diff -up shadow-4.1.5.1/man/login.defs.5.xml.manfix shadow-4.1.5.1/man/login.defs.5.xml
--- shadow-4.1.5.1/man/login.defs.5.xml.manfix 2012-05-25 13:45:28.000000000 +0200
+++ shadow-4.1.5.1/man/login.defs.5.xml 2014-02-12 11:18:36.126334872 +0100
@@ -160,6 +160,17 @@
long numeric parameters is machine-dependent.
</para>
+ <para>
+ Please note that the parameters in this configuration file control the
+ behavior of the tools from the shadow-utils component. None of these
+ tools uses the PAM mechanism, and the utilities that use PAM (such as the
+ passwd command) should be configured elsewhere. The only values that
+ affect PAM modules are <emphasis>ENCRYPT_METHOD</emphasis> and <emphasis>SHA_CRYPT_MAX_ROUNDS</emphasis>
+ for pam_unix module, <emphasis>FAIL_DELAY</emphasis> for pam_faildelay module,
+ and <emphasis>UMASK</emphasis> for pam_umask module. Refer to
+ pam(8) for more information.
+ </para>
+
<para>The following configuration items are provided:</para>
<variablelist remap='IP'>
diff -up shadow-4.1.5.1/man/man5/login.defs.5.manfix shadow-4.1.5.1/man/man5/login.defs.5
--- shadow-4.1.5.1/man/man5/login.defs.5.manfix 2012-05-25 13:59:03.000000000 +0200
+++ shadow-4.1.5.1/man/man5/login.defs.5 2014-02-12 11:26:27.159851843 +0100
@@ -46,6 +46,14 @@ value\&. Numbers (both regular and long)
\fI0\fR) or hexadecimal values (precede the value with
\fI0x\fR)\&. The maximum value of the regular and long numeric parameters is machine\-dependent\&.
.PP
+Please note that the parameters in this configuration file control the
+behavior of the tools from the shadow-utils component\&. None of these
+tools uses the PAM mechanism, and the utilities that use PAM (such as the
+passwd command) should be configured elsewhere\&. The only values that
+affect PAM modules are \fBENCRYPT_METHOD\fR and \fBSHA_CRYPT_MAX_ROUNDS\fR for pam_unix module,
+\fBFAIL_DELAY\fR for pam_faildelay module, and \fBUMASK\fR for pam_umask module\&. Refer to
+pam(8) for more information\&.
+.PP
The following configuration items are provided:
.PP
\fBCHFN_AUTH\fR (boolean)
@@ -625,20 +633,6 @@ will create by default a group with the
.PP
The following cross references show which programs in the shadow password suite use which parameters\&.
.PP
-chfn
-.RS 4
-
-CHFN_AUTH
-CHFN_RESTRICT
-LOGIN_STRING
-.RE
-.PP
-chgpasswd
-.RS 4
-ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
-SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS
-.RE
-.PP
chpasswd
.RS 4
@@ -646,11 +640,6 @@ ENCRYPT_METHOD MD5_CRYPT_ENAB
SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS
.RE
.PP
-chsh
-.RS 4
-CHSH_AUTH LOGIN_STRING
-.RE
-.PP
gpasswd
.RS 4
ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
@@ -692,29 +681,6 @@ grpunconv
MAX_MEMBERS_PER_GROUP
.RE
.PP
-login
-.RS 4
-
-CONSOLE
-CONSOLE_GROUPS DEFAULT_HOME
-ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE
-ERASECHAR FAIL_DELAY
-FAILLOG_ENAB
-FAKE_SHELL
-FTMP_FILE
-HUSHLOGIN_FILE
-ISSUE_FILE
-KILLCHAR
-LASTLOG_ENAB
-LOGIN_RETRIES
-LOGIN_STRING
-LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB
-MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB
-TTYGROUP TTYPERM TTYTYPE_FILE
-ULIMIT UMASK
-USERGROUPS_ENAB
-.RE
-.PP
newgrp / sg
.RS 4
SYSLOG_SG_ENAB
@@ -727,12 +693,6 @@ SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUND
SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK
.RE
.PP
-passwd
-.RS 4
-ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN
-SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS
-.RE
-.PP
pwck
.RS 4
PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
@@ -743,26 +703,6 @@ pwconv
PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
.RE
.PP
-su
-.RS 4
-
-CONSOLE
-CONSOLE_GROUPS DEFAULT_HOME
-ENV_HZ ENVIRON_FILE
-ENV_PATH ENV_SUPATH
-ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE QUOTAS_ENAB
-SULOG_FILE SU_NAME
-SU_WHEEL_ONLY
-SYSLOG_SU_ENAB
-USERGROUPS_ENAB
-.RE
-.PP
-sulogin
-.RS 4
-ENV_HZ
-ENV_TZ
-.RE
-.PP
useradd
.RS 4
CREATE_HOME GID_MAX GID_MIN MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK
diff -up shadow-4.1.5.1/man/man8/useradd.8.manfix shadow-4.1.5.1/man/man8/useradd.8
--- shadow-4.1.5.1/man/man8/useradd.8.manfix 2013-11-27 10:25:34.740049650 +0100
+++ shadow-4.1.5.1/man/man8/useradd.8 2013-11-27 10:25:34.758050045 +0100
@@ -85,7 +85,7 @@ by default\&.
Any text string\&. It is generally a short description of the login, and is currently used as the field for the user\*(Aqs full name\&.
.RE
.PP
-\fB\-d\fR, \fB\-\-home\fR \fIHOME_DIR\fR
+\fB\-d\fR, \fB\-\-home\-dir\fR \fIHOME_DIR\fR
.RS 4
The new user will be created using
\fIHOME_DIR\fR
@@ -220,9 +220,13 @@ option) will be copied to the home direc
By default, if this option is not specified and
\fBCREATE_HOME\fR
is not enabled, no home directories are created\&.
+.sp
+The directory where the user\*(Aqs home directory is created must
+exist and have proper SELinux context and permissions\&. Otherwise
+the user\*(Aqs home directory cannot be created or accessed\&.
.RE
.PP
-\fB\-M\fR
+\fB\-M\fR, \fB\-\-no\-create\-home\fR
.RS 4
Do not create the user\*(Aqs home directory, even if the system wide setting from
/etc/login\&.defs
diff -up shadow-4.1.5.1/man/useradd.8.xml.manfix shadow-4.1.5.1/man/useradd.8.xml
--- shadow-4.1.5.1/man/useradd.8.xml.manfix 2013-11-27 10:25:34.740049650 +0100
+++ shadow-4.1.5.1/man/useradd.8.xml 2013-11-27 10:25:34.759050067 +0100
@@ -161,7 +161,7 @@
</varlistentry>
<varlistentry>
<term>
- <option>-d</option>, <option>--home</option>
+ <option>-d</option>, <option>--home-dir</option>
<replaceable>HOME_DIR</replaceable>
</term>
<listitem>
@@ -358,11 +358,16 @@
<option>CREATE_HOME</option> is not enabled, no home
directories are created.
</para>
+ <para>
+ The directory where the user's home directory is created must
+ exist and have proper SELinux context and permissions. Otherwise
+ the user's home directory cannot be created or accessed.
+ </para>
</listitem>
</varlistentry>
<varlistentry>
<term>
- <option>-M</option>
+ <option>-M</option>, <option>--no-create-home</option>
</term>
<listitem>
<para>