PAM Authentication?

[Jeff Smith]

I am trying to bring cvs into my company.  I am
working with one of our Solaris admins on getting the
product installed and configured. 

We have run into a problem with getting the PAM
authentication working.  

I really don't know anything about PAM, my admin
probably does, but we have followed the instructions.

We compiled it with PAM enabled.  He modified the
pam.conf file and added these lines:

cvs    auth required           pam_unix.so.1
cvs    account required        pam_unix.so.1
cvs    session required        pam_unix.so.1

When I do the command:

cvs -d :pserver:address@hidden:/cvs login
it does prompt for a password, and I put in the right
one.

But I get:
cvs login: authorization failed: server cvsdev
rejected access to /cvs for user y24jds

In the /var/adm/messages, I see the output:


cvs[26366]: [ID 926525 daemon.notice] login failure
(for /cvs)

I looked and found where pam_unix.so.1 was located and
put that in the LD_LIBRARY_PATH variable in the
.profile for the "cvs" userid.  I don't know if that
was necessary, but I tried it.

We also might have another complication entering in. 
Our Unix servers run a very intrusive security program
called E-Trust.  It is so powerful that it can even
limit what root can do.  We have a data security team
that administers it, but trobuleshooting with them can
be difficult sometimes and I'm not really sure it is a
factor yet.

Where do I start trying to troubleshoot this? 

Thanks!

Jeff