(In reply to Jiri Slaby from comment #5) > FWIW I switched pam_unix2 to pam_unix as was suggested in some ML and it's > all fine now. No, it's not. It's only working for you in this special case with a local account or maybe NIS, but not in general. Applications doing password verification with PAM needs root privilegs, this is a hard requirement of the PAM specification.