su from root

[Doug Hardie]

I have encountered an unusual issue where the behavior is different 
between FreeBSD 4.6 and 5.3.  If I login  and then su to root 
successfully, then do a su to a non-root user I get:

pam_login_access: pam_sm_acct_mgmt:  user-id is not allowed to log in 
on /dev/ttyv0

In chasing this down it appears that the restriction is coming from 
login.access which does have a limitation to prevent the non-root user 
from logging in.  Only members of the wheel group are permitted to 
login.  That restriction is essential to this system.  However, I don't 
understand why su is concerned about that.  I need su to switch me to 
that user.  I suspect this may be controlled by PAM but haven't been 
able to figure out just where that would be.  How can I make su work 
like it does in 4.6?