pam_authenticate only works when logged in as root

[Steven Bush]

We use pam_authenticate to authenticate users logging into our software 
product.  On most systems, this has worked splendidly, however on one 
customer's installation, authentication only succeeds if the process 
calling pam_authenticate is running as root or else if the username being 
authenticated is the same as the process' UID.

For instance:

process running as 'someuser':
pam_authenticate "someuser" with correct password: SUCCESS
pam_authenticate "otheruser" with correct password: FAILURE
pam_authenticate "someuser" with incorrect password: FAILURE
pam_authenticate "otheruser" with incorrect password: FAILURE

process running as 'otheruser':
pam_authenticate "someuser" with correct password: FAILURE
pam_authenticate "otheruser" with correct password: SUCCESS
pam_authenticate "someuser" with incorrect password: FAILURE
pam_authenticate "otheruser" with incorrect password: FAILURE

process running as 'root':
pam_authenticate "someuser" with correct password: SUCCESS
pam_authenticate "otheruser" with correct password: SUCCESS
pam_authenticate "someuser" with incorrect password: FAILURE
pam_authenticate "otheruser" with incorrect password: FAILURE

In every case of FAILURE pam_strerror returns "Authentication failure"

They are using RedHat Enterprise 3 (kernel 2.4.20)

Their configuration (via authconfig):
(User Information Configuration):
Cache Information: no
Use NIS: no
Use LDAP: no
Use Hesiod: no

(Authentication Configuration):
Use Shadow Passwords: *YES*
Use MD5 Passwords: *YES*
Use LDAP Authentication: no
Use Kerberos 5: no
Use SMB Authentication: no

Any thoughts?  Any suggestions where to look?  I'm assuming it's some sort 
of file permission issue, but I can't figure out what it might be.

Steve Bush

--
Steve Bush (mazer1310 at hotmail.com)
"There was a point to this narrative, but it has presently escaped the 
chronicler's mind."  --Douglas Adams