Blame SOURCES/shadow-4.1.5.1-manfix.patch

57b0e3
diff -up shadow-4.1.5.1/man/chage.1.xml.manfix shadow-4.1.5.1/man/chage.1.xml
57b0e3
--- shadow-4.1.5.1/man/chage.1.xml.manfix	2012-05-25 13:45:27.000000000 +0200
57b0e3
+++ shadow-4.1.5.1/man/chage.1.xml	2018-04-24 16:43:48.545743715 +0200
57b0e3
@@ -102,6 +102,9 @@
57b0e3
 	    Set the number of days since January 1st, 1970 when the password
57b0e3
 	    was last changed. The date may also be expressed in the format
57b0e3
 	    YYYY-MM-DD (or the format more commonly used in your area).
57b0e3
+	    If the <replaceable>LAST_DAY</replaceable> is set to
57b0e3
+	    <emphasis>0</emphasis> the user is forced to change his password
57b0e3
+	    on the next log on.
57b0e3
 	  </para>
57b0e3
 	</listitem>
57b0e3
       </varlistentry>
57b0e3
@@ -123,6 +126,13 @@
57b0e3
 	    <replaceable>EXPIRE_DATE</replaceable> will remove an account
57b0e3
 	    expiration date.
57b0e3
 	  </para>
57b0e3
+	  <para>
57b0e3
+	    For example the following command can be used
57b0e3
+	    to set an account to expire in 180 days:
57b0e3
+	  </para>
57b0e3
+	  <programlisting>
57b0e3
+	    chage -E $(date -d +180days +%Y-%m-%d)
57b0e3
+	  </programlisting>
57b0e3
 	</listitem>
57b0e3
       </varlistentry>
57b0e3
       <varlistentry>
9b7f02
diff -up shadow-4.1.5.1/man/groupmems.8.xml.manfix shadow-4.1.5.1/man/groupmems.8.xml
9b7f02
--- shadow-4.1.5.1/man/groupmems.8.xml.manfix	2012-05-25 13:45:28.000000000 +0200
9b7f02
+++ shadow-4.1.5.1/man/groupmems.8.xml	2015-12-18 12:27:08.466909647 +0100
9b7f02
@@ -194,6 +194,13 @@
9b7f02
 	$ chown root.groups groupmems
9b7f02
 	$ groupmems -g groups -a gk4
9b7f02
     </programlisting>
9b7f02
+
9b7f02
+    <para>
9b7f02
+      In the Red Hat Enterprise Linux 7 the <command>groupmems</command>
9b7f02
+      command is not setuid and regular users cannot use it to manipulate
9b7f02
+      the membership of their own group. This might change in future
9b7f02
+      major releases of the Red Hat Enterprise Linux.
9b7f02
+    </para>
9b7f02
   </refsect1>
9b7f02
 
9b7f02
   <refsect1 id='configuration'>
9b7f02
diff -up shadow-4.1.5.1/man/ja/man5/login.defs.5.manfix shadow-4.1.5.1/man/ja/man5/login.defs.5
9b7f02
--- shadow-4.1.5.1/man/ja/man5/login.defs.5.manfix	2012-05-25 13:45:27.000000000 +0200
9b7f02
+++ shadow-4.1.5.1/man/ja/man5/login.defs.5	2015-12-18 12:34:08.080715842 +0100
9b7f02
@@ -147,10 +147,6 @@ 以下の参照表は、
9b7f02
 shadow パスワード機能のどのプログラムが
9b7f02
 どのパラメータを使用するかを示したものである。
9b7f02
 .na
9b7f02
-.IP chfn 12
9b7f02
-CHFN_AUTH CHFN_RESTRICT
9b7f02
-.IP chsh 12
9b7f02
-CHFN_AUTH
9b7f02
 .IP groupadd 12
9b7f02
 GID_MAX GID_MIN
9b7f02
 .IP newusers 12
78f74e
diff -up shadow-4.1.5.1/man/login.defs.5.xml.manfix shadow-4.1.5.1/man/login.defs.5.xml
78f74e
--- shadow-4.1.5.1/man/login.defs.5.xml.manfix	2012-05-25 13:45:28.000000000 +0200
827aa9
+++ shadow-4.1.5.1/man/login.defs.5.xml	2014-08-29 13:31:38.364812323 +0200
78f74e
@@ -160,6 +160,17 @@
78f74e
       long numeric parameters is machine-dependent.
78f74e
     </para>
78f74e
 
