diff -up shadow-4.2.1/man/groupmems.8.xml.manfix shadow-4.2.1/man/groupmems.8.xml
--- shadow-4.2.1/man/groupmems.8.xml.manfix 2014-03-01 19:59:51.000000000 +0100
+++ shadow-4.2.1/man/groupmems.8.xml 2015-11-06 14:21:03.013060324 +0100
@@ -179,20 +179,10 @@
SETUP
- The groupmems executable should be in mode
- 2770 as user root and in group
- groups. The system administrator can add users to
- group groups to allow or disallow them using the
- groupmems utility to manage their own group
- membership list.
+ In this operating system the groupmems executable
+ is not setuid and regular users cannot use it to manipulate
+ the membership of their own group.
-
-
- $ groupadd -r groups
- $ chmod 2770 groupmems
- $ chown root.groups groupmems
- $ groupmems -g groups -a gk4
-
diff -up shadow-4.2.1/man/chage.1.xml.manfix shadow-4.2.1/man/chage.1.xml
--- shadow-4.2.1/man/chage.1.xml.manfix 2014-03-01 19:59:51.000000000 +0100
+++ shadow-4.2.1/man/chage.1.xml 2014-11-26 15:34:51.256978960 +0100
@@ -102,6 +102,9 @@
Set the number of days since January 1st, 1970 when the password
was last changed. The date may also be expressed in the format
YYYY-MM-DD (or the format more commonly used in your area).
+ If the LAST_DAY is set to
+ 0 the user is forced to change his password
+ on the next log on.
diff -up shadow-4.2.1/man/ja/man5/login.defs.5.manfix shadow-4.2.1/man/ja/man5/login.defs.5
--- shadow-4.2.1/man/ja/man5/login.defs.5.manfix 2014-03-01 19:59:51.000000000 +0100
+++ shadow-4.2.1/man/ja/man5/login.defs.5 2016-01-08 09:58:29.591702354 +0100
@@ -147,10 +147,6 @@ 以下の参照表は、
shadow パスワード機能のどのプログラムが
どのパラメータを使用するかを示したものである。
.na
-.IP chfn 12
-CHFN_AUTH CHFN_RESTRICT
-.IP chsh 12
-CHFN_AUTH
.IP groupadd 12
GID_MAX GID_MIN
.IP newusers 12
diff -up shadow-4.2.1/man/login.defs.5.xml.manfix shadow-4.2.1/man/login.defs.5.xml
--- shadow-4.2.1/man/login.defs.5.xml.manfix 2014-03-13 06:52:55.000000000 +0100
+++ shadow-4.2.1/man/login.defs.5.xml 2016-01-08 09:59:35.854169787 +0100
@@ -162,6 +162,17 @@
long numeric parameters is machine-dependent.
+
+ Please note that the parameters in this configuration file control the
+ behavior of the tools from the shadow-utils component. None of these
+ tools uses the PAM mechanism, and the utilities that use PAM (such as the
+ passwd command) should be configured elsewhere. The only values that
+ affect PAM modules are ENCRYPT_METHOD and SHA_CRYPT_MAX_ROUNDS
+ for pam_unix module, FAIL_DELAY for pam_faildelay module,
+ and UMASK for pam_umask module. Refer to
+ pam(8) for more information.
+
+
The following configuration items are provided:
@@ -252,26 +263,6 @@
- chfn
-
-
- CHFN_AUTH
- CHFN_RESTRICT
- LOGIN_STRING
-
-
-
-
- chgpasswd
-
-
- ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
- SHA_CRYPT_MAX_ROUNDS
- SHA_CRYPT_MIN_ROUNDS
-
-
-
- chpasswd
@@ -282,14 +273,6 @@
-
- chsh
-
-
- CHSH_AUTH LOGIN_STRING
-
-
-
@@ -350,34 +333,6 @@
-
- login
-
-
- CONSOLE
- CONSOLE_GROUPS DEFAULT_HOME
- ENV_HZ ENV_PATH ENV_SUPATH
- ENV_TZ ENVIRON_FILE
- ERASECHAR FAIL_DELAY
- FAILLOG_ENAB
- FAKE_SHELL
- FTMP_FILE
- HUSHLOGIN_FILE
- ISSUE_FILE
- KILLCHAR
- LASTLOG_ENAB
- LOGIN_RETRIES
- LOGIN_STRING
- LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB
- MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE
- MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB
- QUOTAS_ENAB
- TTYGROUP TTYPERM TTYTYPE_FILE
- ULIMIT UMASK
- USERGROUPS_ENAB
-
-
- newgrp / sg
@@ -405,17 +360,6 @@
-
- passwd
-
-
- ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB
- PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN
- SHA_CRYPT_MAX_ROUNDS
- SHA_CRYPT_MIN_ROUNDS
-
-
- pwck
@@ -442,32 +386,6 @@
-
- su
-
-
- CONSOLE
- CONSOLE_GROUPS DEFAULT_HOME
- ENV_HZ ENVIRON_FILE
- ENV_PATH ENV_SUPATH
- ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB
- MAIL_DIR MAIL_FILE QUOTAS_ENAB
- SULOG_FILE SU_NAME
- SU_WHEEL_ONLY
- SYSLOG_SU_ENAB
- USERGROUPS_ENAB
-
-
-
-
- sulogin
-
-
- ENV_HZ
- ENV_TZ
-
-
- useradd
diff -up shadow-4.2.1/man/shadow.5.xml.manfix shadow-4.2.1/man/shadow.5.xml
--- shadow-4.2.1/man/shadow.5.xml.manfix 2014-03-01 19:59:51.000000000 +0100
+++ shadow-4.2.1/man/shadow.5.xml 2015-10-27 16:54:29.304231353 +0100
@@ -208,8 +208,8 @@
After expiration of the password and this expiration period is
- elapsed, no login is possible using the current user's
- password. The user should contact her administrator.
+ elapsed, no login is possible for the user.
+ The user should contact her administrator.
An empty field means that there are no enforcement of an
diff -up shadow-4.2.1/man/useradd.8.xml.manfix shadow-4.2.1/man/useradd.8.xml
--- shadow-4.2.1/man/useradd.8.xml.manfix 2014-11-26 15:34:51.234978891 +0100
+++ shadow-4.2.1/man/useradd.8.xml 2014-11-26 15:34:51.257978963 +0100
@@ -347,11 +347,16 @@
is not enabled, no home
directories are created.
+
+ The directory where the user's home directory is created must
+ exist and have proper SELinux context and permissions. Otherwise
+ the user's home directory cannot be created or accessed.
+
-
+ ,
diff -up shadow-4.2.1/man/usermod.8.xml.manfix shadow-4.2.1/man/usermod.8.xml
--- shadow-4.2.1/man/usermod.8.xml.manfix 2014-03-01 19:59:51.000000000 +0100
+++ shadow-4.2.1/man/usermod.8.xml 2014-11-26 15:34:51.257978963 +0100
@@ -132,7 +132,8 @@
If the
option is given, the contents of the current home directory will
be moved to the new home directory, which is created if it does
- not already exist.
+ not already exist. If the current home directory does not exist
+ the new home directory will not be created.
@@ -256,7 +257,8 @@
Move the content of the user's home directory to the new
- location.
+ location. If the current home directory does not exist
+ the new home directory will not be created.
This option is only valid in combination with the