shadow/TODO
2009-01-06 20:13:31 +00:00

110 lines
3.4 KiB
Plaintext

groupadd.8.xml
* Groupnames may only be up to 16 characters long.
=> remove the note if no limits.
=> should depend on the --with-group-name-max-length option
libxcrypt support
* http://wiki.linuxfromscratch.org/patches/browser/trunk/shadow/shadow-4.0.18.1-owl_blowfish-1.patch
implement getlong, getulong.
avoid atoi, atol, atoul, strtol, strtoul, ...
manpages: comment the RLOGIN parts
Replace build_list (in lib/gshadow.c) and list (in lib/sgetgrent.c) by
comma_to_list()
Revert the modified files if all files could not be changed.
* or warn and indicate which files were modified and which were not.
* check the order the files are modified.
report nscd_flush_cache failures?
call nscd from the programs or from lib (commonio?)
PAM: check if a non-interactive conversation function could be used to set
the password in chpasswd and newusers
WITH_SELINUX
- review all tools to check that the strategies are consistent
chage, chfn, chsh: same change needed as in passwd.
- probably need moving check_selinux_access to a separate file.
testsuite
- newgrp
- test with unknown user's GID
- groupmems
newusers
- add logging to SYSLOG & AUDIT
faillog
- accept numerical user and range of users
Document when/where option appeared, document whether an option is standard
or not.
depends rules for the manpages
Check all the expiry semantics
ALL:
- move base passwd/shadow/group/gshadow operation to module for allow write
different backend modules for db, NIS, LDAP and others. Default backend it
will be goot if will be chosen depending on /etc/nsswitch.conf and allow
override this by -r <repository> options (where the <repository> can be
file, db, nis nisplus, ldap .. like on /etc/nsswitch.conf in service column).
passwd have old piece of code with handling -r option and it will be good
finish this and propagate on other shadow tools for allow operate on other
user databases by well known tools.
- gpasswd
- Add options --crypt-method and --sha-rounds
- useradd:
- add handle create user mail spool in maildir format.
- Add support for -k in -D mode
- Add support for -K in -D mode
- Add option to create or not the mail spool (and set the default in -D
mode)
- add handle -n switch in groups and id command for allow query is
group/user with specified id/gid exist - this will be very usable
on automation in packages for query/check is group/user exist in system
or not,
- userdel:
- add backup option for the removal of user resources,
- user_busy: check that the user is not running any processes.
- missing "deleting group" FAILED
- home dir removed, but userdel may fail and may leave the user
=> warning needed
- passwd:
- check combination of options (e.g. -u/-l)
- newgrp: check the USE_PAM section.
- newusers:
- doc for pw_gid not clear. Differentiate
pw_gid specified and exist
pw_gid specified but does not exist
* name
* number
pw_gid not specified.
- document what happens when no uid is specified.
- pwck
- Add check to move passwd passwords to shadow if there is a shadow
entry (with a password).
- Add check to move passwd passwords to shadow if there is a shadow
file.
- su
- add a login.defs configuration parameter to add variables to keep in
the environment with "su -l" (TERM/TERMCOLOR/...
- vipw:
- Is MAX_MEMBERS_PER_GROUP used by vipw?