78f74e
+    <para>
78f74e
+      Please note that the parameters in this configuration file control the
78f74e
+      behavior of the tools from the shadow-utils component. None of these
78f74e
+      tools uses the PAM mechanism, and the utilities that use PAM (such as the
78f74e
+      passwd command) should be configured elsewhere. The only values that
78f74e
+      affect PAM modules are <emphasis>ENCRYPT_METHOD</emphasis> and <emphasis>SHA_CRYPT_MAX_ROUNDS</emphasis>
78f74e
+      for pam_unix module, <emphasis>FAIL_DELAY</emphasis> for pam_faildelay module,
78f74e
+      and <emphasis>UMASK</emphasis> for pam_umask module. Refer to
78f74e
+      pam(8) for more information.
78f74e
+    </para>
78f74e
+
78f74e
     <para>The following configuration items are provided:</para>
78f74e
 
78f74e
     <variablelist remap='IP'>
9b7f02
@@ -248,26 +258,6 @@
9b7f02
 	</listitem>
9b7f02
       </varlistentry>
9b7f02
       <varlistentry>
9b7f02
-	<term>chfn</term>
9b7f02
-	<listitem>
9b7f02
-	  <para>
9b7f02
-	    <phrase condition="no_pam">CHFN_AUTH</phrase>
9b7f02
-	    CHFN_RESTRICT
9b7f02
-	    <phrase condition="no_pam">LOGIN_STRING</phrase>
9b7f02
-	  </para>
9b7f02
-	</listitem>
9b7f02
-      </varlistentry>
9b7f02
-      <varlistentry>
9b7f02
-	<term>chgpasswd</term>
9b7f02
-	<listitem>
9b7f02
-	  <para>
9b7f02
-	    ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
9b7f02
-	    <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
9b7f02
-	    SHA_CRYPT_MIN_ROUNDS</phrase>
9b7f02
-	  </para>
9b7f02
-	</listitem>
9b7f02
-      </varlistentry>
9b7f02
-      <varlistentry>
9b7f02
 	<term>chpasswd</term>
9b7f02
 	<listitem>
9b7f02
 	  <para>
9b7f02
@@ -278,14 +268,6 @@
9b7f02
 	  </para>
9b7f02
 	</listitem>
9b7f02
       </varlistentry>
9b7f02
-      <varlistentry condition="no_pam">
9b7f02
-	<term>chsh</term>
9b7f02
-	<listitem>
9b7f02
-	  <para>
9b7f02
-	    CHSH_AUTH LOGIN_STRING
9b7f02
-	  </para>
9b7f02
-	</listitem>
9b7f02
-      </varlistentry>
9b7f02
       
9b7f02
       
9b7f02
       <varlistentry>
9b7f02
@@ -346,34 +328,6 @@
9b7f02
       </varlistentry>
9b7f02
       
