diff -up shadow-4.1.5.1/man/chage.1.xml.manfix shadow-4.1.5.1/man/chage.1.xml
--- shadow-4.1.5.1/man/chage.1.xml.manfix	2012-05-25 13:45:27.000000000 +0200
+++ shadow-4.1.5.1/man/chage.1.xml	2014-08-29 13:36:57.713167654 +0200
@@ -102,6 +102,9 @@
 	    Set the number of days since January 1st, 1970 when the password
 	    was last changed. The date may also be expressed in the format
 	    YYYY-MM-DD (or the format more commonly used in your area).
+	    If the <replaceable>LAST_DAY</replaceable> is set to
+	    <emphasis>0</emphasis> the user is forced to change his password
+	    on the next log on.
 	  </para>
 	</listitem>
       </varlistentry>
diff -up shadow-4.1.5.1/man/login.defs.5.xml.manfix shadow-4.1.5.1/man/login.defs.5.xml
--- shadow-4.1.5.1/man/login.defs.5.xml.manfix	2012-05-25 13:45:28.000000000 +0200
+++ shadow-4.1.5.1/man/login.defs.5.xml	2014-08-29 13:31:38.364812323 +0200
@@ -160,6 +160,17 @@
       long numeric parameters is machine-dependent.
     </para>
 
+    <para>
+      Please note that the parameters in this configuration file control the
+      behavior of the tools from the shadow-utils component. None of these
+      tools uses the PAM mechanism, and the utilities that use PAM (such as the
+      passwd command) should be configured elsewhere. The only values that
+      affect PAM modules are <emphasis>ENCRYPT_METHOD</emphasis> and <emphasis>SHA_CRYPT_MAX_ROUNDS</emphasis>
+      for pam_unix module, <emphasis>FAIL_DELAY</emphasis> for pam_faildelay module,
+      and <emphasis>UMASK</emphasis> for pam_umask module. Refer to
+      pam(8) for more information.
+    </para>
+
     <para>The following configuration items are provided:</para>
 
     <variablelist remap='IP'>
diff -up shadow-4.1.5.1/man/man1/chage.1.manfix shadow-4.1.5.1/man/man1/chage.1
--- shadow-4.1.5.1/man/man1/chage.1.manfix	2012-05-25 13:58:18.000000000 +0200
+++ shadow-4.1.5.1/man/man1/chage.1	2014-08-29 13:36:31.303559366 +0200
@@ -45,7 +45,11 @@ command are:
 .PP
 \fB\-d\fR, \fB\-\-lastday\fR \fILAST_DAY\fR
 .RS 4
-Set the number of days since January 1st, 1970 when the password was last changed\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&.
+Set the number of days since January 1st, 1970 when the password was last changed\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&. If the
+\fILAST_DAY\fR
+is set to
+\fB0\fR
+the user is forced to change his password on the next log on\&.
 .RE
 .PP
 \fB\-E\fR, \fB\-\-expiredate\fR \fIEXPIRE_DATE\fR
diff -up shadow-4.1.5.1/man/man5/login.defs.5.manfix shadow-4.1.5.1/man/man5/login.defs.5
--- shadow-4.1.5.1/man/man5/login.defs.5.manfix	2012-05-25 13:59:03.000000000 +0200
+++ shadow-4.1.5.1/man/man5/login.defs.5	2014-08-29 13:31:38.364812323 +0200
@@ -46,6 +46,14 @@ value\&. Numbers (both regular and long)
 \fI0\fR) or hexadecimal values (precede the value with
 \fI0x\fR)\&. The maximum value of the regular and long numeric parameters is machine\-dependent\&.
