diff -up shadow-4.1.5.1/man/chage.1.xml.manfix shadow-4.1.5.1/man/chage.1.xml

--- shadow-4.1.5.1/man/chage.1.xml.manfix	2012-05-25 13:45:27.000000000 +0200

+++ shadow-4.1.5.1/man/chage.1.xml	2014-08-29 13:36:57.713167654 +0200

@@ -102,6 +102,9 @@

 	    Set the number of days since January 1st, 1970 when the password

 	    was last changed. The date may also be expressed in the format

 	    YYYY-MM-DD (or the format more commonly used in your area).

+	    If the <replaceable>LAST_DAY</replaceable> is set to

+	    <emphasis>0</emphasis> the user is forced to change his password

+	    on the next log on.

 	  </para>

 	</listitem>

       </varlistentry>

diff -up shadow-4.1.5.1/man/login.defs.5.xml.manfix shadow-4.1.5.1/man/login.defs.5.xml

--- shadow-4.1.5.1/man/login.defs.5.xml.manfix	2012-05-25 13:45:28.000000000 +0200

+++ shadow-4.1.5.1/man/login.defs.5.xml	2014-08-29 13:31:38.364812323 +0200

@@ -160,6 +160,17 @@

       long numeric parameters is machine-dependent.

     </para>

+    <para>

+      Please note that the parameters in this configuration file control the

+      behavior of the tools from the shadow-utils component. None of these

+      tools uses the PAM mechanism, and the utilities that use PAM (such as the

+      passwd command) should be configured elsewhere. The only values that

+      affect PAM modules are <emphasis>ENCRYPT_METHOD</emphasis> and <emphasis>SHA_CRYPT_MAX_ROUNDS</emphasis>

+      for pam_unix module, <emphasis>FAIL_DELAY</emphasis> for pam_faildelay module,

+      and <emphasis>UMASK</emphasis> for pam_umask module. Refer to

+      pam(8) for more information.

+    </para>

+

     <para>The following configuration items are provided:</para>

     <variablelist remap='IP'>

diff -up shadow-4.1.5.1/man/man1/chage.1.manfix shadow-4.1.5.1/man/man1/chage.1

--- shadow-4.1.5.1/man/man1/chage.1.manfix	2012-05-25 13:58:18.000000000 +0200

+++ shadow-4.1.5.1/man/man1/chage.1	2014-08-29 13:36:31.303559366 +0200

@@ -45,7 +45,11 @@ command are:

 .PP

 \fB\-d\fR, \fB\-\-lastday\fR \fILAST_DAY\fR

 .RS 4

-Set the number of days since January 1st, 1970 when the password was last changed\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&.

+Set the number of days since January 1st, 1970 when the password was last changed\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&. If the

+\fILAST_DAY\fR

+is set to

+\fB0\fR

+the user is forced to change his password on the next log on\&.

 .RE

 .PP

 \fB\-E\fR, \fB\-\-expiredate\fR \fIEXPIRE_DATE\fR

diff -up shadow-4.1.5.1/man/man5/login.defs.5.manfix shadow-4.1.5.1/man/man5/login.defs.5

--- shadow-4.1.5.1/man/man5/login.defs.5.manfix	2012-05-25 13:59:03.000000000 +0200

+++ shadow-4.1.5.1/man/man5/login.defs.5	2014-08-29 13:31:38.364812323 +0200

@@ -46,6 +46,14 @@ value\&. Numbers (both regular and long)

 \fI0\fR) or hexadecimal values (precede the value with

 \fI0x\fR)\&. The maximum value of the regular and long numeric parameters is machine\-dependent\&.

