It's been a long time since I tried running passwd from an account
that wasn't a member of wheel. Just today I noticed that, both on a
1.5 system using binaries from the tarballs, and on a 1.5S system with
binaries built locally, passwd fails immediately with "Permission
denied" if the current user isn't a member of wheel. Here's the
directory listing for /usr/bin/passwd:

   # ls -l `which passwd`
   -r-sr-xr-x  2 root  wheel  13484 Mar 11 12:55 /usr/bin/passwd*
   # passwd
   passwd: Permission denied

I ran ktrace, and it won't show anything past the attempt to exec the
binary. I'm not sure if this is because it's executing, but ktrace
can't follow it across the suid, or if the exec itself is
failing. Here's the listings of the files that the manpage says are
accessed by passwd:

   -rw-------  1 root  wheel  1973 Mar 10 14:05 /etc/master.passwd
   -rw-r--r--  1 root  wheel  1628 Mar 10 14:05 /etc/passwd

Any ideas what has gotten screwed up on my machine?