Index: modules/pam_unix/pam_unix_acct.c
===================================================================
RCS file: /cvsroot/pam/Linux-PAM/modules/pam_unix/pam_unix_acct.c,v
retrieving revision 1.24
diff -u -r1.24 pam_unix_acct.c
--- modules/pam_unix/pam_unix_acct.c	11 Jul 2008 15:29:00 -0000	1.24
+++ modules/pam_unix/pam_unix_acct.c	24 Feb 2009 09:57:31 -0000
@@ -249,6 +249,9 @@
 		_make_remark(pamh, ctrl, PAM_ERROR_MSG,
 			_("Your account has expired; please contact your system administrator"));
 		break;
+	case PAM_AUTHTOK_ERR:
+		retval = PAM_SUCCESS;
+		/* fallthrough */
 	case PAM_SUCCESS:
 		if (daysleft >= 0) {
 			pam_syslog(pamh, LOG_DEBUG,
Index: modules/pam_unix/passverify.c
===================================================================
RCS file: /cvsroot/pam/Linux-PAM/modules/pam_unix/passverify.c,v
retrieving revision 1.8
diff -u -r1.8 passverify.c
--- modules/pam_unix/passverify.c	1 Dec 2008 12:40:41 -0000	1.8
+++ modules/pam_unix/passverify.c	24 Feb 2009 09:57:32 -0000
@@ -272,8 +272,16 @@
 		*daysleft = (int)((spent->sp_lstchg + spent->sp_max) - curdays);
 		D(("warn before expiry"));
 	}
+	if ((curdays - spent->sp_lstchg < spent->sp_min)
+	    && (spent->sp_min != -1)) {
+		/* 
+		 * The last password change was too recent. This error will be ignored
+		 * if no password change is attempted.
+		 */
+		D(("password change too recent"));
+		return PAM_AUTHTOK_ERR;
+	}
 	return PAM_SUCCESS;
-
 }
 
 /* passwd/salt conversion macros */