 .PP

+Please note that the parameters in this configuration file control the

+behavior of the tools from the shadow-utils component\&. None of these

+tools uses the PAM mechanism, and the utilities that use PAM (such as the

+passwd command) should be configured elsewhere\&. The only values that

+affect PAM modules are \fBENCRYPT_METHOD\fR and \fBSHA_CRYPT_MAX_ROUNDS\fR for pam_unix module,

+\fBFAIL_DELAY\fR for pam_faildelay module, and \fBUMASK\fR for pam_umask module\&. Refer to

+pam(8) for more information\&.

+.PP

 The following configuration items are provided:

 .PP

 \fBCHFN_AUTH\fR (boolean)

@@ -625,20 +633,6 @@ will create by default a group with the

 .PP

 The following cross references show which programs in the shadow password suite use which parameters\&.

 .PP

-chfn

-.RS 4

-

-CHFN_AUTH

-CHFN_RESTRICT

-LOGIN_STRING

-.RE

-.PP

-chgpasswd

-.RS 4

-ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB

-SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS

-.RE

-.PP

 chpasswd

 .RS 4

@@ -646,11 +640,6 @@ ENCRYPT_METHOD MD5_CRYPT_ENAB

 SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS

 .RE

 .PP

-chsh

-.RS 4

-CHSH_AUTH LOGIN_STRING

-.RE

-.PP

 gpasswd

 .RS 4

 ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB

@@ -692,29 +681,6 @@ grpunconv

 MAX_MEMBERS_PER_GROUP

 .RE

 .PP

-login

-.RS 4

-

-CONSOLE

-CONSOLE_GROUPS DEFAULT_HOME

-ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE

-ERASECHAR FAIL_DELAY

-FAILLOG_ENAB

-FAKE_SHELL

-FTMP_FILE

-HUSHLOGIN_FILE

-ISSUE_FILE

-KILLCHAR

-LASTLOG_ENAB

-LOGIN_RETRIES

-LOGIN_STRING

-LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB

-MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB

-TTYGROUP TTYPERM TTYTYPE_FILE

-ULIMIT UMASK

-USERGROUPS_ENAB

-.RE

-.PP

 newgrp / sg

 .RS 4

 SYSLOG_SG_ENAB

@@ -727,12 +693,6 @@ SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUND

 SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK

 .RE

 .PP

-passwd

-.RS 4

-ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN

-SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS

-.RE

-.PP

 pwck

 .RS 4

 PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE

@@ -743,26 +703,6 @@ pwconv

 PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE

 .RE

 .PP

-su

-.RS 4

-

-CONSOLE

-CONSOLE_GROUPS DEFAULT_HOME

-ENV_HZ ENVIRON_FILE

-ENV_PATH ENV_SUPATH

-ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE QUOTAS_ENAB

-SULOG_FILE SU_NAME

-SU_WHEEL_ONLY

-SYSLOG_SU_ENAB

-USERGROUPS_ENAB

-.RE

-.PP

-sulogin

-.RS 4

-ENV_HZ

-ENV_TZ

-.RE

-.PP

 useradd

 .RS 4

 CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK

diff -up shadow-4.1.5.1/man/man8/useradd.8.manfix shadow-4.1.5.1/man/man8/useradd.8

--- shadow-4.1.5.1/man/man8/useradd.8.manfix	2014-08-29 13:31:38.347811932 +0200

+++ shadow-4.1.5.1/man/man8/useradd.8	2014-08-29 13:31:38.364812323 +0200

@@ -85,7 +85,7 @@ by default\&.

 Any text string\&. It is generally a short description of the login, and is currently used as the field for the user\*(Aqs full name\&.

 .RE

 .PP

-\fB\-d\fR, \fB\-\-home\fR \fIHOME_DIR\fR

+\fB\-d\fR, \fB\-\-home\-dir\fR \fIHOME_DIR\fR

 .RS 4

 The new user will be created using

 \fIHOME_DIR\fR

@@ -220,9 +220,13 @@ option) will be copied to the home direc

 By default, if this option is not specified and

 \fBCREATE_HOME\fR

 is not enabled, no home directories are created\&.

