shadow/TODO

groupadd.8.xml
 * Groupnames may only be up to 16 characters long.
   => remove the note if no limits.
   => should depend on the --with-group-name-max-length option

libxcrypt support
 * http://wiki.linuxfromscratch.org/patches/browser/trunk/shadow/shadow-4.0.18.1-owl_blowfish-1.patch

implement getlong, getulong.
	avoid atoi, atol, atoul, strtol, strtoul, ...

manpages: comment the RLOGIN parts

Replace build_list (in lib/gshadow.c) and list (in lib/sgetgrent.c) by
comma_to_list()

Revert the modified files if all files could not be changed.
  * or warn and indicate which files were modified and which were not.
  * check the order the files are modified.

report nscd_flush_cache failures?
call nscd from the programs or from lib (commonio?)

PAM: check if a non-interactive conversation function could be used to set
the password in chpasswd and newusers

WITH_SELINUX
  - review all tools to check that the strategies are consistent

chage, chfn, chsh: same change needed as in passwd.
  - probably need moving check_selinux_access to a separate file.

testsuite
 - newgrp
   - test with unknown user's GID
 - groupmems

newusers
 - add logging to SYSLOG & AUDIT

faillog
 - accept numerical user and range of users

Document when/where option appeared, document whether an option is standard
or not.

depends rules for the manpages

Check all the expiry semantics

ALL:
- move base passwd/shadow/group/gshadow operation to module for allow write
  different backend modules for db, NIS, LDAP and others. Default backend it
  will be goot if will be chosen depending on /etc/nsswitch.conf and allow
  override this by -r <repository> options (where the <repository> can be
  file, db, nis nisplus, ldap .. like on /etc/nsswitch.conf in service column).
  passwd have old piece of code with handling -r option and it will be good
  finish this and propagate on other shadow tools for allow operate on other
  user databases by well known tools.

- gpasswd
  - Add options --crypt-method and --sha-rounds

- useradd:
  - add handle create user mail spool in maildir format.
  - Add support for -k in -D mode
  - Add support for -K in -D mode
  - Add option to create or not the mail spool (and set the default in -D
    mode)

- add handle -n switch in groups and id command for allow query is
  group/user with specified id/gid exist - this will be very usable
  on automation in packages for query/check is group/user exist in system
  or not,

- userdel:
  - add backup option for the removal of user resources,
  - user_busy: check that the user is not running any processes.
  - missing "deleting group" FAILED
  - home dir removed, but userdel may fail and may leave the user
    => warning needed

- passwd:
  - check combination of options (e.g. -u/-l)

- newgrp: check the USE_PAM section.

- newusers:
  - doc for pw_gid not clear. Differentiate
            pw_gid specified and exist
            pw_gid specified but does not exist
             * name
             * number
            pw_gid not specified.
  - document what happens when no uid is specified.

- pwck
  - Add check to move passwd passwords to shadow if there is a shadow
    entry (with a password).
  - Add check to move passwd passwords to shadow if there is a shadow
    file.

- su
  - add a login.defs configuration parameter to add variables to keep in
    the environment with "su -l" (TERM/TERMCOLOR/...

- vipw:
  - Is MAX_MEMBERS_PER_GROUP used by vipw?