New patch pam_unix_dont_trust_chkpwd_caller.patch, rolling back an

upstream change that causes unix_chkpwd to assume that setuid(getuid())
is sufficient to drop permissions and attempt any authentication on
behalf of the user.