9b7f02
       
9b7f02
-      <varlistentry>
9b7f02
-	<term>login</term>
9b7f02
-	<listitem>
9b7f02
-	  <para>
9b7f02
-	    <phrase condition="no_pam">CONSOLE</phrase>
9b7f02
-	    CONSOLE_GROUPS DEFAULT_HOME
9b7f02
-	    <phrase condition="no_pam">ENV_HZ ENV_PATH ENV_SUPATH
9b7f02
-	    ENV_TZ ENVIRON_FILE</phrase>
9b7f02
-	    ERASECHAR FAIL_DELAY
9b7f02
-	    <phrase condition="no_pam">FAILLOG_ENAB</phrase>
9b7f02
-	    FAKE_SHELL
9b7f02
-	    <phrase condition="no_pam">FTMP_FILE</phrase>
9b7f02
-	    HUSHLOGIN_FILE
9b7f02
-	    <phrase condition="no_pam">ISSUE_FILE</phrase>
9b7f02
-	    KILLCHAR
9b7f02
-	    <phrase condition="no_pam">LASTLOG_ENAB</phrase>
9b7f02
-	    LOGIN_RETRIES
9b7f02
-	    <phrase condition="no_pam">LOGIN_STRING</phrase>
9b7f02
-	    LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB
9b7f02
-	    <phrase condition="no_pam">MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE
9b7f02
-	    MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB
9b7f02
-	    QUOTAS_ENAB</phrase>
9b7f02
-	    TTYGROUP TTYPERM TTYTYPE_FILE
9b7f02
-	    <phrase condition="no_pam">ULIMIT UMASK</phrase>
9b7f02
-	    USERGROUPS_ENAB
9b7f02
-	  </para>
9b7f02
-	</listitem>
9b7f02
-      </varlistentry>
9b7f02
       
9b7f02
       <varlistentry>
9b7f02
 	<term>newgrp / sg</term>
9b7f02
@@ -399,17 +353,6 @@
9b7f02
 	</listitem>
9b7f02
       </varlistentry>
9b7f02
       