+.sp

+The directory where the user\*(Aqs home directory is created must

+exist and have proper SELinux context and permissions\&. Otherwise

+the user\*(Aqs home directory cannot be created or accessed\&.

 .RE

 .PP

-\fB\-M\fR

+\fB\-M\fR, \fB\-\-no\-create\-home\fR

 .RS 4

 Do not create the user\*(Aqs home directory, even if the system wide setting from

 /etc/login\&.defs

diff -up shadow-4.1.5.1/man/man8/usermod.8.manfix shadow-4.1.5.1/man/man8/usermod.8

--- shadow-4.1.5.1/man/man8/usermod.8.manfix	2012-05-25 13:59:33.000000000 +0200

+++ shadow-4.1.5.1/man/man8/usermod.8	2014-08-29 13:35:27.343086211 +0200

@@ -63,7 +63,7 @@ The user\*(Aqs new login directory\&.

 .sp

 If the

 \fB\-m\fR

-option is given, the contents of the current home directory will be moved to the new home directory, which is created if it does not already exist\&.

+option is given, the contents of the current home directory will be moved to the new home directory, which is created if it does not already exist\&. If the current home directory does not exist the new home directory will not be created\&.

 .RE

 .PP

 \fB\-e\fR, \fB\-\-expiredate\fR \fIEXPIRE_DATE\fR

@@ -143,7 +143,7 @@ Move the content of the user\*(Aqs home

 This option is only valid in combination with the

 \fB\-d\fR

 (or

-\fB\-\-home\fR) option\&.

+\fB\-\-home\fR) option\&. If the current home directory does not exist the new home directory will not be created\&.

 .sp

 \fBusermod\fR

diff -up shadow-4.1.5.1/man/useradd.8.xml.manfix shadow-4.1.5.1/man/useradd.8.xml

--- shadow-4.1.5.1/man/useradd.8.xml.manfix	2014-08-29 13:31:38.347811932 +0200

+++ shadow-4.1.5.1/man/useradd.8.xml	2014-08-29 13:31:38.364812323 +0200

@@ -161,7 +161,7 @@

       </varlistentry>

       <varlistentry>

 	<term>

-	  <option>-d</option>, <option>--home</option>

+	  <option>-d</option>, <option>--home-dir</option>

 	  <replaceable>HOME_DIR</replaceable>

 	</term>

 	<listitem>

@@ -358,11 +358,16 @@

 	    <option>CREATE_HOME</option> is not enabled, no home

 	    directories are created.

 	  </para>

+	  <para>

+	    The directory where the user's home directory is created must

+	    exist and have proper SELinux context and permissions. Otherwise

+	    the user's home directory cannot be created or accessed.

+	  </para>

 	</listitem>

       </varlistentry>

       <varlistentry>

 	<term>

-	  <option>-M</option>

+	  <option>-M</option>, <option>--no-create-home</option>

 	</term>

 	<listitem>

 	  <para>

diff -up shadow-4.1.5.1/man/usermod.8.xml.manfix shadow-4.1.5.1/man/usermod.8.xml

--- shadow-4.1.5.1/man/usermod.8.xml.manfix	2012-05-25 13:45:29.000000000 +0200

+++ shadow-4.1.5.1/man/usermod.8.xml	2014-08-29 13:33:40.814632618 +0200

@@ -132,7 +132,8 @@

 	    If the <option>-m</option>

 	    option is given, the contents of the current home directory will

 	    be moved to the new home directory, which is created if it does

-	    not already exist.

+	    not already exist. If the current home directory does not exist

+	    the new home directory will not be created.

 	  </para>

 	</listitem>

       </varlistentry>

@@ -261,7 +262,8 @@

 	<listitem>

 	  <para>

 	    Move the content of the user's home directory to the new

-	    location.

+	    location. If the current home directory does not exist

+	    the new home directory will not be created.

 	  </para>

 	  <para>

 	    This option is only valid in combination with the