shadow/TODO

libxcrypt support
 * http://wiki.linuxfromscratch.org/patches/browser/trunk/shadow/shadow-4.0.18.1-owl_blowfish-1.patch

implement getlong, getulong.
	avoid atoi, atol, atoul, strtol, strtoul, ...

manpages: comment the RLOGIN parts

Replace build_list (in lib/gshadow.c) and list (in lib/sgetgrent.c) by
comma_to_list()

Revert the modified files if all files could not be changed.
  * or warn and indicate which files were modified and which were not.
  * check the order the files are modified.

report nscd_flush_cache failures?
call nscd from the programs or from lib (commonio?)

PAM: check if a non-interactive conversation function could be used to set
the password in chpasswd and newusers

WITH_SELINUX
  - review all tools to check that the strategies are consistent

chage, chfn, chsh: same change needed as in passwd.
  - probably need moving check_selinux_access to a separate file.

testsuite
 - newgrp
   - test with unknown user's GID
 - groupmems
 - useradd, usermod, groupadd, groupmod, newusers
   - test with UID / GID set to -1

newusers
 - add logging to SYSLOG & AUDIT
 - use CREATE_HOME

Document when/where option appeared, document whether an option is standard
or not.

Check all the expiry semantics

ALL:
- move base passwd/shadow/group/gshadow operation to module for allow write
  different backend modules for db, NIS, LDAP and others. Default backend it
  will be goot if will be chosen depending on /etc/nsswitch.conf and allow
  override this by -r <repository> options (where the <repository> can be
  file, db, nis nisplus, ldap .. like on /etc/nsswitch.conf in service column).
  passwd have old piece of code with handling -r option and it will be good
  finish this and propagate on other shadow tools for allow operate on other
  user databases by well known tools.
- Protect against signals. Register do_cleanups in a signal handler.

- login.defs
  - generate depending on configuration

- useradd:
  - add handle create user mail spool in maildir format.
  - Add support for -k in -D mode
  - Add support for -K in -D mode
  - Add option to create or not the mail spool (and set the default in -D
    mode)
  - Change -l to reset the entry if an entry was already there
  - set the mask in mkdir?

- add handle -n switch in groups and id command for allow query is
  group/user with specified id/gid exist - this will be very usable
  on automation in packages for query/check is group/user exist in system
  or not,

- userdel:
  - add backup option for the removal of user resources,
  - user_busy: check that the user is not running any processes.
  - missing "deleting group" FAILED
  - home dir removed, but userdel may fail and may leave the user
    => warning needed

- usermod
  - add an option equivalent to useradd's -l (only when uid is changed)
  - the mode of new home directories should be set according to the
    original mode. Does copy_tree does this?
- passwd:
  - check combination of options (e.g. -u/-l)

- newgrp: check the USE_PAM section.

- pwck
  - Add check to move passwd passwords to shadow if there is a shadow
    entry (with a password).
  - Add check to move passwd passwords to shadow if there is a shadow
    file.

- su
  - add a login.defs configuration parameter to add variables to keep in
    the environment with "su -l" (TERM/TERMCOLOR/...