 .PP
+Please note that the parameters in this configuration file control the
+behavior of the tools from the shadow-utils component\&. None of these
+tools uses the PAM mechanism, and the utilities that use PAM (such as the
+passwd command) should be configured elsewhere\&. The only values that
+affect PAM modules are \fBENCRYPT_METHOD\fR and \fBSHA_CRYPT_MAX_ROUNDS\fR for pam_unix module,
+\fBFAIL_DELAY\fR for pam_faildelay module, and \fBUMASK\fR for pam_umask module\&. Refer to
+pam(8) for more information\&.
+.PP
 The following configuration items are provided:
 .PP
 \fBCHFN_AUTH\fR (boolean)
@@ -625,20 +633,6 @@ will create by default a group with the
 .PP
 The following cross references show which programs in the shadow password suite use which parameters\&.
 .PP
-chfn
-.RS 4
-
-CHFN_AUTH
-CHFN_RESTRICT
-LOGIN_STRING
-.RE
-.PP
-chgpasswd
-.RS 4
-ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
-SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS
-.RE
-.PP
 chpasswd
 .RS 4
 
@@ -646,11 +640,6 @@ ENCRYPT_METHOD MD5_CRYPT_ENAB
 SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS
 .RE
 .PP
-chsh
-.RS 4
-CHSH_AUTH LOGIN_STRING
-.RE
-.PP
 gpasswd
 .RS 4
 ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
@@ -692,29 +681,6 @@ grpunconv
 MAX_MEMBERS_PER_GROUP
 .RE
 .PP
-login
-.RS 4
-
-CONSOLE
-CONSOLE_GROUPS DEFAULT_HOME
-ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE
-ERASECHAR FAIL_DELAY
-FAILLOG_ENAB
-FAKE_SHELL
-FTMP_FILE
-HUSHLOGIN_FILE
-ISSUE_FILE
-KILLCHAR
-LASTLOG_ENAB
-LOGIN_RETRIES
-LOGIN_STRING
-LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB
-MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB
-TTYGROUP TTYPERM TTYTYPE_FILE
-ULIMIT UMASK
-USERGROUPS_ENAB
-.RE
-.PP
 newgrp / sg
 .RS 4
 SYSLOG_SG_ENAB
@@ -727,12 +693,6 @@ SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUND
 SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK
 .RE
 .PP
-passwd
-.RS 4
-ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN
-SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS
-.RE
-.PP
 pwck
 .RS 4
 PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
@@ -743,26 +703,6 @@ pwconv
 PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
 .RE
 .PP
-su
-.RS 4
-
-CONSOLE
-CONSOLE_GROUPS DEFAULT_HOME
-ENV_HZ ENVIRON_FILE
-ENV_PATH ENV_SUPATH
-ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE QUOTAS_ENAB
-SULOG_FILE SU_NAME
-SU_WHEEL_ONLY
-SYSLOG_SU_ENAB
-USERGROUPS_ENAB
-.RE
-.PP
-sulogin
-.RS 4
-ENV_HZ
-ENV_TZ
-.RE
-.PP
 useradd
 .RS 4
 CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK
diff -up shadow-4.1.5.1/man/man8/useradd.8.manfix shadow-4.1.5.1/man/man8/useradd.8
--- shadow-4.1.5.1/man/man8/useradd.8.manfix	2014-08-29 13:31:38.347811932 +0200
+++ shadow-4.1.5.1/man/man8/useradd.8	2014-08-29 13:31:38.364812323 +0200
@@ -85,7 +85,7 @@ by default\&.
 Any text string\&. It is generally a short description of the login, and is currently used as the field for the user\*(Aqs full name\&.
 .RE
 .PP
-\fB\-d\fR, \fB\-\-home\fR \fIHOME_DIR\fR
+\fB\-d\fR, \fB\-\-home\-dir\fR \fIHOME_DIR\fR
 .RS 4
 The new user will be created using
 \fIHOME_DIR\fR
@@ -220,9 +220,13 @@ option) will be copied to the home direc
 By default, if this option is not specified and
 \fBCREATE_HOME\fR
 is not enabled, no home directories are created\&.