9b7f02
-      <varlistentry condition="no_pam">
9b7f02
-	<term>passwd</term>
9b7f02
-	<listitem>
9b7f02
-	  <para>
9b7f02
-	    ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB
9b7f02
-	    PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN
9b7f02
-	    <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
9b7f02
-	    SHA_CRYPT_MIN_ROUNDS</phrase>
9b7f02
-	  </para>
9b7f02
-	</listitem>
9b7f02
-      </varlistentry>
9b7f02
       <varlistentry>
9b7f02
 	<term>pwck</term>
9b7f02
 	<listitem>
9b7f02
@@ -436,32 +379,6 @@
9b7f02
 	  </para>
9b7f02
 	</listitem>
9b7f02
       </varlistentry>
9b7f02
-      <varlistentry>
9b7f02
-	<term>su</term>
9b7f02
-	<listitem>
9b7f02
-	  <para>
9b7f02
-	    <phrase condition="no_pam">CONSOLE</phrase>
9b7f02
-	    CONSOLE_GROUPS DEFAULT_HOME
9b7f02
-	    <phrase condition="no_pam">ENV_HZ ENVIRON_FILE</phrase>
9b7f02
-	    ENV_PATH ENV_SUPATH
9b7f02
-	    <phrase condition="no_pam">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB
9b7f02
-	    MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase>
9b7f02
-	    SULOG_FILE SU_NAME
9b7f02
-	    <phrase condition="no_pam">SU_WHEEL_ONLY</phrase>
9b7f02
-	    SYSLOG_SU_ENAB
9b7f02
-	    <phrase condition="no_pam">USERGROUPS_ENAB</phrase>
9b7f02
-	  </para>
9b7f02
-	</listitem>
9b7f02
-      </varlistentry>
9b7f02
-      <varlistentry>
9b7f02
-	<term>sulogin</term>
9b7f02
-	<listitem>
9b7f02
-	  <para>
9b7f02
-	    ENV_HZ
9b7f02
-	    <phrase condition="no_pam">ENV_TZ</phrase>
9b7f02
-	  </para>
9b7f02
-	</listitem>
9b7f02
-      </varlistentry>
9b7f02
       <varlistentry>
9b7f02
 	<term>useradd</term>
9b7f02
 	<listitem>
9f90df
diff -up shadow-4.1.5.1/man/useradd.8.xml.manfix shadow-4.1.5.1/man/useradd.8.xml
9b7f02
--- shadow-4.1.5.1/man/useradd.8.xml.manfix	2015-12-17 14:05:47.930742412 +0100
9b7f02
+++ shadow-4.1.5.1/man/useradd.8.xml	2015-12-17 14:05:47.945742754 +0100
9b7f02
@@ -134,8 +134,8 @@
9b7f02
 	    <replaceable>HOME_DIR</replaceable> is not specified.
9b7f02
 	    <replaceable>BASE_DIR</replaceable> is
9b7f02
 	    concatenated with the account name to define the home directory. 
9b7f02
-	    If the <option>-m</option> option is not used,
9b7f02
-	    <replaceable>BASE_DIR</replaceable> must exist.
9b7f02
+	    The <replaceable>BASE_DIR</replaceable> must exist otherwise
9b7f02
+	    the home directory cannot be created.
9b7f02
 	  </para>
9b7f02
 	  <para>
9b7f02
 	    If this option is not specified, <command>useradd</command>
9f90df
@@ -161,7 +161,7 @@
9f90df
       </varlistentry>
9f90df
       <varlistentry>
9f90df
 	<term>
9f90df
-	  <option>-d</option>, <option>--home</option>
9f90df
+	  <option>-d</option>, <option>--home-dir</option>
9f90df
 	  <replaceable>HOME_DIR</replaceable>
9f90df
 	</term>
9f90df
 	<listitem>
9b7f02
@@ -171,8 +171,7 @@
9b7f02
 	    login directory. The default is to append the
9b7f02
 	    <replaceable>LOGIN</replaceable> name to
9b7f02
 	    <replaceable>BASE_DIR</replaceable> and use that as the login
9b7f02
-	    directory name. The directory <replaceable>HOME_DIR</replaceable>
9b7f02
-	    does not have to exist but will not be created if it is missing.
9b7f02
+	    directory name.
9b7f02
 	  </para>
9b7f02
 	</listitem>
9b7f02
       </varlistentry>
9b7f02
@@ -358,11 +357,16 @@
9f90df
 	    <option>CREATE_HOME</option> is not enabled, no home
9f90df
 	    directories are created.
9f90df
 	  </para>
9f90df
+	  <para>
9f90df
+	    The directory where the user's home directory is created must
9f90df
+	    exist and have proper SELinux context and permissions. Otherwise
9f90df
+	    the user's home directory cannot be created or accessed.
9f90df
+	  </para>
9f90df
 	</listitem>
9f90df
       </varlistentry>
9f90df
       <varlistentry>
9f90df
 	<term>
9f90df
-	  <option>-M</option>
9f90df
+	  <option>-M</option>, <option>--no-create-home</option>
9f90df
 	</term>
9f90df
 	<listitem>
9f90df
 	  <para>
827aa9
diff -up shadow-4.1.5.1/man/usermod.8.xml.manfix shadow-4.1.5.1/man/usermod.8.xml
827aa9
--- shadow-4.1.5.1/man/usermod.8.xml.manfix	2012-05-25 13:45:29.000000000 +0200
827aa9
+++ shadow-4.1.5.1/man/usermod.8.xml	2014-08-29 13:33:40.814632618 +0200
827aa9
@@ -132,7 +132,8 @@
827aa9
 	    If the <option>-m</option>
827aa9
 	    option is given, the contents of the current home directory will
827aa9
 	    be moved to the new home directory, which is created if it does
827aa9
-	    not already exist.
827aa9
+	    not already exist. If the current home directory does not exist
827aa9
+	    the new home directory will not be created.
827aa9
 	  </para>
827aa9
 	</listitem>
827aa9
       </varlistentry>
827aa9
@@ -261,7 +262,8 @@
827aa9
 	<listitem>
827aa9
 	  <para>
827aa9
 	    Move the content of the user's home directory to the new
827aa9
-	    location.
827aa9
+	    location. If the current home directory does not exist
827aa9
+	    the new home directory will not be created.
827aa9
 	  </para>
827aa9
 	  <para>
827aa9
 	    This option is only valid in combination with the