Patch from Martin Schwenke <martin@meltin.net>

Index: Linux-PAM/modules/pam_unix/pam_unix_passwd.c
===================================================================
--- Linux-PAM/modules/pam_unix/pam_unix_passwd.c.orig
+++ Linux-PAM/modules/pam_unix/pam_unix_passwd.c
@@ -516,7 +516,7 @@
     struct passwd *tmpent = NULL;
     struct stat st;
     FILE *pwfile, *opwfile;
-    int err = 1;
+    int err = 1, found = 0;
     int oldmask;
 
     oldmask = umask(077);
@@ -584,6 +584,7 @@
 
 	    tmpent->pw_passwd = assigned_passwd.charp;
 	    err = 0;
+	    found = 1;
 	}
 	if (putpwent(tmpent, pwfile)) {
 	    D(("error writing entry to password file: %m"));
@@ -620,7 +621,7 @@
 	return PAM_SUCCESS;
     } else {
 	unlink(PW_TMPFILE);
-	return PAM_AUTHTOK_ERR;
+	return found ? PAM_AUTHTOK_ERR : PAM_USER_UNKNOWN;
     }
 }
 
@@ -629,7 +630,7 @@
     struct spwd *spwdent = NULL, *stmpent = NULL;
     struct stat st;
     FILE *pwfile, *opwfile;
-    int err = 1;
+    int err = 1, found = 0;
     int oldmask;
 
     spwdent = getspnam(forwho);
@@ -697,6 +698,7 @@
 	    stmpent->sp_pwdp = towhat;
 	    stmpent->sp_lstchg = time(NULL) / (60 * 60 * 24);
 	    err = 0;
+	    found = 1;
 	    D(("Set password %s for %s", stmpent->sp_pwdp, forwho));
 	}
 
@@ -738,7 +740,7 @@
 	return PAM_SUCCESS;
     } else {
 	unlink(SH_TMPFILE);
-	return PAM_AUTHTOK_ERR;
+	return found ? PAM_AUTHTOK_ERR : PAM_USER_UNKNOWN;
     }
 }
 
@@ -885,7 +887,7 @@
 	int retval = PAM_SUCCESS;
 
 	/* UNIX passwords area */
-	pwd = getpwnam(user);	/* Get password file entry... */
+	_unix_getpwnam(pamh, user, 1, 0, &pwd);	/* Get password *file* entry... */
 	if (pwd == NULL)
 		return PAM_AUTHINFO_UNAVAIL;	/* We don't need to do the rest... */