Prior to upgrading to RH 7.2, my root password was longer than 8 characters, and entering the whole thing was accepted by su. Following the upgrade (sh-utils-2.0.11-5), I can enter the long password with the passwd command, but I must only enter the first 8 characters to su. su rejects the longer password. I believe there's a similar problem with the main desktop login, so this may be a PAM issue.
Works for me... Are you sure MD5 passwords are enabled? (MD5 passwords are on if the password hashes in /etc/shadow start with "$1$")
MD5 is not specified in /etc/pam.d/system-auth, and there are no "$1$" style prefixes in /etc/shadow.
long passwords don't work unless md5 passwords are enabled. Please use "authconfig" to fix your configuration.