What about creating an EO that you use for the rule?
I think a for each loop should do it
For each entry in the file
If name = password and value 1 as straight = blah then value 2 = foo
I did it by adding not the whole the conf file but just the entry part I need and defining a rule like this:
"Configuration File Entry:/etc/pam.d/system-auth//password-sufficient-pam_unix.so-md5-shadow-nullok-try_first_pass-use_authtok"."Value3 as String (All OS)" equal md5
Will try also the loop asap.