* Thu Dec 12 2013 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.15.5-8
+- Fix vlock doesn't perform PAM account management or credential reinitialization
+  Resolves: #1032140
+
 * Wed Nov 06 2013 Vitezslav Crhonek <vcrhonek@redhat.com> - 1.15.5-7
 - Add PAM config for vlock
   Resolves: #1026819