groupadd.8.xml * Groupnames may only be up to 16 characters long. => remove the note if no limits. => should depend on the --with-group-name-max-length option libxcrypt support * http://wiki.linuxfromscratch.org/patches/browser/trunk/shadow/shadow-4.0.18.1-owl_blowfish-1.patch implement getlong, getulong. avoid atoi, atol, atoul, strtol, strtoul, ... manpages: comment the RLOGIN parts Replace build_list (in lib/gshadow.c) and list (in lib/sgetgrent.c) by comma_to_list() Revert the modified files if all files could not be changed. * or warn and indicate which files were modified and which were not. * check the order the files are modified. report nscd_flush_cache failures? call nscd from the programs or from lib (commonio?) PAM: check if a non-interactive conversation function could be used to set the password in chpasswd and newusers WITH_SELINUX - review all tools to check that the strategies are consistent chage, chfn, chsh: same change needed as in passwd. - probably need moving check_selinux_access to a separate file. testsuite - newgrp - test with unknown user's GID - groupmems newusers - add logging to SYSLOG & AUDIT faillog - accept numerical user and range of users Document when/where option appeared, document whether an option is standard or not. depends rules for the manpages Check all the expiry semantics ALL: - move base passwd/shadow/group/gshadow operation to module for allow write different backend modules for db, NIS, LDAP and others. Default backend it will be goot if will be chosen depending on /etc/nsswitch.conf and allow override this by -r options (where the can be file, db, nis nisplus, ldap .. like on /etc/nsswitch.conf in service column). passwd have old piece of code with handling -r option and it will be good finish this and propagate on other shadow tools for allow operate on other user databases by well known tools. - gpasswd - Add options --crypt-method and --sha-rounds - useradd: - add handle create user mail spool in maildir format. - Add support for -k in -D mode - Add support for -K in -D mode - Add option to create or not the mail spool (and set the default in -D mode) - add handle -n switch in groups and id command for allow query is group/user with specified id/gid exist - this will be very usable on automation in packages for query/check is group/user exist in system or not, - userdel: - add backup option for the removal of user resources, - user_busy: check that the user is not running any processes. - missing "deleting group" FAILED - home dir removed, but userdel may fail and may leave the user => warning needed - passwd: - check combination of options (e.g. -u/-l) - newgrp: check the USE_PAM section. - newusers: - doc for pw_gid not clear. Differentiate pw_gid specified and exist pw_gid specified but does not exist * name * number pw_gid not specified. - document what happens when no uid is specified. - pwck - Add check to move passwd passwords to shadow if there is a shadow entry (with a password). - Add check to move passwd passwords to shadow if there is a shadow file. - su - add a login.defs configuration parameter to add variables to keep in the environment with "su -l" (TERM/TERMCOLOR/... - vipw: - Is MAX_MEMBERS_PER_GROUP used by vipw?