+.sp
+The directory where the user\*(Aqs home directory is created must
+exist and have proper SELinux context and permissions\&. Otherwise
+the user\*(Aqs home directory cannot be created or accessed\&.
 .RE
 .PP
-\fB\-M\fR
+\fB\-M\fR, \fB\-\-no\-create\-home\fR
 .RS 4
 Do not create the user\*(Aqs home directory, even if the system wide setting from
 /etc/login\&.defs
diff -up shadow-4.1.5.1/man/man8/usermod.8.manfix shadow-4.1.5.1/man/man8/usermod.8
--- shadow-4.1.5.1/man/man8/usermod.8.manfix	2012-05-25 13:59:33.000000000 +0200
+++ shadow-4.1.5.1/man/man8/usermod.8	2014-08-29 13:35:27.343086211 +0200
@@ -63,7 +63,7 @@ The user\*(Aqs new login directory\&.
 .sp
 If the
 \fB\-m\fR
-option is given, the contents of the current home directory will be moved to the new home directory, which is created if it does not already exist\&.
+option is given, the contents of the current home directory will be moved to the new home directory, which is created if it does not already exist\&. If the current home directory does not exist the new home directory will not be created\&.
 .RE
 .PP
 \fB\-e\fR, \fB\-\-expiredate\fR \fIEXPIRE_DATE\fR
@@ -143,7 +143,7 @@ Move the content of the user\*(Aqs home
 This option is only valid in combination with the
 \fB\-d\fR
 (or
-\fB\-\-home\fR) option\&.
+\fB\-\-home\fR) option\&. If the current home directory does not exist the new home directory will not be created\&.
 .sp
 
 \fBusermod\fR
diff -up shadow-4.1.5.1/man/useradd.8.xml.manfix shadow-4.1.5.1/man/useradd.8.xml
--- shadow-4.1.5.1/man/useradd.8.xml.manfix	2014-08-29 13:31:38.347811932 +0200
+++ shadow-4.1.5.1/man/useradd.8.xml	2014-08-29 13:31:38.364812323 +0200
@@ -161,7 +161,7 @@
       </varlistentry>
       <varlistentry>
 	<term>
-	  <option>-d</option>, <option>--home</option>
+	  <option>-d</option>, <option>--home-dir</option>
 	  <replaceable>HOME_DIR</replaceable>
 	</term>
 	<listitem>
@@ -358,11 +358,16 @@
 	    <option>CREATE_HOME</option> is not enabled, no home
 	    directories are created.
 	  </para>
+	  <para>
+	    The directory where the user's home directory is created must
+	    exist and have proper SELinux context and permissions. Otherwise
+	    the user's home directory cannot be created or accessed.
+	  </para>
 	</listitem>
       </varlistentry>
       <varlistentry>
 	<term>
-	  <option>-M</option>
+	  <option>-M</option>, <option>--no-create-home</option>
 	</term>
 	<listitem>
 	  <para>
diff -up shadow-4.1.5.1/man/usermod.8.xml.manfix shadow-4.1.5.1/man/usermod.8.xml
--- shadow-4.1.5.1/man/usermod.8.xml.manfix	2012-05-25 13:45:29.000000000 +0200
+++ shadow-4.1.5.1/man/usermod.8.xml	2014-08-29 13:33:40.814632618 +0200
@@ -132,7 +132,8 @@
 	    If the <option>-m</option>
 	    option is given, the contents of the current home directory will
 	    be moved to the new home directory, which is created if it does
-	    not already exist.
+	    not already exist. If the current home directory does not exist
+	    the new home directory will not be created.
 	  </para>
 	</listitem>
       </varlistentry>
@@ -261,7 +262,8 @@
 	<listitem>
 	  <para>
 	    Move the content of the user's home directory to the new
-	    location.
+	    location. If the current home directory does not exist
+	    the new home directory will not be created.
 	  </para>
 	  <para>
 	    This option is only valid in combination with the